Presidential candidate website tech, compared

Today, Hillary Clinton announced that she’s running for president. She also launched a new website.

Over the next year, political pundits will spend far too much time dissecting the horse race, scandals (real or imagined), the electoral college and more polls than you can shake a stick at. I’m doing none of that. I’m just looking at websites.

So, you want to run a country. Can you hire someone who can run a website? These days, that means all new sites, whether running the government or delivering news should be built over HTTPS.

Here’s how the (declared) candidates’ sites fare:

Site hillaryclinton.com tedcruz.org randpaul.com marcorubio.com Expected
HTTPS works ish [1]
HTTPS default
HSTS
Requires SNI [2]
https site.com redirects to www 404 error works works
https www.site.com works redirects to http://www.tedcruz.org works redirects to https://marcorubio.com
canonical hostname www.hillaryclinton.com www.tedcruz.org none marcorubio.com something
SSL Labs rating A [3] A A A A+
sha2
intermediate sha2
cert vendor Comodo RapidSSL RapidSSL Comodo
intermediate cert vendor Comodo GeoTrust Global CA GeoTrust Global CA Comodo
cert type Wildcard Wildcard Wildcard SAN Wildcard or Standard
CDN Fastly CloudFlare CloudFlare CloudFlare something
Server signature nginx (hc.com)
AmazonS3 (www)
CloudFlare nginx CloudFlare nginx CloudFlare nginx
Tech Python (?) [gunicorn 19.1.1 + Varnish]
groundwork [4]
WordPress 4.1.1 PHP 5.5.9
Ubuntu
WordPress 4.1.1
Registrar Network Solutions GoDaddy Fabulous.com Pty Ltd GoDaddy hopefully not GoDaddy
Whois Privacy Domains By Proxy, LLC Whois Privacy Services Pty Ltd Domains By Proxy, LLC
Origin IP ?? 64.39.8.246 [5] ?? ??
Origin Server ?? Apache/2.2 ?? ??
Mail server Gmail Gmail Gmail Gmail
IPv6
ESP (SPF) SilverPOP Systems Marketo, Sendgrid Mailgun VerveMail
SPF type TXT TXT TXT SPF TXT
robots.txt
robots details Disallow: /api/ Disallow: /wp-admin/ nothing disallowed [6]
Site hillaryclinton.com tedcruz.org randpaul.com marcorubio.com Expected

I’ll update this as more candidates declare or sites change.

Notes

  1. https://www.tedcruz.org works, but https://tedcruz.org gives a 404 error.
  2. Sites that require Server Name Indication (SNI), such as this one, are incompatible with a handful of legacy browsers.
  3. Fastly’s www.hillaryclinton.com gets a score of 90 on key exchange, while the AWS servers (hillaryclinton.com) get a score of 80. The AWS servers also have an extra cert in the chain (signed with SHA1).
  4. Groundwork appears to be a custom JavaScript web framework. It does not seem to be related to either the I Like Robots Groundwork or Groundwork CSS.
  5. Likely origin, based on server responses.
  6. Redirects to https://www.marcorubio.com/landing/stream/.

Updates

  • 2:01am EDT: Fixed randpaul.com topline.
  • 8:46am EDT: Fixed spelling of spend and fastly.
  • 11:33am EDT: marcobuio.com (now) seems to have certs signed with SHA-1.
  • 2:27pm EDT: Added robots.txt.
  • 2:35pm EDT: Added “Expected” column.

Monte McNaughton is a homophobic bigot

“It’s not the premier of Ontario’s job — especially Kathleen Wynne — to tell parents what’s age-appropriate for their children.”
—Monte McNaughton

“What is it that especially disqualifies me for the job that I’m doing? Is it that I’m a woman? Is it that I’m a mother? Is it that I have a master’s of education? Is it that I was a school council chair? Is it that I was the minister of education? What is it exactly that the member opposition thinks disqualifies me from doing the job that I’m doing?”
Kathleen Wynne

On Feedback

Jobs’s taste for merciless criticism was notorious; Ive recalled that, years ago, after seeing colleagues crushed, he protested. Jobs replied, “Why would you be vague?,” arguing that ambiguity was a form of selfishness: “You don’t care about how they feel! You’re being vain, you want them to like you.” Ive was furious, but came to agree. “It’s really demeaning to think that, in this deep desire to be liked, you’ve compromised giving clear, unambiguous feedback,” he said.

