Idealist.org needs your help to survive. Do you need more reasons to go donate now? Here's one.
Five years ago, I was a website consultant to nonprofits. I had an idea -- hey, someone should do reviews and information about nonprofit software that all organizations can benefit from! -- and I talked to a bunch of people to see if the idea had legs.
One of the people I spoke with was Ami Dar, the Executive Director of Idealist. I don't even know how I connected with him -- did I cold call him? He's exactly the type of person who's genuinely nice enough and helpful enough to take a call from a miscellaneous person with questions.
He had a lot of useful thoughts and insights about the idea that was to become Idealware, but he said one thing in particular that I've never forgotten, and has proven true over and over. He said (and I'm paraphrasing here): "The more you try to support all nonprofits, everywhere, the less likely you are to get funding."
It's completely counter-intuitive, but true. I think it's the same phenomenon as the Bystander Effect -- the idea that someone is less likely to help someone in trouble if there's a bunch of people also there. Nonprofits like Idealist help so many people that it never seems to a donor as specific or pressing a thing to support as other causes. It's easy to understand -- for instance, your local job fair clinic in Boston is right there, and you know it doesn't have a big pool of donors. If you live in Kentucky, it's easy to see why you should support a site targeted to help people in rural areas find jobs.
But this reasoning is faulty when it comes to critical organizations like Idealist. They provide job fair clinics in Boston... and dozens of other locations. They help people in rural area find jobs... along with hundreds of thousands of others. They're one of the pieces of infrastructure by which the nonprofit sector works, and just like any organization, if they can't get support, they go under.
Which is in danger of happening now. One of their principle income sources was from job listings, and job listings, as you can imagine, are not what they used to be.
Do you want Idealist to survive? Would you be bummed if they were gone? Then don't wait for other people to support them. Go donate yourself.
We're excited to announce the launch of our very first book -- the Idealware Field Guide to Software for Nonprofits: Fundraising, Communications, and Outreach. I'm really proud of it -- it's 84 pages summarizing what we've learned about software over the last four years, as a quick reference as to what software exists and what might make sense for you based on your needs and level of tech savvy. And then it gives a quick summary of what you might pay, what you can get, and some of the key vendors for each of 34 types of software.
Basically, it's like a neutron star of nonprofit software information. Concise but incredibly packed with info. I've had a printed copy on my desk for almost a month now, and let me tell you: I refer to it almost every day to look up something... and I co-wrote the thing.
We're hard at work on a lot of work in regard to mobile texting and and mobile apps (funded in part by the Research Fund... and all of you who donated to it! Thanks you!). I've learned a lot, but among them: the world of SMS (meaning "Short Message Service", the official name for a text message) is a darn complicated one.
As we at Idealware like to break things down, we've broken down the ways to send a text into four categories.
SMS as email. It's usually possible to send people a text message simply by emailing it to an email address consisting of their phone number and then their provider's domain (i.e. 6463523431@att.net). This is not actually officially supported, and can lead to problems when doing it in quantity, but can be an easy method for a few quick (or internal) texts. You also have the problem of collecting providers and provider domains, which is a kind of unusual thing to ask supporters for. But it's free.
Connecting your phone to your computer. There are software packages -- like Frontline SMS or Microsoft SMS -- which allow you to literally hook your cell phone to your computer and send a bunch of messages out through your own cell phone. This is more common (for reasons we're still investigating) in third world countries than in the US. The software is inexpensive.
SMS via programmatic services. If you have a programmer, you can use services like Click-a-Tell that allow you to send messages by communicating via API. For instance, Click-a-Tell is often used in conjunction with Drupal for either one way broadcast texting, or more sophisticated processes like letting people sign up via texting, or providing dynamic info (like the weather). Click-a-Tell is priced by the message, averaging about $0.04/ message. There's also open source software like Kannel and Gammu which we think falls into this category.
SMS in a box. Finally, there are vendors like Mobile Commons and Distributive Networks who provide you a nice packaged service, and an interface, very much like a broadcast email interface, that lets non-technical people easily set up texting streams -- to let people signup via text, broadcast texts, setup complex two-way interactions, or donate. We're investigating pricing, but they're not cheap. Perhaps starting at $200- $500/month?
So as you can tell, we've still got a ways to go on our research -- would love to hear your thoughts (either via comment below, or via email) if you can fill in any of our blanks or if you think we've gotten this wrong.
