Life. Love. Tech... and other stuff. http://lrvick.net/blog/ Fri, 20 Jan 2012 22:32:05 lance@lrvick.net ({ config.author }) http://lrvick.net/blog/why_software_projects_go_wrong why_software_projects_go_wrong In most cases? Because they are not planned, managed, and delegated well. In order for a software project to be successful, particularly in an agency environment that has lots of clients, employees, and layers of communications, a strict set of operating ... Tue, 10 Jan 2012 21:39:42 In most cases? Because they are not planned, managed, and delegated well. In order for a software project to be successful, particularly in an agency environment that has lots of clients, employees, and layers of communications, a strict set of operating procedures is a fundamental requirement. Based on my experience working with many agencies, founding companies (now on my 4th), and having to take an active role at just about every stage of many projects... I will attempt to share what I feel to be best practices to ensure success. These are all things that if not at least somewhat adhered to, will usually render projects that never end, and plummeting company morale. The following could probably apply to many types of projects, but based on my experience I can only speak for software projects. Below I will break the rest of this article into four stages: Introduction, Definition, Production, and Delivery. For all intensive purposes this all applies to startups as well and the word "client" can be used interchangeably with "investor" Introduction Stage This is where a prospect is first contacted. Here they are enticed by a sales agent about how your team can help improve any combination of sales, public exposure, or overall usability of web/tech offerings. This is the point where hopefully a prospect becomes engaged and willing to take the time required to begin planning the project in order to get a quote. Failure in this stage usually creates a nightmare and loss of money for the company. Getting prospective client expectations set correctly here is absolutely critical. Tell the truth Not knowing team limitations is not an excuse. Sales agents in most cases know nothing about what really goes into software engineering, and as such everything is magic to them. If not properly controlled, they will simply tell a prospect whatever they think they want to hear for easy kudos or commissions. This works out fine until the work produced by the team does not live up to the promises made by the sales agent. Sadly however the punishment for this mistake usually falls on engineering teams who end up having to work insane hours only to still fail to meet the unrealistic expectations set in the introduction stage. Sell from an engineer-approved list Sales agents should only be allowed to sell from a very clear list of defined possibilities and general services. List and any modifications should only be considered valid when approved by a senior engineer. Don't tell prospects what they want Let them tell you. Lots of well crafted questions should be asked here so that a prospect gets a chance to express things in their company that could be better, so where applicable they can be directed to solutions your team is already prepared to offer. If a sales agent simply throws out a bunch of things prospects will often say "oh yes I want all of that", instead of honing in on the things they really need and would actually use based on answers to qualifying questions. Feed them just enough to get them talking about problems, or less than optimal situations your team might have solutions for. Do not discuss schedules Discussing even a general time frame with a prospect, until well into the definition stage is project suicide. A sales agent should not release any time frames that have not been signed off on by engineers, when enough information exists to do so accurately. Instead questions like this should be sought as an opportunity to encourage a client to invest time in a definition stage so you can work out the real answers to timeline questions together. Definition stage At this point a prospect is interested in building out a "blueprint" or "story board" of exactly what your company intends to do for them with a time frame and quote. If the initial sales stage was done correctly, a prospect at this point still has no quote, and no time frame but has been "hooked" and now wants both. Wire-frame everything At this stage a UX developer should be involved to help work with the client to iterate over at least functional wire frames that very clearly define every human-facing aspect of the project. What functions will exist where, examples of every type of output, what functions will be provided to users vs employees, etc. A given set of wire frames and overall project plan can not be considered approved or ready for quoting until it is signed off on by both the client, and a lead engineer. If due diligence is done here quotes can nearly always be provided within 10% accuracy against the final outcome. Itemize all tasks Until a project is broken into very specific tasks and components based on client-approved wire frames, the design stage is not over. Tasks should be small enough that they can be defined in hours. Anything that is defined in weeks is almost certainly made up. You also can not expect to get an engineering team to give you an accurate time estimate for a project, until it is broken up into small functionalities. This level of detail can also help a prospect see how much is involved in a given project and increase their overall respect for your team's capabilities and control of the situation. It will also help them be more understanding when you tell them how long it will take, and how much it will cost. Let engineers estimate hours If you are not the one doing the work, then you can't say exactly how long it will take. To quote from the FogzBuz article (linked below) "Any system where management writes a schedule and hands it off to programmers is doomed to fail. Only a programmer who is going to do the work can figure out what steps they will need to take to implement that feature" Block out testing and documentation time If you make the assumption that all software is going to just work on a first pass, and be easy to understand for any future party that needs to work on it, you are either a delusional optimist or you have not been around software engineering very long. If a set block of time is not left for testing and documentation it will simply not get done, and when it does not get done, it will come back to bite your company every single time. We are dealing with humans and computers here. Things will break that are not obvious and things that seem obvious will not be understood. Production Stage Now, with all proper planning and client expectation management out of the way it is time to get stuff done. Here all the hard work and detailed "blueprints" of the project are handed off fully to the engineering team, to produce. If the introduction and definition stages were done correctly, this should be a really fun experience where your engineering team can tackle the well defined challenges. This will include solving problems that there is existing experience with in new ways, or getting experience solving new challenges for the first time. At the end of this stage you should have a completed well tested work, ready to hand off to the client in the delivery stage. Commit everything Pick a version control system like git, subversion, mercurial, CVS... anything just use one. Make sure all engineers are committing frequently with detailed commit messages so your project has a very full and detailed history. People not used to working this way will complain, but it is not optional if you intend to have quality work, and any professional credibility. It also allows you to track code changes, get stats on team progress, enforce coding guidelines, and see who is pulling their weight and who is not. If the VCS history of one engineer shows he has only committed 10 lines of code in the whole project, or has not made a commit in weeks, or that every time he commits code other engineers have to immediately make repair-commits... pretty sure bet what he is hammering away at on his workstation is in strong need of review. Version control keeps everyone honest and accountable, and creates history logs that even the least technically inclined can use to gauge progress. Team managers have no excuse for not keeping a close eye on this. Document everything How do you get this up and running with fresh hardware? What special considerations exist? How are access credentials made available? What libraries or third party requirements exist? These are the sorts of questions that