words

Dispatches from the Spry Hive 2016: Week 21

Posted by Ken Moire & filed under Tips.

This post is part of a weekly series featuring the latest buzz around the Spry Hive.

“Patriotism is supporting your country all the time, and your government when it deserves it.” – Mark Twain

Around Spry

It’s been a busy week for open source community building.

This week members of Spry Digital represented the Drupal Association at the PHPTek Conference hosted May 25-27 in St. Louis. We met a lot of cool people and companies building amazing things with PHP (and Drupal) and had fun talking to attendees about the benefits of using Drupal and share some of the things we have built with it, including corporate websites, eLearning systems, and nonprofit solutions.

Speaking of nonprofit tech, we’ve also been busy preparing to travel for Ft. Collins, Colorado for this year’s CiviCon, a gathering of the CiviCRM community. Spry Digital co-founder Sheila Burkett will be on hand to lead training sessions throughout the week. CiviCon takes place between May 31 – June 8.

Thursday night we attended the DevOpsSTL meetup, where Kim Mahagee from Zivra gave an engaging presentation about how to lead successful DevOps transformations. Special thanks to Unisys for hosting the event, where there was plenty of devops discussion, pizza and beer on hand.

Content Strategy

A sound content strategy is one of the most important things you can do if you design and build content-managed websites.

We couldn’t have said it better ourselves.

Content development can be one of the biggest hurdles to delivering successful web projects. Learn how to identify and prevent content and documentation debt in this article by 18F.

User Experience Design

One of the biggest questions in user experience design is whether you are designing solutions that your customers actually want. Learn to dive deeper into customer’s wishes with this UX Thought of the Day.

Decision fatigue comes about when you give your users too many choices. Learn to improve customer experience by limiting the choices they can make.

Web Design & Development

Happy 13th Birthday, WordPress.

 

Great designers look beyond the tools. We enjoyed this read about “Maturity and the Weight of Learning”.

How to create even more fluid typography with vh and vw units.

An excellent case study on redesigning the Arriva website.

Use Git on a team? Here are some golden rules to live by.

And now, a tiny sassy alternative to Bootstrap.


Enjoy a long Memorial Day weekend, and remember those that have served our country. We’ll see you next week!

Dispatches from the Spry Hive 2016: Week 20

Posted by Ken Moire & filed under Tips.

This post is part of a weekly series featuring the latest buzz around the Spry Hive.

“I don’t believe in art. I believe in artists.” – Marcel Duchamp

Around Spry

If you’re in the St. Louis area, make your way over the World Chess Hall of Fame in the Central West End to experience their latest exhibit: Tom Hackney: Corresponding Squares: Painting the Chess Games of Marcel Duchamp. Members of Spry hit the opening Thursday night, where artist Tom Hackney described his paintings as representing the chess moves in matches between Marcel Duchamp and notable opponents.

Tom Hackney: Corresponding Squares: Painting the Chess Games of Marcel Duchamp.

Courtesy: World Chess Hall of Fame

Design

Fonts.com surveys their lovely typography-driven mastheads, designed by internal and famous guest designers.

The designer’s struggle is real. [Lorem F# Ipsum]

An article about finding the visual center of designs.

User Experience Design

Brushing up on your UX? Here are the Top 10 User Experience Articles for May.

Web Design & Development

Straight from WordCamp St. Louis, Ryan Markel shares why and how you should do a code review on your WordPress projects.

New to Drupal 8? These Drupal 8 Activity Cards are a good place to start.

Courtesy: jensimmons.com

Jen Simmons wants to help web designers break out of the boxes so common in grid-based design. So, she has launched this site that hosts some of her experiments with web layouts.

In the latest RWD podcast, the team from Vox Media discusses their approach for the responsive redesign of the Curbed website.

The Accelerated Mobile Pages (AMP) Project continues to gain traction, and will continue to do so, especially with this tool that converts all of your articles to AMP.

Misc

We were hyped to see this new teaser trailer for Twin Peaks Season 3.

This three part series by Girls Who Code skewers stereotypes about women in tech.