The announcement that GuideStar, Charity Navigator and others would be moving away from the 990 form as their primary source for assessing nonprofit performance raised a lot of interesting questions, such as "How will assessments of outcomes be standardized in a way that is not too subjective?" and "What will be required of nonprofits in order to make those assessments?" We'll have a chance to get some preliminary answers to those questions on February 4th, when NTEN will sponsor a phone-in panel discussion with representatives of GuideStar and Charity Navigator, as well as members of the nonprofit community. The panel will be hosted by Sean Stannard-Stockton of Tactical Philanthropy, and will include:
As my colleague Steve Backman fully explains here, here's been some fallout from this story for Microsoft. First, like Google and Yahoo!, Microsoft operates a search engine in China and submits to the Chinese governments censoring filters. They've kept mum on their feelings about the cyber-attack. Google's analysis of that attack reveals that GMail accounts were hacked and other breaches occurred via security holes in Internet Explorer, versions six and up, that allow a hacker to upload programs and take control of a user's PC. As this information came to light, France and Germany both issued advisories to their citizens that switching to a browser other than Internet Explorer would be prudent. In response, Microsoft has issued a statement recommending that everyone upgrade from Internet Explorer version 6 to version 8, the current release. What Microsoft doesn't mention is that the security flaw exists in versions seven and eight as well as six, so upgrading won't protect you from the threat, although they just released a patch that hopefully will.
So, while their reasoning is suspect, it's nice to see that Microsoft has finally joined the campaign to remove this old, insecure and incompatible with web standards browser.
I have kept Google Wave open in a tab in my browser since the day my account was opened, subscribed to about 15 waves, some of them quite well populated. I haven't seen an update to any of these waves since January 12th, and it was really only one wave that's gotten any updates at all in the past month. I can't give away the invites I have to offer. The conclusion I'm drawing is that, if Google doesn't do something to make the Wave experience more compelling, it's going to go the way of a Simply Red B-Side and fade from memory. As I've said, there is real potential here for something that puts telecommunication, document creation and data mining on a converged platform, and that would be new. But, in it's current state, it's a difficult to use substitute for a sophisticated Wiki. And, while Google was hyping this, Confluence released a new version of their excellent (free for nonprofits) enterprise Wiki that can incorporate (like Wave) Google gadgets. That makes me want to pack up my surfboard.
The open conflict between China and Google has brought front page/national news attention to Internet privacy and censorship lately. Google announced that Chinese cyber spies had hacked into Gmail accounts in order to identify human rights activists in China. It turns out that it was not just Google. Other popular web service providers had suffered similar attacks. And now it has become a diplomatic incident, with Sec of State Clinton and Pres Obama now forced to intervene even while presumably engaged by Haiti, growing mess in Afghanistan and more.
Google--somewhat belatedly for many--retaliated by threatening to stop self-censoring searches of its Chinese edition. Web freedom activists have long felt this accommodation to Chinese law violated Google’s philosophy http://www.google.com/intl/en/corporate/tenthings.html. Yahoo, Microsoft, Cisco and others feel pressure to follow suit.
Browser Security Holes the Point of Attack
So what does this have to do with browsers? Turns out that the cyber warfare story behind the story has to do with Chinese teams exploiting yet another point of failure in Microsoft’s Internet Explorer browser. Microsoft has now patched that problem, and web users should get it. According to the BBC and others, Microsoft knew about the vulnerability since September and planned to patch it. Soon. February. For the government of Germany, enough was enough. In the middle of the cyber crisis, they urged web users in their country to stop using IE altogether, as part of their version of domestic homeland security.
Yet, statistics show many users still on IE 6, presumably many because users have older computers and just don’t know what they have. Partly also, some corporate software apparently displays better on IE6. Presumably German authorities felt that an announcement, "please upgrade to IE8 and set your computer to download all your security patches weekly" really would have required way more public information that is practical. Makes sense to me.
And of course, the preference for IE6 has a bitter irony for web developers worldwide. As software moves to richer browser experiences, through Javascript, Flex, JQuery and the rest, it has become harder and harder to ensure cross-browser compatibility when those compatibility tests have to include IE6. We don't do it any more unless this is specifically part of the requirements--say, in school environments with a lot of older computers.
We keep an eye out for who continues to support IE6 compatibility and who does not. Paychex just announced it would end IE6 support as of March 2010 for its payroll software. 37Signals announced way back in the fall of 2008 that it would phase out support for IE6 in Basecamp and its other web services. "Supporting IE 6 means slower progress, less progress, and, in some places, no progress." Good for you, Paychex, 37Signals, web developers no doubt said to themselves. Microsoft itself will pull the plug on IE6 in July 2010.