a new engineer walking into this project later is going to be asking. Answers must exist otherwise that future party that is mucking around in code your team produced is going to cause more harm than good. Regardless it is going to fall back on your team as that that future party is going to complain, a lot. More often than not a future problem that would be a huge ordeal can be avoided by having easily accessible detailed documentation of everything required to deploy and use a project. It is a chore for your engineers, but they are the only ones that can do it and it must be done. Test Everything If an end user can do it, then it needs to be tested. If any new code is pushed, then it must all be tested again. If bugs are not being found with a new piece of software of any complexity, then testing is probably not being taken seriously. No software is perfect. If due diligence is not given to testing, you are in practice letting your clients or users be your primary testers. That is amateur and reflects badly on your team. Don't rely on engineers for testing It is a far too common for testing to be written off as the sole responsibility of the engineering team. This is a terrible judgement. Engineers should not be bothered with the bulk of testing. Anyone can do testing, but few can do what they are doing. Secondly, engineers are the worst people to do testing from an end-user perspective. They are biased, have tunnel vision, and will often miss the obvious because their minds are focused on that next big feature to write. Get the people who are not programming to take the lead in this. Interns, graphics artists, managers, it does not matter who, but at least 2 different people with vastly different perspectives need to own this, and be willing to provide detailed bug reports to engineers with clear written steps required to reproduce the issue themselves. Do not change the plan For any reason. There are no small changes. If engineers are distracted, their minds are being taken away from the original set of goals and the project will be late, or less refined. Once the blueprint is made, and the definition stage is over, everyone needs to take their creative hats off and get down to laying the bricks. If you contract a company to build a skyscraper, an architect makes a blueprint, then a super-intendant oversees development. If you demand 5 more bathrooms and a swimming pool on the roof mid-development, it is not going to end well. Software Engineering is similar. Don't even waste time with meetings about potential new changes and polluting thought-space until the job at hand is done. Put a pin on a board and come back to it. If a feature request was not made in the definition stage, then the window was missed and in most cases it should be shelved as a future idea for a future build. If it really is a deal-breaking feature then go back to the definition stage and re-adjust everything so all expectations and deadlines are re-set and well understood. Delivery Stage If you have done the other three stages properly, this should be a very happy time, where people can take a breath, take pride in the work they have done, and get due praise from those the work is provided to. There are however some responsibilities here that should not be overlooked. Hand over everything Do the right thing. Give the client absolutely everything they would need in order to fire your company, and go with someone else. Credentials, documentation, engineer notes... everything. If you put the complete control in their hands, and you have done a good job, they will feel safe, and respected... and respect you in return. If they have to fight you to get credentials and organized documentation, it could very quickly lose your team any respect you have gained in the course of the entire project. Far better for everyone to make sure all code and documentation is in an online VCS like Github, and shared with the client. Celebrate If you are not giving your team members the due credit for the hard work they have done, especially if things go wrong that merit above-and-beyond efforts, your team morale is going to drop off the grid and you will notice your best and brightest making more frequent updates to their LinkedIn profiles. It is easy to forget we are working with humans in the software industry. Every team member has feelings and egos that need attention and respect. If you somehow can't afford to give each team member a big job-well-done bonus of some valuation every time a big project is complete, at the very least treat them all to a nice meal to let them know they are appreciated and to work out any animosity that has built up through the course of the project. Build it into the budget. It is important if you intend on keeping your team happy, productive, and around for a while. Recommended Reading This article is only the tip of the ice berg. If you are in a position to lead teams there are plenty of great materials out there you should consider taking a look at. In particular however I want to call attention to the two I have found the most helpful: The Mythical Man Month FogBugz guide to Estimating Software Tasks Closing There is a lot more that could be added to this, but the intent was to cover all the most common things that result in project failure, so they can be considered in order to provide project success. Hopefully despite the extra work, you will take some of these things to heart so your projects can be more successful. http://lrvick.net/blog/thermo_electric_axolotl_cooling thermo_electric_axolotl_cooling So in my many ventures around the interwebs I eventually ran into a picture of an unusual animal, the Axolotl. Over the years I have cared for and been aware of a lot of exotic pets but this... this was something totally new to me. On seeing pictures of ... Tue, 20 Dec 2011 11:29:27 So in my many ventures around the interwebs I eventually ran into a picture of an unusual animal, the Axolotl. Over the years I have cared for and been aware of a lot of exotic pets but this... this was something totally new to me. On seeing pictures of these for the first time I did some research, then did some more research. Turns out they are a listed as a critically endangered species existing wild in only one lake in the world. Specifically, Lake Xochimilco in a valley in the mountains of Mexico. I also learned they have some very fascinating properties such as their ability to regrow just about any body part, and some glow in the dark. If threatened, some will even permanently sacrifice their regenerative abilities in order to drop their gills, grow full tails, fire up a set of lungs, and begin life on land as a salamander. These things are like legit real-life pokemon that can "evolve" and everything. So learning all this I decide I want to procure a couple of them as pets. I found they can be bought online from Phil Vena from buy-axolotls.com who has been breeding them in his basement for several years. He has started a rescue program, as well as efforts to educate people about these fascinating animals as well as helping introduce new colors and traits to the species. I spoke to him at length a few days ago and was very impressed by his knowledge and care for the animals, and would highly recommend him to anyone who decides they want axolotls of their own. Anyway, so I got a couple ordered, then shortly after read a warning I somehow did not register before. Despite all their regenerative abilities, 75F or higher will kill them. Considering I live in Orlando, Florida... thats a problem. Right away I thought back to my years of cooling overclocked computer CPUs with liquid circuts and Thermo Electirc Cooling Elements (TEC). In short when electricity is applied to a TEC one side gets very hot, and the other gets very cold. The hot side must be controlled however it will quickly build up too much heat and cook itself. I however wanted to not jump to a hard solution if there was something cheap and available to do this for me. The best thing I could find on the market to help cool a small tank like my Fluval Edge was the IceProbe, at about $120 shipped. Considering the fact that its maximum temperature drop is only 3-6 degrees at best, and that it would not even fit in the tank... I looked for external cooling options. Cheapest external cooler I could find was an Aqua Euro USA chiller at $290. Thats the lowest end of these units, most at well over $500. There is also the fact it would be a huge brick nearly the size of my tank I have to put somewhere. These facts didn't sit well, so I then jumped into #familab on IRC to discuss the TEC based DIY options. After looking at some TEC prices, and finding they are only about $5 for a 40mm^2 77watt unit, I thought building