The New Yorker

 

Ain’t no party like a no-party party

Sometimes indepenence isn’t enough. Want to make sure folks know you’re not a member of a political party? Here are 74 ways people have done this:

  • Do not wish to specify
  • dont have one
  • Dont have one.
  • dont know
  • dont no
  • DONT NO YET
  • Dont want to say
  • I am not affiliated with a party
  • I cant recall.
  • I Dont Know
  • I dont know yet
  • ideas no set party
  • Im not sure
  • Indenpendent Conservative
  • Independant/ conservative
  • Independantly Independant
  • independantly nelson
  • Independent American Party of Nevada
  • Independent democrat
  • Independent Liberal
  • Independent Moderate
  • Independent Party of America
  • IndepenDENT spell it right idiots
  • Independent voter
  • No Affiliation
  • no affiliation with any
  • No Offiliation
  • No party affiliation
  • Non Affiliated
  • non partisan
  • Non Partisen
  • non Partison
  • Non-
  • Non-Affiliate
  • non-affiliated
  • Non-partisan
  • none officially
  • nonpartisan
  • not
  • Not Affiliated
  • Not affiliated with any
  • not affilliated
  • NOT AFFLIATED
  • not applicable
  • not going to say
  • Not registered for a party
  • npa
  • other
  • Prefer Not to State
  • un
  • UN DECIDED
  • una
  • Unaffilated
  • unaffiliat
  • Unaffiliate
  • Unaffiliated
  • UNAFFLIATED
  • Unafiliated
  • Unafilliated
  • Uncertain
  • uncommitted
  • Undeceided
  • Undecided
  • Undecited
  • Undeicded
  • Undertermined
  • Undetermined
  • undicided
  • Unenrolled
  • unknown
  • Unnafiliated
  • Unofficiated
  • Unpartisan
  • unsure anymore

Declaring independence … from the dictionary

Be careful when you give people a freeform text field. They’ll get creative. Here are 28 — yes, 28 — ways people spelled “independent”:

  • endapendent
  • IDEPENDENT
  • Ind.
  • Indenpent
  • indepant
  • Indepdendent
  • Indepedent
  • indepenant
  • Independance
  • Independanr
  • Independence
  • Independent
  • independiant
  • independient
  • independnt
  • Indepenent
  • indepent
  • Indepentant
  • indepented
  • Indepentent
  • Indepependent
  • Indipendant
  • indipendent
  • indopenit
  • indpendant
  • Indpendent
  • Indpndt
  • undependent

Fido’s data plans are stuck in the last decade

Not only are they suggesting MySpace as something you might use:

Screen Shot 2014-10-13 at 9.42.05 AM

…but $10 gets you a whopping 100 MB.

Joe Flacco has a very good day

Thirty-one ways to leave your lover

If you run any sort of text messaging service, you’ll have to process unsubscribe requests. The standard such messages is “STOP.”

To make things easier for customers, in addition to “stop”, I wrote code that also looked for “unsubscribe”, “quit”, “cancel”, “end”, “delete” and anything beginning with the word “fuck.” (Messages merely containing the word fuck often wanted something else entirely.)

Many folks are pretty…creative with their cease-and-desists messages, and manual review is required to make sure you catch all of them. Here are thirty-one such requests for your amusement:

  • Already did!!!! Stop harassing texts… This is invasion of privacy
  • Cancel
  • Da fuck?
  • Delete me off the record
  • Dont ever text message me again
  • Dont give a fuck!!!
  • Don’t ever text me you fuck
  • Don’t text me
  • Don’t text this number again.
  • Ech don’t text me
  • End
  • Fu
  • Fuk u
  • How can I get you to STOP sending me messages?
  • I know. Stop please.
  • I will now report this phone number as illegally spamming per the FCC
  • Leave me alone
  • Please remove my phone number.
  • Please stop texts
  • Pls stop sending me messages!!!!
  • Qui
  • Quit
  • Remove
  • Remove please
  • Shame on you! It’s illegal to solicit cell phone numbers
  • Shut up
  • Stoo
  • Take me off this list.
  • Yes I have now stop texting me
  • Yes I have, you can stop sending texts now
  • Yes STOP

Book publishers, infused with aggrieved privilege 

Clay Shirky’s essay on Amazon and the book industry is so full of great lines, it’s hard to pick just one.

The fact that any bookseller ever “runs out” of a book is now ridiculous. In the twenty-first century, not being able to correctly stock or distribute a product whose main ingredient is information suggests a degree of technical and managerial incompetence indistinguishable from active malice.

NYC 311 service request status bookmarklet

Easily check the status of your service request without going through the clunky website or fighting a CAPTCHA: NYC 311.

This works best with a plugin like JSONView.