Of course, the bigger story is that more and more web users have moved away from Internet Explorer altogether, much as in the German announcement. Too confusing and just can't wait. Many folks used to worry that websites developed with Microsoft tools would fall apart outside of Internet Explorer. Not true! In fact, some .Net web pages that test fine in competing browsers need tweaking for IE.
Firefox now has just under a quarter of all web users. With plans underway for it, I suspect Firefox will continue to grow. (For example, soon each Firefox tab will run in its own memory space. This means that if one page causes a problem, it won't freeze other tabs. This also helps with speed. Chrome works this way now.)
What is most intriguing to me is the continuing march forward of Google’s Chrome. In early January 2010, statistics showed it had inched by Safari to become the third most popular browser. It has become my preferred browser. Why? It’s quite fast and has that now familiar clean look of other Google products.
Personal esthetics aside, two things account for Chrome’s surge
Beta Release for Mac and Linux. I have been using the Linux version on my Ubuntu netbook, and it has been fantastic. It may be beta, but like other Google betas, it seems ready to go. In my personal experience, it’s much faster than either Opera or Firefox running on my small Ubuntu notebook. Other reports support this.
On XP, both it and Safari seem significantly faster than either IE or Firefox. The forthcoming release schedule for Firefox includes a lot of focus on performance, so who knows where things will line up.
The other big news in the Chrome department has been growing support for browser extensions. There’s still nothing like the Firefox library. Yet my most essential extensions installed really easily and work just fine—Delicious bookmarks, Lastpass password protection, bitly url shortener, Gmail integrator, and Evernote note and page clipper. Small bonus: unlike Firefox, you don’t have to restart the browser when you install or update the those extensions.
For many folks, all the yak about extensions must seem so nerdy. Yet browser extensions are to web experience what apps are to mobile: we spend so much time in the browser while using our computers, why not make the effort to personalize and enrich our experience? Though this may drive standards-minded IT departments crazy, it seems part of life on the ‘net today.
Why choose one over the other? Security, Speed, Customization, and User Experience
As I mentioned, number one reason for me in crossing over to Chrome on my 1 GB netbook has been speed. It is faster with Gmail and all the Google stuff, yet not just. It’s hard to truly compare “fast.” In my case, it means being able to have a lot of tabs open at once and for a long time with limited memory. Apple has steered clear of supporting Linux (no Ubuntu browser, iTunes or anything) so I can’t compare, yet the Windows version is quite fast as well.
I have all of Chrome, Firefox, IE, Safari and Opera on my older Windows XP notebook. I switched from Firefox toChrome there as well my first choice browser. All the browsers now emphasize a modern spare look, which is great, with Safari and Chrome the most refreshing in this regard.
The contradictory thing about Chrome’s speed is that part of the netbook attraction is that it runs well with low memory. On the other hand, on XP at least, its speed seems to come at the price of insatiable memory. I posted some tips about this Chrome issue here.
Why NOT to choose one over the other?
The browser makers compete over the four categories mentioned above. This is good and worth paying attention to. They also compete over internal features, some of which is good and some not. Two features I would recommend steering clear of are bookmark synchronization and password protection.
Each of the browsers now emphasize their features for these everyday requirements. They even have grown in ability to sync across multiple computers. I don’t look anymore and I don’t care. I use delicious to hang on to my bookmarks (supplemented by evernote page grabber). And I use lastpasss for keeping track of passwords. I’m not going to review those products here. I’ve commented on them in earlier posts, and I recognize there are other options in each category.
The point here in a review of browser choices is that those choices seem to be blowing wide open in a product category that a few years ago seemed “solved.” There’s more choices on the desktop and more on mobile phones as well. (My Nokia phone also has, yes, three separate browsers I cycle among.) By storing your critical web experience information independently, you can switch from one browser to another as well as from one computer to another.
I can save a site log-in to my lastpass account from browsing with Windows desktop in Firefox and then the next day, open that same site from Chrome on my Linux netbook—or find the same password from my lastpass app on my cell phone. Likewise with my delicious bookmarks.
By contrast, the syncing each browser offers emphasizes keeping you locked in to that one browser. Browser lock-in does not feel like a good thing for the year ahead for me, and I hope you don’t either.
Last week, we talked about domain registrar services and what to look for. In today's followup, we'll focus on how to transfer a domain and the accompanying security concerns, then talk a bit about registrars vis a vis hosting services.
