[confused subject line here]

Here is an email template that will work in 100% of business contexts.  I hereby release it into the public domain.

[contrived greeting here],

[brief synopsis of confusion here]. [assignment of blame here]. [statement beginning with “my understanding was…” Here].

[exhaustive elaboration of misunderstanding here]

  • [finer points of misunderstanding here]
  • [complete sentence disguised as a bullet point here]

[passive aggressive threat to involve a manager here.]

[request to set up a meeting and clarify here]. [mandatory expression of gratitude here].

[expression of sincerity here],

[first name here] [last name here]
[company name here]

[team location here]

[continued email thread here]

Recent security changes on bradkovach.com and a new WordPress plugin

Here is a small enumeration of the ways that I’ve improved security at bradkovach.com

  • Full-time HTTPS is available for all bradkovach.com domains.  My certificates are signed by DigiCert.
  • HTTP Strict Transport Security is enabled.  For compatible browsers (Firefox, Chrome), they should flatly refuse to communicate with bradkovach.com unless HTTPS is available.  This affects all subdomains.
  • projects.bradkovach.com will return 406 Not Acceptable for any clients that do not attempt to communicate over HTTPS.
  • bradkovach.com will redirect traffic to HTTPS if any requests are made over HTTP.  This is a potential security risk as the request path and query string will be exposed prior to the redirect.  Since the contents of bradkovach.com are public, the trade-off was made in the interest of convenience.
  • I have taken down my public email address and now request that you use my Secure Message form.  I will receive your message via email and use PGP to decrypt it.  Optionally, you can use this facility to securely send me your public key so that we may begin secure correspondence.  By design, no sensitive information is exposed in email headers.
  • My Secure Message form is available as a free plugin so that you can also accept encrypted email from your visitors.
    • I recommend that your site use HTTPS full-time with this plugin.
    • There is no client-side encryption at the moment, which might compromise the security of the message when HTTPS isn’t used.
    • It is licensed GPLv2.0 in accordance with its relation to the GPG project as well as WordPress.
    • Download and Installation details can be found at the GitHub repository.
    • Please feel free to send a pull request if you would like to improve the plugin.
    • I will package the plugin for the WordPress Plugin Repository soon.

Using the SharePoint Social Comment Web Part

This issue has been miserably annoying to me, and I have spent a long time figuring out how to appropriately utilize the SharePoint Social Comment Web Part.

Here’s how to do it.

I know this works with SharePoint 2010.  This might work in SharePoint 2013…

1. To your web part project add a reference to the Microsoft.Sharepoint.Portal namespace.  This is NOT listed in the “Extensions” section of Visual Studio, and you’ll need to browse for it.

c:\Program Files\Common Files\Microsoft Shared\Web Server Extensions\14\ASAPI\microsoft.sharepoint.portal.dll

2. Create a placeholder in your Web Part’s ASCX file…

<asp:PlaceHolder runat="server" ID="plcComments"></asp:PlaceHolder>

3. Add a SocialCommentsWebPart to the placeholder in your Web Part’s .ascx.cs file

You can replace the Page.Request.Url.AbsoluteUri part with any URL.

4. The comments form should appear upon page load.   You might need to wrap the code in step 3 with  if(!IsPostBack){ ... }  but this usually works.

Are you representing a brand on Twitter? Read this.

Before you hire someone to run your Twitter account, they should be checked for basic Twitter competency before you hand over the keys to your brand.  Here are some things any Twitter brand pro needs to know.

1. The dot-mention

Starting a tweet with a username pretty well guarantees that it won’t be seen by anyone except you, the user mentioned, and any mutual followers you may have.  If you want to start a tweet with a username as a noun in your tweet you need to prepend it with a character.  The crowd has spoken!  Just place a period in front of the username to prevent it from being treated like a reply.

2. The favorite button isn’t anonymous

As part of Twitter’s revised algorithm, certain Tweets are put in your followers Timelines when you favorite them.  Be wary, this can have devastating consequences for your brand.

