Louis Kessler’s Behold Blog

Interesting events! Yesterday, Bob Coret realized that there were two versions of GEDCOM 5.5. Bob wrote on his Google Plus account yesterday:

I compared the grammar published in the #GEDCOM 5.5 LDS/PDF ("2 January 1996") version to one in the #GEDCOM 5.5 McBride/HTML ("Revised 10 January 1996") version and found several differences, some small, some big!

And then he posted on his blog: Which GEDCOM 5.5 grammer is correct?

Supposedly there was an “Errata sheet” that includes the corrections that would descript the differences in the two version. The problem was, there was no such Errata sheet to be found anywhere on the Internet.

Looking through the GEDCOM-L maillist archives, it was apparent that this Errata Sheet was only sent to a few people. Tamura Jones, in an email about this yesterday found this reference in the GEDCOM-L maillist archives from Brian Madsen in 1996:

From what I can tell, Brian Madsen was one of the developers of a DOS program called Genealogical Information Manager. It still has a website up at www.gimsoft.com, although the page was last updated on 11 Jul 2000 (over 14 years ago). Who knows if GIM still works, but none-the-less, I still list GIM on GenSoftReviews.

So there was someone who had it! Or least someone who had it over 18 years ago. I thought I’d follow that up and found a more recent email address for Brian Madsen (from 4 years ago) and sent him out an email.

To my great pleasure and surprise, he emailed me back and said:

Boy, talk about a blast from the past.  I had to go digging through an old file drawer in the back of a closet that hasn’t been opened in a long time.

*cough*cough*dust*cobwebs*

He sent me a scan of the two Errata pages, which I’ve now converted into a pdf document and have sent to Bob and Tamura.

And yet another bonus:  Brian said he also has, on paper, a GEDCOM 3.0 spec dated 9 October 1987, and a GEDCOM 5.0 spec dated 31 December 1991. He said that he will, when he gets sufficient time, scan those and send them as well.

So this is really wonderful. Here we have “lost” paper documents that really are archival treasures describing the evolution of GEDCOM, that are finally being resurrected. They feel like papyrus documents, but really they are just 18 to 27 years old. We finally are doing our duty and preserving this important history.

The final tabulation now of what has been found in the past few months:

• Information about GEDCOM 1
• Information about GEDCOM 2
• The GEDCOM 3.0 specs (coming from Brian Madsen)
• The GEDCOM 4.0 specs
• The GEDCOM 5.0 specs (coming from Brian Madsen)
• The GEDCOM 5.5 errata

Pretty awesome!

2014 is almost over. It’s been quite a full year for me. This is my 35th blog post for the year. I’ve also been active on Twitter and GooglePlus.

I started the year off preparing for a lecture on Windows Phone for Genealogy at RootsTech 2014 in Salt Lake City. Then shortly after I got back, my father passed away and that messed up the entire spring for me. During the summer, I spent a lot of time preparing a comprehensive talk called “Reading Wrong GEDCOM Right” for the Gaenovium Genealogy Technology Conference in October in Leiden Netherlands. I helped rediscover GEDCOM 2 and GEDCOM 1 and GEDCOM 4 specs. I submitted a paper on Standardizing Sources and Citation Templates to FHISO in August. Shortly after that, FHISO started getting active and I was following the discussions and contributing to them somewhat.

But it was the Gaenovium conference that got me motivated again. After I got back, I knew it was my task to put all my efforts into getting that next version of Behold out. I motivated myself with an #amprogramming hash tag on Twitter, with the goal of programming every day for as long as I can. I even have an App on my Windows Phone that counts the days for me and says today is day number 78 since I began. I’ve been pretty diligent, and I’ve probably been able to work hard on Behold on 70 of those 78 days.

In the process, I upgraded the Find Files routine from Behold for the next version, and in November released it as a standalone freeware program called GEDCOM File Finder.

