Read more of this story at Slashdot.

Read more of this story at Slashdot.

Read more of this story at Slashdot.

Read more of this story at Slashdot.

Jay Rosen is experimenting with new ideas in blogging, and that's great to see. 

He wrote a post about the changes on Monday. 

1. There's a new template for the site, a new look.
2. And there's a new section behind the home page (that's how I visualize it) called The Board with "little posts that are longer than Twitter updates and shorter than PressThink essays."

Have a look at what Jay's done. 

My thinking

I've been iterating over this for a long time, myself. I want to tell you about it, with comments mixed in on Jay's approach, to the extent that I understand it.

I created a new blogging tool that is designed to be as easy to write for as Twitter and Facebook. There's a text box at the top of the page. Start typing in it. That's how you create a new post. But you can go past 140 chars. You can go really long. And unlike Facebook, you can link to other places on the web, you can style text, or add a podcast. Posts can have titles.

The thing I learned is there is no reason you can't use this kind of "quick" tool to write "serious" posts. As a software designer, this is an important observation. So you'll see posts of all length on my blog. 

I'm not sure if this would work for Jay though. His PressThink posts are more substantial than even my most ambitious post. I rarely spend more than an hour writing a post. I see blogging as fresco writing. If I have more to say about a topic, I write a new post and link back to the previous one. This isn't optimized for readers, I know, but it does make it more likely I will write something. So in a way that's there for the readers too.

So maybe Jay needs two separate spaces.

But -- as a reader, who primarily finds out about Jay's new stuff through his feed, now the newest quickest bits of Jay-wisdom are not available to me unless I visit his site? Or is there another feed to subscribe to? This is something I imagine Jay should think about, because I bet a lot of people read his stuff in the feed as opposed to "visiting" the website.

On the other hand, I could see some long-time followers of Jay, the most vocal ones of course, saying they don't like change. 

I have blown through those objections many times in the past, and no doubt have lost readers because of it. People ask me to do a separate feed for podcasts, but I won't. It falls under the same idea of "if it's too much work I won't do it," something I've observed about myself. I often won't use my own tools if it takes me too far off course. It's the web lifestyle, quick multi-tasking. It's too late for me to get off that train.

Dan Bricklin, imho, had the canonical observation on this topic. 

You look for software features that reward you for using them one percent of the time, and unfortunately there are a lot of products that penalize you for not using them 100 percent of the time.

He was commenting on a feature I was trying to create that would make it super-easy to categorize my posts. I couldn't discipline myself to do it regularly, I figured if I over-designed it for quickness, that I might get myself to do it. Nope. Still my writing will only be categorized well if an algorithm does it for me (which seems totally doable).

Back to the short-posts thing. What's funny is I had this problem totally solved in the period before. The home page of my blog could have short items and long ones. The long ones were also archived on separate pages, with comments. The short ones had permalinks that took you to the archive page for the day. It really worked because I had a tool that made it really fluid. And it was pretty good for reading and it all flowed through the feed. Twitter kind of broke that up. And Google Reader finished the job. ;-)

An aside, I've always felt posting on WordPress involved too much thought on how to get the software to do what you want. The most common thing for a blogging tool is to create a new post. It is also the barrier to entry. Which says to me that writing should be up front and everything else should be subordinate to it.

Jay has identified a space that has gone underserved since Twitter became the place where our short posts go, and our blogs focused on long-form writing to please Google Reader. And more important, he's experimenting with solutions. I hope more people do this as well.

PS: I could only find one reference to Dan's quote, in an archive of an RSS feed for the podcast Jay and I used to do! It must be out there somewhere else?

Jay Rosen is experimenting with new ideas in blogging, and that's great to see. 

He wrote a post about the changes on Monday. 

1. There's a new template for the site, a new look.
2. And there's a new section behind the home page (that's how I visualize it) called The Board with "little posts that are longer than Twitter updates and shorter than PressThink essays."

Have a look at what Jay's done. 

My thinking

I've been iterating over this for a long time, myself. I want to tell you about it, with comments mixed in on Jay's approach, to the extent that I understand it.

I created a new blogging tool that is designed to be as easy to write for as Twitter and Facebook. There's a text box at the top of the page. Start typing in it. That's how you create a new post. But you can go past 140 chars. You can go really long. And unlike Facebook, you can link to other places on the web, you can style text, or add a podcast. Posts can have titles.

The thing I learned is there is no reason you can't use this kind of "quick" tool to write "serious" posts. As a software designer, this is an important observation. So you'll see posts of all length on my blog. 

I'm not sure if this would work for Jay though. His PressThink posts are more substantial than even my most ambitious post. I rarely spend more than an hour writing a post. I see blogging as fresco writing. If I have more to say about a topic, I write a new post and link back to the previous one. This isn't optimized for readers, I know, but it does make it more likely I will write something. So in a way that's there for the readers too.

So maybe Jay needs two separate spaces.

But -- as a reader, who primarily finds out about Jay's new stuff through his feed, now the newest quickest bits of Jay-wisdom are not available to me unless I visit his site? Or is there another feed to subscribe to? This is something I imagine Jay should think about, because I bet a lot of people read his stuff in the feed as opposed to "visiting" the website.

On the other hand, I could see some long-time followers of Jay, the most vocal ones of course, saying they don't like change. 