You wouldn’t want to favorite a magnificently hilarious and inappropriate tweet and then have your brand’s name saying “[your brand here] favorited:”

3. People love to be told what to do

Doing the whole “RT if you like xyz” is incredibly effective.  Hijacking things like sports/university affiliations are a very good way to get tons of cheap exposure.

4. Don’t phone it in.

Lots of brands think they can get away with auto-posting their Facebook Page statuses to their Twitter accounts.  Every single one of those tweets comes with a “fb.me” link.  Nothing advertises your ambivalence to Twitter quite like this.

These channels are different, and should be handled differently.

Scheduled content should be handled appropriately, as well.  If it’s obvious that a tweet was sent by a robot because no human wanted to be around to pull the trigger, some may perceive apathy.  Use scheduled posts sparingly.  Using scheduled posts for time-based contests (“We are going to announce a secret contest code word at 1 PM MST”) is a great way to ensure flawless execution of a time-sensitive campaign.  Other tweets?  Proceed with caution.

5. Visual content is most likely to win

Twitter’s research states that a Tweet with a photo is 35% more likely to be retweeted.

6. Hashtags are a force

Don’t try to be cute with hashtags.  Hashtags are used to allow the wealth of Twitter’s jabber congeal around a subject.  Used wrong, they can backfire terribly.

digiornos-you-had-pizzaDiGiorno Pizza proved that hashtag hijacking is not always the best idea with this Tweet.  The #WhyIStayed hashtag was being used at the time for victims of domestic abuse to share why they stayed in an abusive relationship.

Remember: with Twitter you are not in control of the discourse, and things can turn against you very quickly.

Here is where VH1 tried the hashtag #AskThicke. The discourse soon shifted.  People were grilling Robin Thicke for sexism, calling his hit song “Blurred Lines” a rape anthem, among other things.

If you’re going to go with a hashtag, make sure there is no way for it to backfire.  Comedy Central’s @midnight is a pace setter in this space.

7. Be personal

Nothing charms your followers more than a friendly discussion on Twitter.  Use emoji and emoticons.  Make jokes.  Talk to other brands.  People are on Twitter to chat without boundaries.  Go for it.

8. Distill.

You have 140 characters, and you should use them wisely.  Don’t use hashtags ironically or flippantly.  Your tweet should have meaning, and not be a waste of your followers’ time.

Thai Peanut Pasta

Al dente noodles covered with thai peanut sauce, parmesan, basil, oregano and fresh lime.
Al dente noodles covered with thai peanut sauce, parmesan, basil, oregano and fresh lime.

This quick recipe is tangy, spicy, and good as a hot meal or served cold as a salad.  As a meal, serves two.  As a side-dish, serves four.


  • 8 ounces of bite-size pasta (Rotini, Penne, Bowtie, etc)
  • 1/2 lime (keep other half for peanut sauce)
  • Grated parmesan
  • Basil
  • Cilantro
  • Fresh-ground black pepper
  • Thai Peanut Sauce (adapted from Blendtec’s recipe)
    • 1/4 cup milk (non-dairy is best, but not necessary)
    • Juice from 1/2 lime
    • 1 tablespoon honey
    • 1 tablespoon ground ginger
    • 1 tablespoon minced garlic (or one whole clove)
    • 1/3 cup peanut butter (creamy or chunky)
    • 1 tablespoon hot sauce (I use Sriracha)


Begin by boiling 1 quart of water.

Combine all ingredients for the Thai Peanut Sauce in a blender, and blend until smooth.  If you used non-dairy milk, you can put the sauce in a squeeze bottle for easy application (highly recommended).  Label and store in your fridge.

Cook the pasta to al dente (roughly 10 minutes).  Drain the pasta and return to pot or to a serving bowl.

Add enough Thai peanut sauce to coat the pasta.  Add Parmesan, pepper, cilantro and basil.  Toss to coat evenly.  Squeeze fresh lime on top.  Serve with more Parmesan, cilantro and basil to garnish.  Optionally, garnish with lime wedges.

Serve immediately, or to serve as a salad, refrigerate over night.

I’d better not see that on Facebook.

I’d better not see that on Facebook.

Here’s a quote you hear after every camera flash at every party you ever go to.  Or people milling about reminding people to not tag them in photos.