WSJ shows the difference between political affiliations in this social media aggregator.

 

Google ups the ante for desirable VR tech with the Tilt Brush.


See you next week!

Dispatches from the Spry Hive 2016: Week 19

Posted by Ken Moire & filed under Tips.

This post is part of a weekly series featuring the latest buzz around the Spry Hive.

“If everything seems under control, you’re just not going fast enough.”
– Mario Andretti

Around Spry

Team Spry Digital RX-7

Team Spry Digital RX-7

If you weren’t already aware, Spry’s own Sheila and Steven Burkett are members of the St. Louis SCCA. When not building websites and apps they are building race cars and organizing races. If you live near St. Louis and live for the smell of race fuel in the morning, get over to Gateway Motorsports Park where they will both be participating in the SCCA Majors Tour.

Design

The Olympic Games is the venue for the World’s top amateur athletes to come together in spirited competition. We were pleasantly surprised to learn that the arts were at one time recognized and awarded with medals, like the athletes.

Olympic Games Art

Courtesy domus

Having your logo redesigned? You may want to give it a glance upside down before approving.

User Experience Design

One of the first talks from this year’s Drupalcon in New Orleans that we’ve been able to check out is a presentation on Content-Driven UX, an approach that we are keen on.

Web Design & Development

For a dose of inspiration, check out these 99 beautiful ecommerce designs shared by Shopify.

Brutalism in Web Design

Courtesy Brandon Joyce

Washington Post shares one of the hottest trends in web design: FUGLY

If you’re still designing your mockups at 2x, read this article about the benefits of designing for 1x resolution.

Github, you da real MVP. [Introducing unlimited private repositories]

Misc

A rebel alliance has infiltrated the Pentagon, and they’re exposing cyber insecurities.

Hyundai’s exoskeleton will turn you into a mech pilot.

Stay green, Germany.

Dwarf Planet

Courtesy NASA

Oh, solar system. You’re full of surprises.


What other surprises are we in store for this week? Check back in the next Spry Hive!

Dispatches from the Spry Hive 2016: Week 18

Posted by Ken Moire & filed under Tips.

This post is part of a weekly series featuring the latest buzz around the Spry Hive.

“The world’s favorite season is the spring. All things seem possible in May.”
– Edwin Way Teale

Around Spry

Last Thursday night, Spry Digital hosted the monthly DevOps Meetup, where Andrew Lather led a discussion titled “Zero to SLDC”, which was about how to quickly stand up a systems development life cycle. If that sounds up your alley and you’d like to learn more about future events, join the DevOpsSTL group at Meetup.com.

Design

Courtesy U-Haul

The American Stove Company-Magic Chef Building in St. Louis has long been hiding one of the most stunning architectural treasures in the city, a 1940s era plaster and glass ceiling designed by artist Isamu Noguchi, that was unfortunately covered in drop ceiling in 1977. Now, building owners U-Haul have decided to restore it back to its former glory.

In branding, the most important thing you can do is establish a consistent brand everywhere. Brand.ai will assist you in creating a hosted style guide on the fly from your existing website.

Image courtesy of Medium.

Is there such a thing as too many typefaces on a project? If it’s a beautiful design, does it matter? This article makes the argument that it does not.

Web Design & Development

Keyword research tools like Google Keyword Tool have long been the key to building successful content plans and paid campaigns. Now online marketing company Moz has announced it is rolling out its own keyword research tool.

target=”_blank”. This seemingly benign piece of code may also be one of the most overlooked security vulnerabilities if you don’t give it a little attention.

Test your credit card forms with ease with the Dummy Credit Card Generator.

Our sides are still hurting after taking this developer test for cable network Adult Swim.

Misc

A team of researchers at the University of Sweden is trying to help humans understand the nuances of cat speak, coined by the team as “Meowsic”.

Enjoy the fiery demise of the Death Star in your backyard with this custom made fire pit.

Image courtesy of Trump Against Humanity.

It has come to this. [Trump Against Humanity]

If you’re the kind of person who thinks that you can never have too many friends, well you’d be wrong.