But alas, I never did get a new version of Behold out in 2014. Tamura Jones has threatened that I may get one of his GeneAwards as Vapourware for 2014 for promises of a release without the actualization of one. I hope he doesn’t, as I’ve given up all my excuses up above.

Even so, right up to a week ago, I was still hoping I’d still be able to squeak Behold version 1.1 into 2014. But it wasn’t to be. The last 3 days, I was trying to help my daughter solve her computer crash. Looks like we’ll be reinstalling Windows for her on Jan 1. (She did do a full backup less than 2 weeks ago)

I’ll be back working hard on Behold in the new year, and I do expect to release Version 1.1 in January.

Hope your 2014 was good and productive.
Wishing your 2015 to be bigger and better.

I, like anyone, am concerned when I type in credit card information online. We’ve all heard of a rash of hacks into online databases such as Target a year ago and Home Depot in September. So it didn’t surprise me to hear about a crackdown on security measures to ensure that your credit data is made safe.

When people purchase Behold, they have to do it through my BuyNow page. Even though the page looks like its part of the rest of my site, if you look at the address bar in your browser, you’ll actually see it is a secure page (https, rather than http) and it is not on my site beholdgenealogy.com, but it is on bluesnap.com. BlueSnap is the payment processing company I use to handle purchases of Behold.

BlueSnap is not a small company. They process purchases for tens of thousands of vendors, some smaller and some larger. They take security seriously. The crackdown on security has led to stronger standards for storage of credit card information. BlueSnap informed all their clients a couple of months ago that we are now required to become PCI DSS compliant. That stands for the Payment Card Industry Data Security Standard, and ensures that the way credit card information is stored and accessed is safe, right down to shredding any paper printouts of the numbers.

Fortunately for me, since I use a third party for processing, I don’t have or even have access to any of the credit card information used to purchase Behold. BlueSnap maintains that data with a staff to ensure security on their servers following the standards.

Even so, there were a number of non-trivial steps necessary for me to become PCI DSS compliant. BlueSnap uses Security Metrics to help them. In the past week, I had two phone calls with Security Metrics, several emails, filled in an online questionnaire, and was called back by them today, Boxing Day, to finish the assessment. They have a toll free number from Canada available 24 hours (except not Christmas Day).

So going through this makes me feel more confident about how BlueSnap treats security. In addition to the Secure BlueSnap, BBB Online, Norton Secured and McAfee Secure icons I show at the bottom of my Buy Now page, I have now added the PCI DSS compliant logo shown earlier in this post, and it links to BlueSnap’s page about security on their website.

So, how safe are your credit cards when you give them to other genealogy vendors. The big ones like Ancestry have a secure payment page, that shows off Thawte, BBB and TRUSTe logos. The BBB logo links not to the BBB assessment of their company as it should, but just to the BBB home page. I don’t know why they don’t include the link since they are rated A+. Maybe its because of the complaints on that page, for instance those about attempting to cancel online. But that’s another matter, not dealing with the safety of your credit card data.

You have to search for it, and if you do you can find that Ancestry is in fact PCI DSS compliant as they state so in Section 3.16 (b) of their Form 8-K from Oct 22, 2012. And that’s good! It does not guarantee that they will never be broken into, but it at least does indicate that they take security seriously and have put in place the standardized measures that are designed to protect you.

With a company as big as Ancestry, they should be cognisant of security, and they are. But as I have found out over the years, security is not a simple thing for smaller companies to manage. I’ve written before about how I code-sign the Behold program and get it Windows certified for the user’s safety. I can vouch for what I do. But I can’t vouch for what everyone else does.

So be careful when supplying your credit card on the Internet. Ensure that you are dealing with a reputable company that shows that it is working to ensure the security of your transaction. Always check before you purchase something online and see if the vendor displays trust logos. Then click on the logos and see if they take you to somewhere official that confirms that the logos are valid. And never provide your credit card on anything other than a secure (https) web page. Non-secure transaction pages are the most obvious indication that safety measures at that particular site are lacking.