And why is that, exactly?  So their Mom won’t see?  So that potential employers won’t see what an animal they are?  (employers should never screen prospective employees using Facebook, but that’s a topic for another day)

The answer is: yes, to all of these questions.  But the reason is simple: people want to be in control of their digital identities.  And that leads me to the thesis: stop putting embarrassing photos of your children online.

We are pioneers of a new frontier.  We were thrust into a world with social media, but we weren’t given the foresight to see how it will affect our identities months, years, decades, or millennia in the future.  It was a slow fade–we all enjoyed tagging on Facebook, but then what happened?  People lost jobs, or were flatly refused employment as a result of their emerging online identities.  Our consciousness shifted.  We realized that there were consequences to sharing on Facebook.

It’s time for our consciousness to shift again.

The next generation is being forced into social media.  Their online identities are becoming known to Google and Facebook, and they don’t even have a say in the matter.  We live in a world where Facebook has facial recognition engines as good as (or better) than the human brain, but infinite capacity to store that data.

Facebook’s facial recognition is a terrifying collection of data.  This means that a photo you took in a Las Vegas club could actually connect you to the people in the background and margins of your frame.

We are subjecting our children to this scrutiny.  Our children are not even ready to fathom the expanse of the Internet and how it shapes their identity, yet we are dumping their lives, moments, and history into a machine that knows more about the state of humanity than the world has ever known.

Our lives are being cataloged.

Every photo you take is algorithmically scrutinized.  Every post you make is geotagged so you won’t forget where you were.  Every hashtag you use is intimately connected to the breath of global consciousness.

This is perfectly okay–for you.  Your children do not need their lives pasted into a digital scrapbook they have no control over.

In the past year, I’ve seen…

  • pictures of naked children in bathtubs (way too many, actually)
  • videos of children crying as they are forced into using a training toilet
  • videos of naked, panicked children running around the house during a rain storm

And I could go on.  If you’re not comfortable sharing this level of detail about you and your personal life on Facebook (Twitter, Instagram, etc), then you shouldn’t post these things about your children, either.

Free WordPress Theme! Introducing Civique.

I’ve been working on a WordPress theme lately.  It’s a theme designed for non-profit organizations, but it could work well for almost any organization.

It is MIT Licensed (compliant with GPLv2).

It has full support for…

  • Theme Customization
    • Header color
    • Logo (keep it under 75 px tall)
  • Header Images
  • Post Thumbnails
  • Attachment alignment
  • Menus
  • Sidebars

It includes other goodies, too…

  • Non-profit Summary Shortcode
    A shortcode that uses the ProPublica Nonprofit API to generate a page of information about your 501(c)(3) organization, including summaries of non-profit financial activity.  Insert the shortcode [civique_summary] to display the non-profit rundown.
  • Fundraiser Progress Widget
    Add the Civique Fundraiser Widget to your sidebar to easily show progress on one or many fundraisers.  Add as many fundraisers as you need.  They will show a progress bar, and a link to an online donation page, if you include it.

It is an open-source project hosted by the United Way of Albany County.

WordPress Goodie: Theme Customization API code generator

This isn’t quite as robust as what I usually find over at GenerateWP, but it’s certainly handy, and it makes it easy to correctly link your settings to groups to controls.

There are some limitations

  • No support for non-text WP_Customize_Control elements.  This is an easy fix, and you should reference the official WordPress API Documentation for more help.
  • It is an Excel spreadsheet.  It SHOULD open in OpenOffice/LibreOffice/Google Spreadsheets, but I make no guarantees, nor have I attempted to test these claims.

Download WordPress Theme Customization API Generator (Excel Spreadsheet)

MIT Licensed

Copyright (c) 2014 Brad Kovach

Permission is hereby granted, free of charge, to any person obtaining a copy
of this software and associated documentation files (the “Software”), to deal
in the Software without restriction, including without limitation the rights
to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
copies of the Software, and to permit persons to whom the Software is
furnished to do so, subject to the following conditions:

The above copyright notice and this permission notice shall be included in
all copies or substantial portions of the Software.