Being a bear in Yellowstone isn’t easy. But at least the scenery is nice.

For Mothers Day, here are some adorable pups and their loving mums.


Happy Mother’s Day to all of you moms of humans and furry creatures! See you for next week’s Spry Hive.

Dispatches From the Spry Hive 2016: Week 17

Posted by Ken Moire & filed under Tips.

Around Spry

The latest article from our blog focuses on what went so wrong for the law firm Mossack Fonseca that led to the Panama Papers. Insert facepalm here.

 

 

For a taste of we’ve been working on, head over to Pacient, a new company born in St. Louis that is going to change the way that we all navigate healthcare.

Just a reminder to check out some conferences that we’ll be watching, attending, sponsoring, or participating in over the next month:

May 23 – 27: PHPTek Conference
May 9 – 13: Drupalcon New Orleans
May 14 – 15: Wordcamp St. Louis

Graphic Design

Dolph Lundgren Wallpaper

Image courtesy of Signalnoise

Ask yourself… Do you have enough Dolph in your life? If the answer is no, head over to Signalnoise and grab these totally bitchin’ Dolph Lundgren wallpapers.

Content Strategy

Content strategy has long been the domain of the front-end marketers. Create better customer experiences by thinking about your content strategy as a whole.

Web Design & Development

Airbnb opens the curtains to the design process of their new app that led to innovative thinking for the company.

Typewolf curator Jeremiah Shoaf shares 30 of his favorite websites that, as you would expect, make beautiful use of web typography.

Get all of Google’s fonts in Photoshop with this free plugin by Source. See how its done Adobe/Typekit.

Misc

Librarians routinely weed out their library’s holdings to make space for new books, and in that process, they sometimes find Awful Library Books (possibly NSFW).

Our team loves Venmo for transferring funds. Well if you do use Venmo, just make sure that you don’t type in the wrong word.

http://mondotees.com/collections/archive/products/aliens-original-motion-picture-soundtrack-liquid-filled-2xlp

Image courtesy of Mondo News

As if the soundtrack to Aliens wasn’t enough to conjure up thoughts of chestbursting Xenomorphs, Mondo is releasing a version of the LP that is surely to produce nightmares. Whether that’s food coloring or actual Xenomorphic acid blood, we think it’s pretty rad.


That’s it for this week’s Spry Hive. It’s been real, April… See everybody in May!

How Cybersecurity Fails Created The Panama Papers

Posted by Ken Moire & filed under Security.

The Panama Papers leak reveals the shadowy workings of the Panamanian law firm, Mossack Fonseca, in establishing offshore corporations for businesses, politicians, heads of state, athletes and celebrities for the sake of providing tax shelters and channels for arms and human trafficking. Illegal activities aside, what is particularly shocking is the lack of cybersecurity that may have contributed to over 2.6 terabytes of emails and documents (totalling over 11.5 million in all) being nabbed by hackers and landing at the feet of the Consortium of Investigative Journalists (ICIJ), who broke the story a year after obtaining them.

Security experts have analyzed the methods by which the attackers were able to obtain the data, and what’s come to light is an astonishing lack of basic web security practices on the part of Mossack Fonseca and their web administrators. Data breaches occur every day to government, business, and personal websites with varying degrees of damage. Although the Panama Papers sheds light on secretive and largely illegal activities, security vulnerabilities like these can affect legitimate companies who want to protect their customer data.

Panama Papers, Süddeutsche Zeitung

Image courtesy of Panama Papers, Süddeutsche Zeitung

To understand the level of the security shortfalls, it helps to understand the software that Mossack Fonseca uses to power their multiple web properties. The firm uses two of the more popular content management systems (CMS) around, WordPress and Drupal, to power their public and client-facing websites, respectively. The client portal was used to share sensitive documents between the law firm and its clients. Both are written in PHP and are open source, meaning that their code base is free, accessible, and developed and maintained by community developers. While these systems can be secure environments for storing important data, the manner in which these systems were maintained, or not maintained, by Mossack Fonseca has been attributed as the cause for how attackers were able to steal the damaging documents used in the reports.