it was probably a smaller and less expensive path. On talking to Kyle on #familab to IRC he helped me pick out some compatible parts to sandwich the TEC and give me the final push I needed to just make it. Ordered it all that night and a couple days later brought it all to Familab for the 2011 Holiday Party. Had to mill out some holes that did not quite fit and then Kyle and I got it all put together. Hot side of the TEC gets a conventional universal mount Fan CPU cooler, and the cold side gets a universal mount water block CPU cooler. The 40mm TEC unit was a perfect fit between them. We then set up a water pump to pull water out of a 2 liter bottle, through the water block mounted to the cold side of the active TEC unit, back out to the bottle. Within a few hours the bottle was down to a brisk 53 degrees. Success! Next I took it all home and got it all integrated into my tank, and let it run. Several hours later it was down to 65F, and considering Axolotls are happy anywhere between 40-72F, this would do perfectly. I then added a digital thermometer I got off Ebay for a couple dollars by dremeling out a hole in the front bezel and used some coat hanger parts to build a bracket to hang it. I also added a power rod to wire it all up neatly, and then introduced my two new pets which were previously living in buckets in front of my air conditiner. I now have my Axolotls happily living on my desk next to me. When I get frustrated with a programming challenge I can just look over and go "You are very strange creatures, and you amuse me" then go back to my work refreshed. Though I may well make some modifications to this design in the future or invest in a larger tank at some point, I am pretty happy with how this setup turned out. It seems to be a perfectly viable option for people who need to keep cold-water species that don't feel like shelling out about $300 on a commercially sold water chiller. Here are some pics of the "finished" product and process: http://lrvick.net/blog/my_mobile_tech_office_replaced_with_android my_mobile_tech_office_replaced_with_android An entire mobile support office, now replaced with my phone. I am 24 years of age, and I am feeling my age. Seriously. I grew up with MP3 players (had the first Rio), Gameboy advance, Yo-Yos with ball bearing suspension systems, electric scooters, ... Tue, 22 Feb 2011 17:32:49 An entire mobile support office, now replaced with my phone. I am 24 years of age, and I am feeling my age. Seriously. I grew up with MP3 players (had the first Rio), Gameboy advance, Yo-Yos with ball bearing suspension systems, electric scooters, Internet access as soon as I was old enough to type. My first computer was powered by a 366mhz pentium 2 I built myself. I was an early adopter and usually stayed on the front lines of tech. When I started running my own company a few years ago, I did what i needed to do with what I had available. To that end I put together a mobile tech support office system in my old pickup truck. This included: A 600Mhz police-issue touchscreen CF27 toughbook laptop mounted with plumbing pipes (used for connecting to and managing servers on the go, printing receipts, accepting payments, etc) A Sprint Novatell PCMCIA Aircard with unlimited data (60$/mo) A WRT54G-3GS PCMCIA Aircard router running OpenWRT A WRT300N Wireless Router running DD-WRT with boosted antenna power An development webserver (lighttpd) running on the WRT300N (was mapped via DynDNS to theoldblackchevypickuptruck.com) A USB hub A digital camera for taking and uploading pictures as needed of documents An iPod mini mp3 player for tunes on the go A full HP Inkjet printer in the backseat (to give customers receipts) A TomTom 720 GPS Navigation unit (to get me to the customer ;-) A dedicated Paypal account for manually processing customer credit card payments. A 80G external hard drive mounted in a custom built elastic shock absorbing cage (to store my 20G+ of music) Two high grade 2000 c/a batteries (to keep it all running for almost a day) An integrated car charger with an extension cable I could attach to the front grill to plug in every night Today, this is all replaced by my Android G2 cell phone. It still freaks me out, but it totally invalidates the entire above setup for me in every way, and in most ways does a better job at it. It matches/exceeds all of the above as follows: 800mhz CPU Built in unlimited Internet access through T-Mobile Acts as a wireless router (Via vanilla Android or Cyanogen firmware) A 32G SDHC card can comfortable store all my music Acts as a solid MP3 player on its own Acts a GPS unit that will navigate me based on location name by voice Can accept/swipe credit cards via Square?s Payment app/dongle (which also emails receipts for me) Built in 5MP digital camera for capturing any documents, job site photos I need Easily runs for often well over a day on a single charge Can easily use it to SSH into remote servers and do important admin tasks on the go Can easily run a development web server on it from a full running Debian OS on the SD card, or one of many native server apps. I have an entire truck full of hardware, in my pocket... and it also makes phone calls and is a decent gaming platform. I am a developer and I have spent plenty of the time under the hood with android phones, playing with source code, talking them apart, many types of software modifications... and I have a decent grasp on how everything works, and yet my G2 Phone running android is still a thing a wonder and magic to me every day, in comparison to to my elaborate setup in my old pickup truck. Rest in peace Old Black Chevy Pickup Truck, for though you are still rotting in a junkyard somewhere, you have not been forgotten. Know Android and I are getting along just fine, and she makes me happy. http://lrvick.net/blog/wikileaks_and_the_info_war_warm_up wikileaks_and_the_info_war_warm_up You can say what you want about WikiLeaks and groups like it. You can hate them or love them. Any human being has a right to morally judge for themselves if they are pro or anti WikiLeaks. I do however firmly believe that every human being has a moral ... Sun, 12 Dec 2010 12:11:55 You can say what you want about WikiLeaks and groups like it. You can hate them or love them. Any human being has a right to morally judge for themselves if they are pro or anti WikiLeaks. I do however firmly believe that every human being has a moral obligation to be anti-anti-WikiLeaks. Once their right to free speech is taken, yours is next. Times are changing at an exponential rate. Movies once physically bought in stores are now downloaded or streamed online for free. Musical artists that once would sue over their music being downloaded are now offering downloads themselves. This is the age of the internet. An age where knowledge truly is power, and precious stones and metals are merely decoration. It is the wild wild west all over again but where once people smuggled their whiskey in boots across borders and sent messages by pony express, we now smuggle pirated media and software to anyone with a computer, and send messages to the entire world with the click of a button. Even money has become digital, with only a fraction of the money in the world still existing in physical form, the rest being just digits in clusters of mainframe computers. Despite all of this, many are set in the old ways. Why? Because secrets are best hidden in the darkness, and there is no place for that in a digital age, where any bit of information obtained is copied endlessly and shared with the world. Yes, there are still many fighting to keep the control that the availability and accountability this new information age is taking away from them. Groups like wikileaks, are not making them very happy. Many are watching the news and spreading how our troops are going to die, and that a war is going to start over the information being leaked around. Many of the newspapers and media would tell you that information is dangerous and that you should plug your ears. I will refrain from naming names, however with a bit of research you will find some of the government officials saying that the wikileaks team should be hunt down and killed... might be doing so with alterer motives. Some of the officials that have been nosiest about silencing wikileaks, coincidentally have not had much to say about the fact some of the leaked documents are about them. If I can encourage you to do anything it is to reserve judgement until you have all the facts, and once you have said facts, take the responsibility upon yourself to share them with others. I will leave you with a quote from House Representative Ron Paul, whom when asked about WikiLeaks and free speech had the following to say: "In a free society, we