Domain Transfers
Transferring domains is a somewhat complex process that has been designed to minimize the risk of domain hijacking. In order to insure that transfers are performed by the actual owner of the domain, a few important measures are in place:
Every domain has an authorization (a.k.a. EPP) code associated with it. Transfers can not occur without this code being submitted. If you don’t have this information, your current registrar does. Some registrars have automated functions that will deliver that information to the domain contact; others require that you ask for them via email to the registrar or their support ticket application. Registrars are required to provide you with these codes within five calendar days of your request. If they don’t, your best recourse is to determine who they get their domain authority from (there are only a handful of companies that resell registration services) and appeal to them for assistance.
Communication is strictly through the registered “whois” email address of the domain owner. You can determine what that is by doing a whois lookup on your domain.
Tip: While most domains can be looked up at http://whois.net. However, whois.net has some trouble with .org domains, so the alternative http://www.pir.org/whois is a more reliable source for most non-profit domains.
If the address that your domain is registered with is either non-functional or owned by someone other than you, then you need to update it, via your current registrar’s web interface, before you can successfully transfer the domain.
Domains can (and should) be locked to prohibit transfers before and after you switch registrars. Locking and unlocking your domains is usually done by you, from your registrar’s web site. If you don’t have options to do that when you log on to the web site, your registrar should do it for you upon request.
Transfer Procedures
To initiate the transfer, go to the web site of the registrar that you want to switch to and follow their instructions. They will have you submit a request and, upon receipt of your domain fees, issue an email to the email address associated with the domain containing a link to a form where you can confirm the request. That form will also ask for the authorization code. Subsequently - and this can take up to seven days - you’ll receive an email from your current registrar asking you to confirm the transfer request. Once that is submitted, the transfer should go through. Detailed rules about how domains are transferred, as well as what the responsibilities of the registrars are in handling the transfers, are listed at http://www.icann.org/en/transfers/policy-en.htm.
Choosing Registrars
Registrars charge anywhere from $5.00 to $50 dollars for a year’s domain service. The two best known registrars are Network Solutions and GoDaddy. Many people go with Network Solutions because they're the longest standing of the registrars (for many years, they were the only registrar). GoDaddy has become very popular by dramatically undercutting the cost. Note, though, that both of these registrars have been accused of questionable business practices:
Network Solutions has engaged in "Front Running", a questionable practice of locking domains that a potential customer might search for in order to block competitors from making the sale. They will also use subdomains of your domain to advertise, a practice called subdomain hijacking. A decent registrar will not seek to make profits based on your intellectual property.
GoDaddy famously suspends accounts based on corporate requests. In 2007, they suspended seclists.org, a website that archives internet security mailing lists, per the request of MySpace, with no court order or valid complaint. MySpace was upset that content posted to one of the lists that Seclists archived was inappropriate. But, instead of contacting Seclists to deal with the content in question, GoDaddy closed the site and wouldn't respond to desperate emails or phone calls regarding the sudden closure. Worse, after the fiasco was resolved, they were unrepentant, and reserve the right to shut down any site for any spurious reason. If your NPO does work that is in the least bit controversial, keep this in mind when considering GoDaddy.
Web Hosting and Registrars
Many registrars supplement their business by providing web hosting services as well. Some will even offered discounted or free domain registration with a hosting plan. While this simplifies things, it can also be a bit risky in the “eggs in one basket” sense. Having a separate registrar and control over your DNS service allows you to be more flexible with switching hosts, should your current host prove themselves unreliable or go out of business. And the web hosting industry is pretty volatile, with companies coming and going pretty quickly. I would suggest a best practice is to keep your host and registrar separate.
Not enough people are taking advantage of Google Ads, in my opinion. They're a really useful tool -- affordable enough for most nonprofits, and in fact free to qualified ones.
How do they work? You create a short text ad, choose the keywords and geographic area you’d like to reach, and Google posts your ad next to searches for them. So for instance, I could choose to show my ad if people from Virginia search with a phrase that includes "food pantry". The cost depends on the popularity of the keywords you choose, but often starts at just a few cents per each user who clicks through to your site—and you can cap the amount you spend per day. Google provides easy-to-use tools to track your results and optimize campaigns, making it straightforward to manage. There's lots more information on their website.
Nonprofits who use Google Ads often get substantial results, making them a high bang-for-the-buck way to reach new constituents. Even better, qualifying nonprofits can get up to $10,000 per month in free Google AdWords advertising through the Google Grants program. The majority of nonprofits are approved (though it appears that those that are religiously or politically affiliated are less likely to be approved). And the application is easy, less than an hour to complete even including getting up to speed on how to write an ad (the application includes a sample of the type ad you would run). So it's worthwhile for almost every nonprofit to apply. The Google Grants site has all the information you'll need.
Last week, we talked about 
Subscribe through Feedburner