WordPress security company Wordfence analyzed the law firm’s web hosting environment following the leaks to determine how attackers may have obtained all of this data. Wordfence determined that the WordPress site was over three months out of date while their Drupal site was almost two years out of date. Furthermore, the company was using outdated third party plugins for WordPress which may have opened the doors for hackers to access other systems and passwords.

Website owners can learn from the mistakes made by Mossack Fonseca. Here are some of the main takeaways from the Panama Papers:

Protecting the Core

Both WordPress and Drupal have a large community of web developers contributing code to various aspects of the platform, also known as “the core”. Because they are open source, the code is able to be viewed by a larger user base, which can lend a hand at exposing potential security risks in the code base. When this happens, those vulnerabilities are typically brought to the core development teams who then fix the issue, release an update, and publish bulletins to notify web developers and users of the risk and the fix.

Mossack Fonseca’s client portal on Drupal was vulnerable to hacking due to running a version of Drupal that was over two years old. In that time, Drupal security teams had brought to light major vulnerabilities and urged website administrators to patch the software. Because these security bulletins were ignored by Mossack Fonseca, it was entirely possible for hackers to access sensitive files and data from their client portal.

In WordPress, security updates are typically announced at WordPress.org, while Drupal has their own security team and security bulletins are announced via news lists. WordPress by default will automatically update itself when security updates are released, which makes it painless to keep core WordPress up-to-date. Drupal updates need to be manually applied, which means that it’s vital for website admins to pay attention to update notifications and apply security updates immediately.

Leaving The Door Open With Plugins and Modules

Third party code that extends the functionality of the core CMS platform are known as plugins and modules (for WordPress and Drupal, respectively). Besides using an outdated version of WordPress, Mossack Fonseca was using the Revolution Slider plugin, a plugin that is “one of the most common WordPress vulnerabilities” when not updated. In an update to the original report provided by Wordfence, because Mossack Fonseca’s email server was hosted on the same server as their websites, it is likely that their email was hacked via a vulnerability in Revolution Slider.

Plugins and modules have varying degrees of scrutiny and oversight by security teams based on the platform, the popularity and the method by which they are distributed. In general, Drupal has wider and more stringent security review of community-developed modules for its platform than WordPress, however, plugins that are distributed via the WordPress Plugins directory must pass a security review and are typically maintained and supported. Revolution Slider, which has had known vulnerabilities going back to 2014, is not available at WordPress and is instead sold and downloaded directly from the company website and also from the popular software storefront Code Canyon

When you obtain code directly from plugin developers (or via sites like Code Canyon) you are on your own to determine whether the plugin is maintained and to find out if there are security updates. In these cases you will rely on the individual developer or development team to assure that the plugin is maintained and patched as new and potential vulnerabilities are exposed, so look for plugins that are frequently maintained and actively supported. If they are not, avoid using them lest risk your site and data being exposed to attackers.

Separation of Concerns

The reports reveal other shoddy practices that likely led to stealing of of the 11.5M+ documents that would be known as the Panama Papers. In web security, the practice of “separation of concerns” means that you mitigate the risk to any one system by decentralizing where your data lives and how it is accessed. Mossack Fonseca hosted their email server on the same server as on their web server, and had passwords for their email stored visibly in the WordPress database. With a compromised WordPress installation, it would have been easy to obtain email passwords and retrieve email. If emails had been on a separate server, it would have made it harder for hackers to obtain the emails even if the website was hacked.

Ask The Right Questions

The largest data breach in Internet history was likely caused by a lack of security best practices. Companies should understand how their website is hosted and information stored. Demand to understand from your developers or web hosting team how data is secured and risks to hacks and attacks are mitigated. It could save your business, as well as your client’s business.

Dispatches from the Spry Hive 2016: Week 16

Posted by James McDonnell & filed under Tips.

This post is part of a weekly series featuring the latest buzz around the Spry Hive.

Around Spry

This week we were excited to host the Girls on the Run St. Louis Pacesetters group, where Partner Sheila Burkett led a discussion on intentional decision making and how to make decisions that you can stand behind.