are supposed to know the truth. In a society where truth becomes treason, we are in big trouble." http://lrvick.net/blog/force_craigslist_posters_to_email_you_directly force_craigslist_posters_to_email_you_directly Ever get tired of the usual slow and cumbersome process of responding to a craigslist ad? Go browse, find a post, determine if you have responded to it or not, then copy the email address to your mail client as well as the text of the ad so they know ... Fri, 07 May 2010 10:17:46 Ever get tired of the usual slow and cumbersome process of responding to a craigslist ad? Go browse, find a post, determine if you have responded to it or not, then copy the email address to your mail client as well as the text of the ad so they know what you are replying to. Perhaps even copy the post’s title to the subject of the email with re: in front of it. It is a pain and it is a big enough pain that no one has time to mess with it and by the time you do all of that, someone else has beaten you to it. Enter Craigmailer. This is a little script I put together that watches craigslist topics for you, then emails you postings from the requested threads as though they were coming directly from the posters email address. All the information is already plugged in for you. Then all you need to do is have your email client put them in their own folder to keep them out of your usual mail-flow, then perhaps install a canned-responses plugin, and reply, reply, reply. ;-) Requires PHP with working mail(), file_get_contents, and SQLite support. http://lrvick.net/blog/my_last_laugh_at_whitepages my_last_laugh_at_whitepages o I long story short I recently reached a legal agreement with WhitePages.com where they agreed to not sue me over some data I collected from their servers. I however never agreed to not blog about the experience nor did I ever agree to not share my ... Sun, 29 Apr 2012 00:32:26 o I long story short I recently reached a legal agreement with WhitePages.com where they agreed to not sue me over some data I collected from their servers. I however never agreed to not blog about the experience nor did I ever agree to not share my source code with the world as well. Woops! So it all started with the following email from WhitePages: Mr. Vick, Please find attached a letter that addresses your activities with respect to web properties owned by WhitePages, Inc. Please contact me at your earliest convenience. Sincerely, Nathan D. Webb 206-356-6949 General Counsel WhitePages, Inc. To which I promptly replied with: Hello Nathan, Yes, I respect this request and I have ceased all scripting activities with whitepages over 2 weeks ago and I will not deny them. In fact I stand impressed your team did the research needed to identify me though I did not make any particular attempts to hide my activities. The heavy traffic was indeed coming from me, and I give praise where praise is due. As I just stated however, all scripting activities ceased over 2 weeks ago. I wrote a very simple bash script in an attempt to build a database of carrier/cell phone mapping in efforts to provide a free open-source texting application for mobile phones. Over a couple weeks ago I found out that the information I need is publicly available from another source that I have chosen to use instead. If you will notice however I used no proxies and made no attempts at cloaking my scraping of the site and I hope that is proof enough my intents were anything but malicious. Using random sleeps, random user agents, and TOR proxies would of easily made my scraping undetectable had a covert malicious effort been my intent. I just wanted to save myself the trouble of copying and pasting a 170 million number blocks by hand. As you must understand it is quite troublesome to do manually. I sign all my outgoing mail with a virtually impossible to replicate 4096 bit RSA GPG signature so by all means count this as an official statement from me if needed. Your work here is done. Your client will have no more trouble from me :-) -- Lance R. Vick I was then called by Nathan later that afternoon where he informs me that whitepages carrier lookup services acquires its results from a third party, and that they pay for every search. He went on to state that the fact I had done far MORE searches than most people, that I should have to pay them to the order of $10,000 for searching so many of their public records. (Granted it was about 60 million records I pulled, but what is that between friends?) I made it clear this was not going to happen, and we went back and forth over email for the next several weeks. They eventually agreed to back off legally via a document where both parties agreed not to pursue... under one primary condition: I had to reveal the source code I used to do the scraping on their site. I did so, and all was kosher. I however do not appreciate being bullied by legal teams, and thought others out there might enjoy this simple bit of bash source code as well, which as of the writing of this article, should still work. You would think if they wanted to limit the number of searches they would put in a basic rate limiter in place like pretty much every other search tool. It would only be a few lines of code. Oh well. I am never legally allowed to run this or any similar code again, but if anyone else wants to play with it... have fun :-) http://lrvick.net/blog/email_security_with_gpg_keys email_security_with_gpg_keys When I was younger (and not quite as aware of consequences) I used to set up relay mail servers and send out perfectly spoofed mail from president@whitehouse.gov to people who made assumptions about security. My spoofs were perfect (other than the fact ... Fri, 08 May 2009 22:31:56 When I was younger (and not quite as aware of consequences) I used to set up relay mail servers and send out perfectly spoofed mail from president@whitehouse.gov to people who made assumptions about security. My spoofs were perfect (other than the fact they did not originate from white-house IP address ranges and that the president never actually sends mail from that address). My method still easily fools Gmail spam filters and I can easily impersonate anyone I want. Problem is so can thousands of other people... that will do so with worse intent than proving a point. GPG to the rescue. GPG is a free and Open Source implementation of the OpenPGP (Pretty Good Privacy) encryption standard. At a glance it seems complicated, but I will try to break it down. It works using a pair of "keys". One of them is "public" and you put it on the Internet for the world to access, and the other is private and password protected and used only to verify you are the one that created the public key, or to decrypt files that were encrypted using that public key. In email, it helps verify you are who you say you are by taking the contents of the message you are about to send and then generates a one-of-a-kind string based on that message and your private key. Anyone with your public key should be able to use that "signature" to verify you had possession of the private key and that the message has not been altered in any way. Google has finally stepped up to the plate and begun to utilize this in Gmail. Though Gmail can not yet send messages with PGP signatures yet, work is underway to allow you to at least verify them. (I verified this personally with my Gmail account though the functionality only lasted a few hours.) If someone sends you a message to your Gmail account with a PGP signature, Google will soon go find that persons public key and verify it for you. It will then place a "message was verified" message at the bottom of the email. Google finally acknowledging how important authenticity of email. Once this becomes wide-spread spam will be virtually impossible. Below I am going to detail the steps I took to create my Keypair using the command-line gnupg utility. If you are not comfortable with the command-line please check out Thunderbird+Enigmail which will automate the whole process for you and make GPG pretty painless. For the rest of you that would like to understand what is going on and do it by hand(like me) keep reading. First fire up a terminal and run "gpg --gen-key". You will be presented with an option of what type of encryption to use. You should be safe with RSA-2048... but no promises. Our computing capabilities could triple in 3 years rendering 2048 useless. Many say that is impossible, but they said the same thing about RSA-1024. My first key was RSA-1024 and that has since been obsoleted. I erred to the side of caution (read "paranoia") here and chose RSA-4096.Though it may take a while to use when sending large mail... I do not mind considering I will hopefully be able to trust this key for a very long time. 