I’ve blogged before about the importance of making sure you’re serving your content over HTTPS. Not only is Chrome now marketing sites not served over HTTPS as “non secure” in the browser, they are giving increased weight to HTTPS sites in search results. It’s never been easier to serve your sites securely, but the actual secure certificate is only part of the equation here. We need to talk about protocols like SSL and TLS as well.

Server software like Apache and Nginx would previously serve secure content over the SSL (secure sockets layer) protocol. This is the case for the web as well as email. SSL was succeeded by TLS (transport layer security). The problem is that the various SSL protocols have been found to be insecure. A few years ago SSL 3.0 was found to be attackable thanks to the POODLE attack. At this point, it’s best to have moved your servers off SSL and been using the TLS protocols.

Run Some Tests!

If that’s greek to you (and most of it is to me as well), don’t worry. If you have server or IT admins that take care of your servers, chances are they’re on it and have been on TLS for several years now.

Highedwebtech.com SSL Test results

You can use Qualys’ SSL Server Test site to what protocols your server is using and make sure you’re up to do date with everything. You can see my report here. I use Let’s Encrypt for my certificate. Take a second and check out that A+. Feels good.

The SSL Server Test will also tell you what TLS and SSL protocols you’re running. You shouldn’t be running any SSL ones, because you will see the test dock you very heavily. Here’s an example:


You should be serving your website content over TLS 1.2 at this point. Why? Here’s more detail from GlobalSign:

As a best practice, you should configure your servers to support the latest protocol versions to ensure you are using only the strongest algorithms and ciphers, but equally as important is to disable the older versions. Continuing to support old versions of the protocols can leave you vulnerable to downgrade attacks, where hackers force connections to your server to use older versions of the protocols that have known exploits.  This can leave your encrypted connections (whether between a site visitor and your web server, machine to machine, etc.) open to man-in-the-middle and other types of attacks.

Earlier this summer, TLS 1.3 was ratified and released. If you are able to upgrade to it, you should. If you don’t want to run a full SSL test, you can run just a check of what TLS protocols you are serving. Here’s a TLS Test from CDN77. Here’s my results below. This site is coming to you over TLS 1.3. Again, feels good!

TLS Test Results

Searching movie posterI’ve been blogging for a decade here all about technology, the web, marketing and more. Something I’ve never done until now is a movie review. There’s a first time for everything, right? Let’s talk about the movie Searching.

Here’s a quick synopsis from Rotten Tomatoes:

After David Kim (John Cho)’s 16-year-old daughter goes missing, a local investigation is opened and a detective is assigned to the case. But 37 hours later and without a single lead, David decides to search the one place no one has looked yet, where all secrets are kept today: his daughter’s laptop. In a hyper-modern thriller told via the technology devices we use every day to communicate, David must trace his daughter’s digital footprints before she disappears forever.

Movies have been trying to show characters using technology to varying success for ever. On one hand, you have films like the Matrix Reloaded. It showed a character using real tools like Nmap exploits to hack a network. On the other, there’s terrible portrayals. Look at films like Swordfish or Hackers, which are just laughable in their use of technology.

What if you’re technology savvy and you see bad use of technology? In my case, I disconnect from the story. Searching was not one of those films.

Searching gets the technology right. From going through the correct steps to reset a password, to tracking online payments. From live streaming and vlogging. The technology here is correct.  Because of that, I was engaged from the get go.

It’s more than technology.  A good movie needs a good story to resonate and capture the viewer. As a parent, the thought of losing a child is my worst fear. This fact brings a ton of tension to the story. After the film, I really thought about what I would do if I was in this parent’s shoes and I could not find my child.

John Cho stars as the father looking for his daughter, and it was interesting to watch him fumble at times with the tech, or be unsure of how some sites work.

It was much like I think I’d react if I had to open my son’s phone and try to find what apps he connected with people on and what they do. Again, reality is a key here.

The film is worth seeing in a theater. If it has already left your local multiplex, check it on when it comes to digital and streaming in a few months.

Snapcode from SnapchatSnapchat certainly hasn’t been getting the press that Instagram and Facebook has lately. When Snap is covered, it’s been about falling stock prices. It’s about how they bungled their redesign and alienated users. It’s fair criticism. Snap didn’t do a great job communicating to users.  It’s had to roll back some of the design elements to appease users. It also seems they’ve lost ground on the stories feature to Instagram lately, which is a shame as Snap really pushed stories first.

I’ve written before about how I made my Snap stories public, and about Snapchat’s analytics tools they launched earlier this year. Since then, I’ve been randomly posting to my public feed. I haven’t had a plan or motive with my posts. In fact, it’s been mostly an afterthought in terms of my social usage this year. I’ve enjoyed the interactions and tools on Instagram (follow me here) over Snapchat, but I’ve got a much larger audience on Snapchat.

I was pleasantly surprised to see this weekend that my public story views went over the 500,000 mark. The fact that my stories have been viewed a half a million times is crazy. People around the world have spent over 33,200 minutes watching my stories. That’s over 550 hours. Crazy.

Snapchat Analytics

Screenshot of my public story analytics

Observations on half a million views

What have I learned from reaching this milestone?

First, Snapchat isn’t dead. Have they fallen behind Instagram, especially on the stories side? Yes. But all’s not lost. In watching what social platforms my 16-year-old son uses, his main method of communication and sharing is Snapchat.

Snapchat needs to catch up where it’s fallen behind on stories. It needs to integrate new features like Instagram’s “ask a question” story feature. I plan to write more about the “ask a question” feature, but Snap should get something like that into it’s story as soon as they can.

Second, as I dig into the analytic data, I see that people who do view my story view all of the story. On my days, my story view percentage is 100%, and rarely dips below 95%.

Keep in mind, these people are mostly strangers, so the fact they follow all my posts shows users on the platform are engaged and watch stories. I don’t know if brand stories with lots of ads get the same sort of engagement.

Even when go without a post for a week or so, the viewership is still there and the numbers are consistent.

Finally, Snapchat needs to give users a way to discover other users easier. Instagram does a good job of this, but Snap doesn’t. I know Snapchat’s core functionality is between two people, but if they want to grow they need better user and  brand account search features. Easier search means more viewers means more ad dollars.

Now that I’ve reached this milestone, I wonder how fast I can get to a million views? Will it be before the end of 2018? I’ll post again when I reach that mark.