Thursday we also attended the Midwest Digital Marketing Conference put on by University of Missouri St. Louis’ Digital Marketing program. The event was hosted at the beautiful Union Station, and included speakers from Google, Buzzfeed, Pandora and eHarmony. The theme was disruption through innovation, and we attended many good sessions about how these companies are using big data and innovative, human-centric marketing to engage their customers.

Mark May 3rd on your calendar and get ready to participate in one of the largest days of fundraising for nonprofits in the St. Louis Area! Spry Digital has a number of clients and friends participating in this year’s Give STL Day, so be on the lookout for more information on the different ways to give back to our community.

Design

a0bbcd36278407.57164b7bd92a5

Are you a fan of all things design and Star Wars? Get ready to geek out over these gorgeous, laser-engraved skateboards inspired by a galaxy far, far away.

Content Strategy

Head over to 18F to find an effective strategy for auditing old or testing new content for your website.

It’s really easy to waste time developing content without a clear plan of action. That’s why it’s important to recognize the many disciplines of content strategy, specifically content engineering.

Web Design & Development

The difference between a successful and failed mobile user experience can be a matter of seconds, so learn how to speed up your load times with course title Wicked Fast Websites by Go Make Things.

phone-num-forms-04

Sometimes, for the sake of your own sanity, all you can do is laugh after running into a horrendous user interface online. These hilariously bad phone number web forms act as a prime example.

Misc.

The best solution for increasing productivity isn’t always to reduce stress. In some circumstances, you might not be stressed enough.

Dig into the histories and thought-patterns that led to the computer sciences becoming so male-dominant with Born For It by Martin Fowler.

While photoshop has plenty of professional applications, let not forget that the real reason the program exists is for hilariously imaginative Photoshop battles.

Turn your ‘French’ and buzzwords into an avenue of giving on Slack. Become a ‘Slacktivist’ and install SwearJar today!

20140421-prince-x1800-1398108255

As if the followers and members of pop music culture hadn’t been through enough in 2016, the disheartening news broke this past Thursday that superstar Prince (57) had passed away.


That’s it for the Spry Hive this week. Enjoy the last weekend of April and don’t forget to stop by next week for another dose of the Spry Hive!

Dispatches from the Spry Hive 2016: Week 15

Posted by James McDonnell & filed under Tips.

This post is part of a weekly series featuring the latest buzz around the Spry Hive.

Around Spry

This week opened with an addition to our creative team, Jay Yerxa. Jay is Spry Digital’s new Sr. Digital Art Director. Warm welcome, Jay!

12983300_1385341418158318_4734500961782713731_o

The rest of the week was filled with celebration as Spry Digital turned 6 years old! On Wednesday, our festivities took us to the ever-delicious Clementine’s Creamery. Above you can see part of the team after indulging in a little too much ice cream!

Web Design & Development

Laugh in the face of your web development & programming woes with these brilliantly hilarious coding inspired captions paired with classical paintings.

Discover why all client questions, both the commonly easy and challenging ones, are as much a part of UX/UI as user testing itself in Orr Shtuhl’s “Looking for ‘Trouble’” on A List Apart.


Faster image loading and responsive preview are just two of many new features in WordPress 4.5 “Coleman”, which is now available and named after jazz saxophonist Coleman Hawkins.

Learn all there is to know about content quality audits and how they can rejuvenate your website with Content Strategy Inc.

Continue indulging in web design topics with the Top 10 Web Design Readings for April 2016 by Mybridge Design.

Misc.

Discussing & keeping track of individual topics in Slack just got a whole lot easier as the company announced that they are bringing threaded messaging to the application.

Find the solutions to your design problems as Bloomberg has brought together 25 original thinkers in The Design Issue 2016.

BN-NO084_microd_M_20160414112246

Microsoft is officially joining Apple in the fight against the government secretly accessing citizen’s emails, suing the U.S. Department of Justice.

Check out the data behind about 2000 screenplay scripts and uncover what it means about the current state of film.

Who doesn’t enjoy a good 404 page or people who are able to laugh at themselves? Well, you’ll find both when you can’t find what you’re looking for on Hillary Clinton’s website.