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29lrvick@baqash ~ $ gpg --gen-key Please select what kind of key you want: (1) DSA and Elgamal (default) (2) DSA (sign only) (5) RSA (sign only) Your selection? 5 RSA keys may be between 1024 and 4096 bits long. What keysize do you want? (2048) 4096 Requested keysize is 4096 bits Please specify how long the key should be valid. 0 = key does not expire = key expires in n days w = key expires in n weeks m = key expires in n months y = key expires in n years Key is valid for? (0) Key does not expire at all Is this correct? (y/N) y GnuPG needs to construct a user ID to identify your key. Real name: Lance Reagan Vick Email address: lance@reaganvick.com Comment: Personal Key You selected this USER-ID: "Lance Reagan Vick (Personal Key) " Change (N)ame, (C)omment, (E)mail or (O)kay/(Q)uit? O You need a Passphrase to protect your secret key Enter a strong passphrase twice. I do mean STRONG. Use a mix of numbers, uppercase letters, lowercase letters, and symbols. Do NOT write it down anywhere... memorize it. Half of the security of GPG is choosing a password that a robot can not easily generate. Next you should get: 1 2 3 4We need to generate a lot of random bytes. It is a good idea to perform some other action (type on the keyboard, move the mouse, utilize the disks) during the prime generation; this gives the random number generator a better chance to gain enough entropy. Do exactly that. Beat your keyboard randomly as fast as you can. Move your mouse around. Click and highlight stuff. No I am not kidding. Have fun with it! Let your cat help. Just about anything you do to your computer right now contributes to generating better random numbers tor use with your key. After a while you will get: 1 2 3 4 5 6 7 8 9 10 11 12 13 14gpg: key 36C8AAA9 marked as ultimately trusted public and secret key created and signed. gpg: checking the trustdb gpg: 3 marginal(s) needed, 1 complete(s) needed, PGP trust model gpg: depth: 0 valid: 6 signed: 2 trust: 0-, 0q, 0n, 0m, 0f, 6u gpg: depth: 1 valid: 2 signed: 0 trust: 2-, 0q, 0n, 0m, 0f, 0u gpg: next trustdb check due at 2012-01-12 pub 4096R/36C8AAA9 2009-05-09 Key fingerprint = 6B61 ECD7 6088 748C 7059 0D55 E90A 4013 36C8 AAA9 uid Lance Reagan Vick (Personal Key) Note that this key cannot be used for encryption. You may want to use the command "--edit-key" to generate a subkey for this purpose. Ok. You are all done creating the key that will be used to sign all the mail you send from now on. Now we are going to generate a "sub key" that will be used when you want to actually encrypt things, instead of just verifying they came from you. Here I am using my key id "36C8AAA9". Use whatever yours ended up being above instead. 1 2 3 4 5 6 7 8 9 10 11 12lrvick@baqash ~ $ gpg --edit-key 36C8AAA9 Secret key is available. pub 4096R/36C8AAA9 created: 2009-05-09 expires: never usage: SC trust: ultimate validity: ultimate [ultimate] (1). Lance Reagan Vick (Personal Key) Command> addkey Key is protected. You need a passphrase to unlock the secret key for user: "Lance Reagan Vick (Personal Key) " Enter the pass-phrase you just created earlier. Now you will be choosing how strong you want your encryption key to be. I again chose my paranoid-friendly RSA-4096. 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 254096-bit RSA key, ID 36C8AAA9, created 2009-05-09 Please select what kind of key you want: (2) DSA (sign only) (4) Elgamal (encrypt only) (5) RSA (sign only) (6) RSA (encrypt only) Your selection? 6 RSA keys may be between 1024 and 4096 bits long. What keysize do you want? (2048) 4096 Requested keysize is 4096 bits Please specify how long the key should be valid. 0 = key does not expire = key expires in n days w = key expires in n weeks m = key expires in n months y = key expires in n years Key is valid for? (0) 0 Key does not expire at all Is this correct? (y/N) y Really create? (y/N) y We need to generate a lot of random bytes. It is a good idea to perform some other action (type on the keyboard, move the mouse, utilize the disks) during the prime generation; this gives the random number generator a better chance to gain enough entropy. You get to have some fun once more. Flog your keyboard! I mean how often to you get a chance to just go hog wild with your computer and actually have a legitimate reason? Once generation finishes you will get the following. Enter "save" and your key is all done. 1 2 3 4 5 6pub 4096R/36C8AAA9 created: 2009-05-09 expires: never usage: SC trust: ultimate validity: ultimate sub 4096R/A649FFDA created: 2009-05-09 expires: never usage: E [ultimate] (1). Lance Reagan Vick (Personal Key) Command> save Next is an optional though highly recommended step of embedding a picture of yourself into your key. This is important step because if you get a file signed with someones key and it depicts a Chinese man, and the person you meet later is clearly an American... you might have cause for alarm. This aspect of GPG is very much like a photo ID and it is likewise very important you really do use a real head-shot of yourself, as anything else could potentially invalidate the trust of the key. Don't worry about how good it looks as you an always change it later with "gpg --edit-key" You will need to make a 240x288 JPG headshot preferably at 6k or less so your key does not end up huge. 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29lrvick@baqash ~ $ gpg --edit-key 36C8AAA9 Secret key is available. pub 4096R/36C8AAA9 created: 2009-05-09 expires: never usage: SC trust: ultimate validity: ultimate sub 4096R/A649FFDA created: 2009-05-09 expires: never usage: E [ultimate] (1). Lance Reagan Vick (Personal Key) Command> addphoto Pick an image to use for your photo ID. The image must be a JPEG file. Remember that the image is stored within your public key. If you use a very large picture, your key will become very large as well! Keeping the image close to 240x288 is a good size to use. Enter JPEG filename for photo ID: graphics/gpgphoto.jpg Is this photo correct (y/N/q)? y You need a passphrase to unlock the secret key for user: "Lance Reagan Vick (Personal Key) " 4096-bit RSA key, ID 36C8AAA9, created 2009-05-09 pub 4096R/36C8AAA9 created: 2009-05-09 expires: never usage: SC trust: ultimate validity: ultimate sub 4096R/A649FFDA created: 2009-05-09 expires: never usage: E [ultimate] (1). Lance Reagan Vick (Personal Key) [ unknown] (2) [jpeg image of size 6119] Command> save Now your shiny new key-pair is created! Now, for some damage control. What if you forget your password? What if every computer and device that contains your private key explodes? What if someone steals your key and tortures your password out of you? What if RSA-4096 is beaten in 10 years? Crap happens and you need a way to revoke that key in case it does Generate a "revocation" key file which you can use to revoke and invalidate your key. Once you generate it, put it on some physical media and store it in a safe place no one has access to but you. Your identity depends on it. 1lrvick@baqash ~ $ gpg --gen-revoke 36C8AAA9 >> /media/thumbdrive/revoke-36C8AAA9.asc Next we need to make sure the whole world has easy automated access to your public key. Though there is no "offical" server, subkeys.pgp.net is a very important server to get your key on right away. Especially before someone else puts a key on there as you. Subkeys.pgp.net is also a great service because it will in turn migrate your key out to many other partner servers for you. 1 2lrvick@baqash ~ $ gpg --keyserver subkeys.pgp.net --send-keys 36C8AAA9 gpg: sending key 36C8AAA9 to hkp server subkeys.pgp.net Finally a last optional step. If you own your own domain, and better yet if your email address is on that domain, you can export your key and upload it to you domain which further verifies you own it. Putting your key as http://yourdomain.com/0x(your key id).asc is a strong trend I have noticed, and one I will continue with until hopefully it becomes a standard. I used Rsync to upload my key here. Use whatever you want. 1 2 3 4 5 6 7 8 9lrvick@baqash ~ $ gpg --export -a 36C8AAA9 >> 0x36C8AAA9.asc lrvick@baqash ~ $ rsync -Pav 0x36C8AAA9.asc reaganvick.com:sites/lrv/ Enter passphrase for key '/home/lrvick/.ssh/id_rsa': sending incremental file list 0x36C8AAA9.asc 12318 100% 11.08MB/s 0:00:00 (xfer#1, to-check=0/1) sent 11026 bytes received 61 bytes 1167.05 bytes/sec total size is 12318 speedup is 1.11 That completes everything you can personally do to in creating a strong trusted GPG identification keyset. The next, and most important step... is getting other people who believe that you are who you say you are, to sign your key with theirs. The more verified GPG keyholders that in turn sign your key, the more valid your identity becomes. Next I will demonstrate the steps you would take to sign a key and by extension the steps someone would take to sign your key. Here I am actually signing my own key as an example which is generally a good idea regardless. If you actually know me, by all means actually do this for me and I will in exchange sign your key as well. 