I have blown through those objections many times in the past, and no doubt have lost readers because of it. People ask me to do a separate feed for podcasts, but I won't. It falls under the same idea of "if it's too much work I won't do it," something I've observed about myself. I often won't use my own tools if it takes me too far off course. It's the web lifestyle, quick multi-tasking. It's too late for me to get off that train.

Dan Bricklin, imho, had the canonical observation on this topic. 

You look for software features that reward you for using them one percent of the time, and unfortunately there are a lot of products that penalize you for not using them 100 percent of the time.

He was commenting on a feature I was trying to create that would make it super-easy to categorize my posts. I couldn't discipline myself to do it regularly, I figured if I over-designed it for quickness, that I might get myself to do it. Nope. Still my writing will only be categorized well if an algorithm does it for me (which seems totally doable).

Back to the short-posts thing. What's funny is I had this problem totally solved in the period before. The home page of my blog could have short items and long ones. The long ones were also archived on separate pages, with comments. The short ones had permalinks that took you to the archive page for the day. It really worked because I had a tool that made it really fluid. And it was pretty good for reading and it all flowed through the feed. Twitter kind of broke that up. And Google Reader finished the job. ;-)

An aside, I've always felt posting on WordPress involved too much thought on how to get the software to do what you want. The most common thing for a blogging tool is to create a new post. It is also the barrier to entry. Which says to me that writing should be up front and everything else should be subordinate to it.

Jay has identified a space that has gone underserved since Twitter became the place where our short posts go, and our blogs focused on long-form writing to please Google Reader. And more important, he's experimenting with solutions. I hope more people do this as well.

PS: I could only find one reference to Dan's quote, in an archive of an RSS feed for the podcast Jay and I used to do! It must be out there somewhere else?

In my postForensicating Docker, Part 1back in March (yes, I promise a Part 2 in the next couple of months, the $dayjob has slowed that down a bit), I talked a little about the AUFS layered filesystem that was used by the docker install on the system I was investigating. While I was forensicating the case I talked about in that diary, I wanted to see what the container filesystem looked like from my SIFT VM so I wrote a script to do the mounting the same way docker does (except for forensic purposes the mount is read-only). The script can be foundhere. Unfortunately, docker can use multiple storage drivers. So far, Ive adapted the script to handle two/threeof them, AUFS and Overlay/Overlay2. AUFS is the default on (older?) versions of Ubuntu, but AUFS isnt included by default in RedHat (or derivates), you would have to compile your own kernel. Overlay2 is included in newer kernels (pretty much anything after 3.18), so I suspect it may become the default at some point in the future.These are the storage drivers that handle so called Union filesystems to handle the layering. The btrfs, zfs, and devicemapper storage drivers are all block-level rather than file-level storage drivers. In effect, they require separate devices/partitions/loop-mounted files taking advantage of filesystem features such as snapshots in the underlying filesystem drivers to handle the layering. While I think I can get btrfs into the script, I havent looked at zfs and Ive had difficutly with devicemapper, so Imay not be able to get all of these. See [3] and [4]" />

Having gone through all of that, for the purpose of forensication, it is important to remember that changes made within a container will all be captured in the top layer of these layered or union filesystems. To find that top layer (for docker " />

References:
[1]https://isc.sans.edu/forums/diary/Forensicating+Docker+Part+1/20835/
[2]https://github.com/clausing/docker-scripts
[3]https://docs.docker.com/engine/userguide/storagedriver/imagesandcontainers/
[4]https://integratedcode.us/2016/08/30/storage-drivers-in-docker-a-deep-dive/

---------------
Jim Clausing, GIAC GSE #26
jclausing --at-- isc [dot] sans (dot) edu

In my postForensicating Docker, Part 1back in March (yes, I promise a Part 2 in the next couple of months, the $dayjob has slowed that down a bit), I talked a little about the AUFS layered filesystem that was used by the docker install on the system I was investigating. While I was forensicating the case I talked about in that diary, I wanted to see what the container filesystem looked like from my SIFT VM so I wrote a script to do the mounting the same way docker does (except for forensic purposes the mount is read-only). The script can be foundhere. Unfortunately, docker can use multiple storage drivers. So far, Ive adapted the script to handle two/threeof them, AUFS and Overlay/Overlay2. AUFS is the default on (older?) versions of Ubuntu, but AUFS isnt included by default in RedHat (or derivates), you would have to compile your own kernel. Overlay2 is included in newer kernels (pretty much anything after 3.18), so I suspect it may become the default at some point in the future.These are the storage drivers that handle so called Union filesystems to handle the layering. The btrfs, zfs, and devicemapper storage drivers are all block-level rather than file-level storage drivers. In effect, they require separate devices/partitions/loop-mounted files taking advantage of filesystem features such as snapshots in the underlying filesystem drivers to handle the layering. While I think I can get btrfs into the script, I havent looked at zfs and Ive had difficutly with devicemapper, so Imay not be able to get all of these. See [3] and [4]" />

Having gone through all of that, for the purpose of forensication, it is important to remember that changes made within a container will all be captured in the top layer of these layered or union filesystems. To find that top layer (for docker " />

References:
[1]https://isc.sans.edu/forums/diary/Forensicating+Docker+Part+1/20835/
[2]https://github.com/clausing/docker-scripts
[3]https://docs.docker.com/engine/userguide/storagedriver/imagesandcontainers/
[4]https://integratedcode.us/2016/08/30/storage-drivers-in-docker-a-deep-dive/

---------------
Jim Clausing, GIAC GSE #26
jclausing --at-- isc [dot] sans (dot) edu

Read more of this story at Slashdot.