Palante Tech Coop has been tracking the Heartbleed bug since it was publicly announced in early April 2014. Read below for tips on how to protect your organizational and personal data and find out about steps Palante's taken to protect our clients.
Since there's a lot of possibly initimidating text below this, here's a handy jump menu that will let you skip down to the section that's most relevant to you:
Palante Tech Blog
Palante Tech is proud to have worked with the International Labor Rights Forum, a human rights organization that advocates for workers on a global scale. We helped ILRF develop a website plan based on their goals and audiences, migrated content from their Drupal 6 site to Drupal 7, and worked with their designers to build out a new responsive site design to stay inline with their branding. We're eager to continue to work with ILRF as we roll out even more site features in the near future.
A client recently asked us to create a members-only curriculum section, which allows certain logged-in users to download from a library of PDFs.
The client also wanted to be able to track which users were downloading which materials in CiviCRM, so they could target the downloaders of certain materials with follow-up e-mail.
To do this, I wrote a very simple Drupal module to log the downloading of materials as an activity in Civi. It hooks Drupal's hook_file_download to make calls to the CiviCRM API. Note that this module probably shouldn't be used as is in your site - it lacks error handling. I'm posting it primarily as learning material. Also, suggestions/feedback are welcome!
If Palante set up your office server, it is very likely running Debian Linux version 6. We set up Debian as the operating system for our client servers due to its stability, flexibility, and low cost of operation. Debian is open source software, and all software updates and upgrades are free to download. However, security support updates for Debian 6 will be coming to an end soon. That means that servers running Debian 6 will need to be upgraded to Debian 7 or later; otherwise they will be at risk of experiencing security holes or other bugs.
Recently at the Aspiration Tech Nonprofit Software Developer Summit, Jamila gave a short presentation based on their work with setting up Ubuntu LTSP computer labs. Our clients have found this to be a great use of old computers which are too slow or too broken to use otherwise. The computers are set up in such a way that there is one main computer running as an Ubuntu Linux server, and then several computers can be set up as terminals that connect to that server.
Palante recently launched a new Drupal website for FIERCE, a grassroots organization that builds the leadership and power of LGBTQ youth of color in New York City. We helped FIERCE shape a website plan based on their goals and audiences, migrated content from their old, proprietary content management system into Drupal, created a new mobile-friendly site design based on their existing organizational branding, and integrated Drupal Commerce store and CiviCRM mailing list functionality into the new site. Palante is proud to work with FIERCE as they continue their brilliant and vitally important work in NYC and nationally. The rebellion is not over!