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39lrvick@baqash ~ $ wget http://reaganvick.com/0x36C8AAA9.asc --2009-05-10 02:31:04-- http://reaganvick.com/0x36C8AAA9.asc Resolving reaganvick.com... 66.96.251.117 Connecting to reaganvick.com|66.96.251.117|:80... connected. HTTP request sent, awaiting response... 200 OK Length: 12318 (12K) [text/plain] Saving to: `0x36C8AAA9.asc' 100%[===============================>] 12,318 --.-K/s in 0.006s 2009-05-10 02:31:04 (1.85 MB/s) - `0x36C8AAA9.asc' saved [12318/12318] lrvick@baqash ~ $ gpg --import 0x36C8AAA9.asc gpg: key 36C8AAA9: "Lance Reagan Vick (Personal Key) " not changed gpg: Total number processed: 1 gpg: unchanged: 1 lrvick@baqash ~ $ gpg --sign-key 36C8AAA9 gpg: checking the trustdb gpg: 3 marginal(s) needed, 1 complete(s) needed, PGP trust model gpg: depth: 0 valid: 5 signed: 2 trust: 0-, 0q, 0n, 0m, 0f, 5u gpg: depth: 1 valid: 2 signed: 0 trust: 2-, 0q, 0n, 0m, 0f, 0u gpg: next trustdb check due at 2012-01-12 pub 4096R/36C8AAA9 created: 2009-05-09 expires: never usage: SC trust: ultimate validity: ultimate sub 4096R/A649FFDA created: 2009-05-09 expires: never usage: E [ultimate] (1). Lance Reagan Vick (Personal Key) [ultimate] (2) [jpeg image of size 6119] Are you sure that you want to sign this key with your key "Lance Reagan Vick (Personal Key) " (36C8AAA9) Really sign? (y/N) y You need a passphrase to unlock the secret key for user: "Lance Reagan Vick (Personal Key) " 4096-bit RSA key, ID 36C8AAA9, created 2009-05-09 lrvick@baqash ~ $ gpg --export -a 36C8AAA9 > 0x36C8AAA9.asc Now you would just need to get the 0x36C8AAA9.asc file you just created to me and I would in turn overwrite my existing one on my domain and upload it to subkeys.pgp.net. Likewise if anyone signs your key and gave it back to you, you would then import that newly signed keyfile and then then re-export it back to to a keyserver as detailed above. That covers all the hard parts of GPG. From here on out just set up a GPG friendly mail client like Mutt, Evolution, or Thunderbird to sign all your outgoing mail with your new key, and no one can ever easily impersonate or alter mail from you again. You can also now easily encrypt mail to others who use GPG which means anyone who intercepts the mail gets useless garbage. If you want to test it, send me a random encrypted message. GPG really is a win win all around. By all means comment with your experiences! http://lrvick.net/blog/making_users_think_firefox_is_ie6 making_users_think_firefox_is_ie6 I have had customers... that the mere word "change" scares into tears. Some people just can not wrap their heads around concepts like Favorites being the same thing as Bookmarks. The solution? Hand them Firefox, in a way that they are not even aware you ... Tue, 11 Nov 2008 00:33:47 I have had customers... that the mere word "change" scares into tears. Some people just can not wrap their heads around concepts like Favorites being the same thing as Bookmarks. The solution? Hand them Firefox, in a way that they are not even aware you did. Everyone wins. Before you write me off as a dirty sinner... hear me out. Ever have those situations where you install a peice of software for someone for their own protection... and they uninstall it and go back to they way they were used to the second you turn your back... then everything ends up broken and it is suddenly your fault?... Yeah... I have too. This is a solution for those people. Make Firefox Look and feel exactly like IE6. (Because to people married to IE6, even the appearance of IE7 often scares them). This is also a solution for people who have "IT Professionals" over their heads that for whatever reason dictate nothing but IE6 is to be used on a network... and you know better. My recipie is as follows: Start with a totally stock Firefox Installation and be sure to import from Internet Explorer so you get the default bookmarks toolbar and what-not. Install the NoUn Buttons extension Install my Modified FirefoXP extension (My version includes a couple of cosmetic fixes, integrates the IE6 icon, and adds an "address" button for the toolbar) Install the Old Location Bar extension Install the FireSomething extension Install the PlainOldFavorites extension Install the Menu Editor extension Install the Yahoo Toolbar extension (Optional... but let's face it, virtually all IE6 users expect it to be there since it got installed by some random peice of software they used ages ago) Install the Google Toolbar extension (Also Optional... but I have seen plenty of hardcore IE6 users who insist on having both!) Go to Tools > Add-Ons then hit "Options" on Menu Editor. Select "Bookmarks" under "Edit Menu" then uncheck "Visible". Hit OK. Go to Tools > Add-Ons then hit "Options" on Firesomething. Delete everything in all 3 columns. Add "Microsoft" "Internet" and "Explorer" to those respective three columns. Hit Apply. Right click on the toolbar and select "Customize" then drag and drop everything around to match our screenshot. Remove all Internet Explorer icons on target system and put Firefox icons named "Internet Explorer" in their place. For each icon do Right click > Properties > Shortcut > Change Icon. Under "Look for icons in this file:" put "C:\Program Files\Internet Explorer\iexplore.exe" then select that evil blue E. Repent and be ashamed of yourself. My result came out like this: http://lrvick.net/blog/convincing_random_polaroids_with_imagick convincing_random_polaroids_with_imagick I would love to see people using more creative dynamic graphical effects in websites, however many of them can take ages to pull off by hand. For instance, selecting 3 images from a series of folders at random, putting them all in a scene in your ... Thu, 30 Oct 2008 16:50:30 I would love to see people using more creative dynamic graphical effects in websites, however many of them can take ages to pull off by hand. For instance, selecting 3 images from a series of folders at random, putting them all in a scene in your graphics editor of choice, adding borders, warp, dropshadow, saving it, then doing that all over and over again for hours on end, all so you could have a random photo arrangement to greet vistors to your website. This is why I love automation. PHP and iMagick style in particular. The image you see on your right, was automatically generated using the code below. Imagick is one of the easiest to use, worst documented, and most powerful tools in the arsenol of any graphics designer. Using just simple commands, you can come up with any repetitive effect you want and have it generated. Be creative, and help the web become more random and dynamic. Hopefully my example code here will help spark some ideas and give you some ideas of what iMagick is capable of. Leave a comment if you find this useful, or have any input/questions! http://lrvick.net/blog/openid_and_why_it_matters openid_and_why_it_matters OpenID is an amazing up and coming open source ( and corporate backed ) effort to accompolish a single goal: to have one login for most websites on the internet. Thanks to services starting to adopt the OpenID protocal, the same account information you ... Wed, 29 Oct 2008 22:31:30 OpenID is an amazing up and coming open source ( and corporate backed ) effort to accompolish a single goal: to have one login for most websites on the internet. Thanks to services starting to adopt the OpenID protocal, the same account information you use for sites like Wordpress, Livejournal, Google, Blogger, Yahoo, AOL, AIM, MySpace (are we namedropping yet?) can now be used as OpenID logins to hundreds of other websites around the web. The way it works is a site with OpenID support alows you to enter a special URL (Given to you by your OpenID provider. See links at bottom) and then the site you are logging into checks there to see if you are logged in with that provider currently. If you are, logs you right in, no further questions asked. If you are not yet logged in with your OpenID provider, you will be prompted by your provider to log in, then will be sent back to the page you came from and will find yourself logged in there as well. The whole thing is pretty transparent. The time of keeping a dozen passwords just to navigate around your life on the web are finally coming to a close. Keep an eye out for OpenID logo on sites you regular. Here are some resources to learn more about OpenID and sites that support it: "OpenID.net(OpenID.net)":http://OpenID.net (The main site for the OpenID project) "OpenID Directory(OpenID Directory)":http://openiddirectory.com (A massive index of sites that support OpenID) http://lrvick.net/blog/what_if_ what_if_ So I got a chance to play with Galatea by Emily Short, and was quickly reminded how much I love interactive fiction games. (Thanks to David Pflug for pointing me to it) I decided to share with the class. Interactive fiction games are like books or ... Tue, 28 Aug 2007 12:12:47 So I got a chance to play with Galatea by Emily Short, and was quickly reminded how much I love interactive fiction games. (Thanks to David Pflug for pointing me to it) I decided to share with the class. Interactive fiction games are like books or stories that you control. Think of them as text-based role playing games. They have lost popularity in recent years because people have flocked to games that do not require reading... and thinking. As a starter for those who want to dive in I present here the IF game that started it all. Zork. It went something like this: 1 2 3 4 5 6 7 8 9 10 11 12ZORK I: The Great Underground Empire Copyright (c) 1981, 1982, 1983 Infocom, Inc. All rights reserved. ZORK is a registered trademark of Infocom, Inc. Revision 88 / Serial number 840726 West of House You are standing in an open field west of a white house, with a boarded front door. There is a small mailbox here. >Go East Zork is a fantasy, a sci-fi, an adventure, a whatever you want it to be. This as the first real IF game and one of the best games of all time that I may spend the next year trying to complete. Source code has been released by infocom, and they have since disregarded copyrights, so I took the liberty of converting them into zblorb files playable in modern z-machine emulators. Download -> Zork 1 | Zork 2 | Zork 3 The game that got me hooked on IF again is Galatea by Emily Short, which is a full representation of a work of art that is alive, that you can converse with and end up with one of dozens of endings depending on how you treat her/it. Download -> Galatea For *nix/mac users these can be played with nfrotz or gargoyle (a graphical player that runs on top of nfrotz) You can easily grab these with most Linux package managers. For windows users... you might try Windows Nfrotz which is a windows compile of nfrotz, however I have not tested it and do not plan to. Enjoy. http://lrvick.net/blog/diy_nuclear_bomb diy_nuclear_bomb Adapted from an archive of an article by Mike Schmitt in 1996: First, obtain about 50 pounds (110 kg) of weapons grade Plutonium at your local supplier. A nuclear power plant is not recommended, as large quantities of missing Plutonium tends to make ... Sat, 05 May 2007 21:33:03 Adapted from an archive of an article by Mike Schmitt in 1996: First, obtain about 50 pounds (110 kg) of weapons grade Plutonium at your local supplier. A nuclear power plant is not recommended, as large quantities of missing Plutonium tends to make plant engineers unhappy. I suggest that you contact your local terrorist organization, or perhaps the Junior Achievement in your neighborhood. Please remember that Plutonium, especially pure, refined Plutonium, is somewhat dangerous. Wash your hands with soap and warm water after handling the material, and don't allow your children or pets to play in it or eat it. Any left over Plutonium dust is excellent as an insect repellent. You may wish to keep the substance in a lead box if you can find one in your local junk yard, but an old coffee can will do nicely. Fashion together a metal enclosure to house the device. Most common varieties of sheet metal can be bent to disguise this enclosure as, for example, a briefcase; a lunch pail; or a Buick. Do not use tinfoil. Arrange the Plutonium into two hemispherical shapes, separated by about 4 cm. Use rubber cement to hold the Plutonium dust together. Now get about 100 pounds (220 kg) of trinitrotoluene (TNT). Gelignite is much better, but messier to work with. Your helpful hardware man will be happy to provide you with this item. Pack the TNT around the hemisphere arrangement constructed in step 4. If you cannot find Gelignite, feell free to use TNT packed in with "Play-Dough" or any modelling clay. Colored clay is acceptable, but there is no need to get fancy at this point. Enclose the structure from step 6 into the enclosure made in step 3. Use a strong glue such as "Crazy Glue" to bind the hemisphere arrangement against the enclosure to prevent accidental detonation which might result from vibration or mishandling. To detonate the device, obtain a radio controlled (RC) servo mechanism, as found in RC model airplanes and cars. With a modicum of effort, a remote plunger can be made that will strike a detonator cap to effect a small explosion. These detonator caps can be found in the electrical supply section of your local supermarket. I recommend the "Blast-O-Mactic" brand because they are "no deposit, no return". Now hide the completed device from the neighbors and children. The garage is not recommended because of high humidity and the extreme range of temperatures experienced there. Nuclear devices have been known to spontaneously detonate in these unstable conditions, causing nearby cities to become quite upset with the radiation blowing in their direction. The hall closet or under the kitchen sink will be perfectly suitable. Now you are the proud owner of a working thermonuclear device! It is a great ice-breaker at parties, and in a pinch, can be used for national defence. http://lrvick.net/blog/ambiguous_love ambiguous_love Love hurts. Love however, is not the problem is it? You know the truth don’t you? People hurt people. People often say they love us but, why then do they still often make our lives miserable? Sometimes what we think is so perfect… so beautiful, is ... Thu, 01 Mar 2007 21:03:23 Love hurts. Love however, is not the problem is it? You know the truth don’t you? People hurt people. People often say they love us but, why then do they still often make our lives miserable? Sometimes what we think is so perfect… so beautiful, is nothing more than a lie. A beautiful lie. In the midst of this, who can tell fact from fiction, love from hate or something sometimes so much worse, apathy? Picture a boy who, by some very odd unheard of twist in life, finds himself enamored with a particular girl. Do those feelings for her make her a perfect match for him? Do they somehow mold her into the perfection he sees in her? Perhaps she is beautiful… charming. What if she instead of brushing him off, she sees opportunity. She responds to his feelings and meets his every dream of her. Something beautiful and perfect he always wanted. Is she not then just a beautiful liar? When the magic and the fun wears off for her, the boy ends up growing into another broken man who found the pot of gold he had been searching for all his life, and found it to be lacking in substance so much like the rainbow he followed to obtain it. Charm is deceptive and beauty is fleeting as king Soloman observed in his proverbs. (Proverbs 31:30). What then IS love then anyway? A vapor? A feeling? Butterflies in your stomach? Some super duper, magical, ambiguous term with a secret meaning, that everyone wants in life? Perhaps the latter may be true. In the above example we can identify a common scenario of what love, is not. In life we so easily find numerous examples of what love is not, however it seems to have become a buzzword in our culture. Examples: I LOVE my mother I LOVE cheeseburgers I LOVE my husband Is it any wonder so many have such a hard time defining love? Even so hard to define, we can identify some symptoms. When you feel loved, your life is OK. Problems don’t matter so much. You are strong, invincible. If you feel loved enough, then nothing is impossible for you. People search for this feeling of being loved by having boyfriends, girlfriends, jumping into marriages… Meaningless superficial foundations to build on in this bitter life. Consider it like building a house on the beach. (Matthew 7:26-27) It can be the most beautiful house ever built, fit for a king and queen. That is at least until rainy season hits and high tides leave only broken pieces and memories. People put all their faith in these relationships, and when the waves come and it all falls apart, so do we. Why then do people, who far deep down probably know all this to a deeper level than it is presented here, still keep dating around and marrying and divorcing? People seem to keep this up until all their emotional resources are spent up, the gas runs out, and they are cold, alone, and stranded the rest of their lives with no will to go on. Perhaps you know the feeling too. With every relationship we