That wraps up the news of the week. Don’t forget to stop by next week for more from the Spry Hive.

Dispatches from the Spry Hive 2016: Week 14

Posted by James McDonnell & filed under Tips.

This post is part of a weekly series featuring the latest buzz around the Spry Hive.

Around Spry

We are excited to provide on-site web support for the 2016 U.S. Chess Championships that begin next week. The tournament is being held at the world renowned Chess Club and Scholastic Center of Saint Louis, so be sure to grab yourself tickets for a round or two!

Next week is also a special week around the Spry Digital office as we celebrate 6 years as a company. We love what we do, and grown in staff by over 450% in five years. Thanks to everybody who works with us, our clients and friends and family that support our business!

Web Design & Development

Next time you are building a Shopify ecommerce site with the Liquid template language, keep this handy cheat sheet by your side.

eleanor-davis-300w-9ca29fefe4bddb9af973e99d22ddfce3

Stay sharp with your web design skills and practices with The Manual, a journal centered around design for the web that’s only released three times a year.

Find out how developers around the world were stopped in their tracks by one infuriated individual who broke JavaScript.

18F, an organization dedicated to designing, developing, and assisting the digital interactions between citizens and their government is now giving away the code for 35 different projects they worked on.

Misc.

If you haven’t discovered Modstock, a stock photography site for the “lives we really live”, you’ll want to get there before your parents discover it.

Vaping-James-small

Whether you’re a teacher or frequently use the whiteboard around the office, this new device and app on Kickstarter called Kaptivo will make sharing your work significantly easier.

Heralded as being a bigger leak than WikiLeaks and Edward Snowden combined, a group of 100 reporters from 100 different countries released the Panama Papers this week, laying out the paper trail of documents connecting some of the most powerful people in the world to shell companies in Panama being used as tax havens.

zara

This week we pay tribute to two more individuals who are no longer with us. Zara Hadid, 65, world famous experimental architect passed away, as well as country music legend Merle Haggard, 79.


Enjoy the first weekend of April and don’t forget to stop by next week for more from the Spry Hive.

Dispatches from the Spry Hive 2016: Week 13

Posted by James McDonnell & filed under Tips.

0This post is part of a weekly series featuring the latest buzz around the Spry Hive.

Around Spry

This week we hosted the St. Louis Drupal Users group for the first of many planning meetings for 2016 Drupal Camp St. Louis. Keep your eyes peeled here for more information about the event that will be happening this Fall. To get involved, visit the DrupalSTL Meetup Page.

Members of Spry will be representing the Drupal Association at the PHPTek Conference from May 23-27, so make sure you visit us at the Drupal table in-between the excellent sessions scheduled throughout the week.

Web Design & Development

Ensure that the website you’re designing meets the Web Content Accessibility Guidelines with these helpful tips.

The Spry team is a fan of Zurb’s Foundation tools as we’ve discussed previously. This week, we had the opportunity to hear from the Zurb team and ask them questions about their products in the form of an AMA.

stickers

Rep your favorite brands in programming and development tools with three free dev stickers.

Developers can sign-up for the Safari Technology Preview to get early glimpses into future browser and Webkit application releases.

To much applause, Microsoft has announced that Bash, the Linux command line, is finally coming to Windows.

Misc.

The FBI officially dropped their headline case against Apple. Now the tables have turned, as Apple is demanding that the agency reveals how they hacked the San Bernardino iPhone.

2398

Find out how Google caused a panic among users with this year’s April Fools Day joke, Google Mic Drop (that’s already been disabled).

Just when you thought Microsoft had learned its lesson after last week’s gaff with their Twitter AI, Tay, the company once again had to shut off the A.I. after it got stuck talking to itself.

There’s no excuse not to make your photos look great, as Google has announced that their photo editing software, the seven plugin Nik Collection, is now free.

Dig into the roots and legacy of the blues at the grand opening of the National Blues Museum in St. Louis this weekend.


 

Stay safe out there during the rest of April Fools Day and don’t forget to stop by next week for more Spry Hive!