enter, that turns out to be yet another golden hologram, a beautiful lie, we find that we handed away yet another chunk of our heart. We do this until there is nothing left anymore. Better to contract an incurable illness, and die in the company of those who you know care about you dearly, than to live to a ripe old age knowing your life was all built on one, or several, false loves. Loves which eventually died, and you with them. To die alone, unloved, with nothing but memories to get you through each day. Far better to ask the one who promises the desires of our hearts (Psalms 37:4). The one who created us with these hormones, and wants, and needs; This need to feel love and companionship. No one, NO ONE, Is designed to die the death of loneliness. It is not good for man to be alone (Gen. 2:18). Yet without realizing it so often we commit spiritual suicide chasing the vapor of our own ideas of what love is until we find ourselves in the very place described above. We also hurt those who want to love us, but we are unable to feel that love anymore, because it is all wasted and spent. No more trust is left in those who are hurt burnt and broken to even recognize real love when it is before them. Identifying what love is, and the types of love, is one of the most important things we can do in this life. Without that, everything IS meaningless (Ecclesiastes 1:2), and we are but walking dead looking for our graves. Let us have a look at Soloman again, but before we do remember the above examples of the word love. English destroys its meaning, so we must turn to the language King Soloman actually wrote in to get a better idea of his real views of love. In the Hebrew, in Song of songs, Soloman used three distinct words for love, which transliterated to the English alphabet, are as follows. (Note: The main words are spelled phonetically here as they would be pronounced using English letters) Raya The love of close friendship and trust between a male with a female. Soloman uses this as the word for love, directed to his Beloved, at least 9 times. Example: Song of Songs 1:9 Transliterated Hebrew: le.su.sa.ti be.rikh.vei far.o di.mi.tikh (ra.ya.ti) I have compared thee, O my love(ra-ya-ti), to a steed in Pharaoh’s chariots. (The root word hy[r means literally companion or intimate friend.) Ahava The love of making plans, having commitment, reliability, and most of all… trust. In the context of love between a man and woman this usually leads to marriage and can continue to grow with time in a marriage. Example: Song of Songs 2:7 Transliterated Hebrew: hish.ba.ti et.khem be.not ye.ro.u.sha.lam bits.va.ot o be.ai.lot ha.sa.de im-ta.i.ru ve.im-te.or.ru et-ha.(a.ha.va) ad she.tekh.pats I adjure you, O daughters of Jerusalem, by the gazelles, and by the hinds of the field, that ye awaken not, nor stir up love(ah-ha-va), until it please. (The root word hbha is defined as an action or a verb. This is not love as an emotion or feeling, but as an action.) Dode The hormonally based, erotic side of love, that most of us (especially males) are hardwired to want and experience. We only get to properly experience the real thing however, after the above two loves are in place. Example: Song of Songs 1:2 Transliterated Hebrew: yi.sha.ke.ni min.shi.kot pi.hu ki-to.vim (do.dei).kha mi.ya.yin Let him kiss me with the kisses of his mouth–for thy love(do-dei) is better than wine. (The root word dwd means by itself literally to boil.) Here, perhaps more clearly, we can see Soloman really was trying to illustrate the perfect compliment each of these loves make to each other. This forms a complete picture of true love as he so poetically illustrates in his Song of Songs. In essence he shows a man is supposed to seek out a close friend, instead of a superficial relationship in a girlfriend, without foundation. He is supposed to seek out just a close female friend, as just a friend, that he can learn to trust; to learn from. As an objective for a female raya becomes rayati. A man is to seek out a Rayati. If that relationship turns to be one that both benefit from greatly over time it can GROW to become an Ahava love that grows to stages of engagement, marriage. A lifetime of getting closer to each other in the proper intended context of that marriage. Ahava is an open ended love that keeps growing with time even and especially long after the glamor and the wedding bells. Just after the Ahava starts however, we are allowed to experience Dode in a way we need feel no guilt for, with someone we have learned to completely trust and built a solid foundation with and WAIT for. Then we can let all those hardwired hormones go to their most perfect extent. The whole design of marriage and arguable point of Song of Songs itself, is to mirror our human intimate love for each other with Gods love for us, Christs love for the church. After all it is men who are given the high calling to love their wives as Christ loved the church (Ephesians 5:25). Christ loves the church that makes him wait outside when they have service, spits in his face, hung him on a cross, killed him. He was the leader and he was in CHARGE. Yet he loved the church, us, SO much he was willing to submit everything and die just for the chance that some day we might understand how much he loves us so he might have that love returned, even if in some small way. Think about that for a second, a new human race could of been created at any given time all over again that were perfect! God however made his commitment, his ultimate Ahava love, to us, his unloving bride. Now yet again husbands are called not only to be leaders but to love their wives as Chirst loved the church. In true love there is no going back, only giving everything like a what seems to be a fool; because you must; because real love requires it of you. Let us take a look at the above in contrast with todays thinking. Traditionally we function based on hormones to flirt with Dode love with one another to generate relationships to stimulate this. We then try to manufacture Raya love to keep the Dode love going on as long as possible. The problem is this is done totally bypassing the most important glue that holds it together, Ahava. In the later years when beauty and the Dode fade (Again, Proverbs 31:30), only the ever growing Ahava will fill that hole in our hearts to feel loved, and to help us weather lifes problems headstrong. The traditional attempts at love and thinking regarding it is the primary cause of the current skyrocketing divorce rates. It does not matter if someone goes to church or believes in God or not. Divorce rates are just as high inside, and outside of christian circles. It is in fact the ignorance of real love, and the proper way of obtaining it in their lives, that drive them all in the same perilous direction. Again, better to be alone and in pain than to throw your life away trying to experiment with a broken fragment of love. A partial love that will destroy large chunks of, if not all of your life, leaving you only to find all your dreams are now nearly impossible to obtain. Without hope, we are but again, walking dead. Going back to the beach analogy (Matthew 7:26-27), it is about foundation. Without a proper foundation, it is all going to backfire and spiritually kill us. If it does not do so immediately it will later; often after children are casualty to the fallout. Even though Soloman so well defines what love is, and what it looks like in practice, how can those of us who are only beginning to understand love, find it? How can a single man find a Rayati to share time with that will not hurt him? How can a single woman know when that close friend they find is worthy of sharing ahava love with? Yet again, refer to the one who gave us the desires of our hearts (Matthew 7:26-27) in the first place, and has promised to fulfill them if we trust Him. This love is found often in the Greek New Testiment and is much better known as Agape love. The perfect love for, from, and to, our Creator; and to each other through Him. There you find your focal point, and can define the path to a perfect (as man can have) relationship with simple geometry. If both you and your future spouse are both running toward the only true and perfect Agape love, eventually the three points of the triangle (him, her, God) will start to close until they intersect. Run towards Him until you, and the most perfect companion for you, cross paths. This path is you personally trying to grow in the most important love of all, the Agape love. Then the two of you having each other for support can have that foundation of real love to guide you the rest of your lives. A path you can follow until you end up in the very presence of the real one you should spend your life seeking.