The Leanpub Blog: On Writing, Publishing, Self-Publishing and Ebooks
published Nov 29, 2016
Peter Yaworski is the author of Web Hacking 101: How to Make Money Hacking Ethically. In this interview, Leanpub co-founder Len Epp talks with Peter about his career, his book, and his experience self-publishing on Leanpub.
This interview was recorded on August 9, 2016.
This interview has been edited for conciseness and clarity.
Len: Hi, I’m Len Epp from Leanpub, and in this Leanpub podcast, I’ll be interviewing Pete Yaworski. Pete is a self-taught developer with experience in Rails and Android, and has a specific interest in software security. Pete enjoys passing on what he’s learnt to others in his published YouTube tutorials, and he is currently the lead developer at Dailylearns.com. You can follow him on Twitter @yaworsk, and you can check out his website at www.torontowebsitedelveloper.com.
Pete is the author of the Leanpub book, Web Hacking 101: How to Make Money Hacking Ethically. His book is focused on demonstrating real-world examples of security vulnerability reports that resulted in bug bounties, and specifically on becoming an ethical hacker, and using the skills you learn to do good in the world, making the internet safe both for users and for companies.
In this interview, we’re going to talk about Pete’s professional interests, his book, his experience using Leanpub, and ways we can improve Leanpub for him and other authors at the very end. So thank you, Pete, for being on the Leanpub podcast.
Pete: No worries. Thanks very much for having me.
Len: It’s our pleasure. I always start these interviews by asking people for their origin story, so I was wondering if you could tell me how you got into web development in the first place, and how you made your way into the security scene?
Pete: I guess in terms of web development, I’ve always like programming, I’ve always liked computers. I kind of I fell out of it in high school, and went on to university and got a master’s degree. When I got out, I was working in the public sector and government here in Ontario. One of the projects that we had was a web development for - I guess what they were calling at the time, “Web 2.0”. It was kind of ground-breaking for government to do this, so I was working on the policy side of that. Qe developed this project, and it was my first introduction to Drupal. From there, I just kind of go into Drupal and realized what the world of web development looked like, and started trying to learn as much as I could.
From there I started developing sites on the side. One thing led to another, and I took a leave of absence from the government for a gig at a startup in Toronto. Then with a baby on the way, looking for a little bit more stability, I went back to government. When I did that, I happened to read at the same time a book about Anonymous and what they had done. I’ve always had an interest in security, especially from the developer standpoint. And at the time, I was also taking a look at Coursera sites, and there happened to be one on security, and things just kind of fell into place.
One thing led to another where I took the course, read the book, started looking around, and I came across Bugcrowd, which is a platform for hackers essentially. They have a forum there, and I was going through the forum, and somebody had referenced the HackerOne platform, which is another bug bounty platform. HackerOne keeps what they call a “hacktivity”; it’s a list of all these public disclosures of people who have found vulnerabilities on websites. And for me, it was just a treasure chest of information, and that was my first step into hacking. I kind of learned what SQL injections were, cross-site scripting, all that kind of stuff. I execute them, find them, and it took off from there.
Len: What was your master’s degree in?
Pete: Public Administration.
Len: Did you do that at the University of Ottawa?
Pete: University of Queens.
Len: That’s a really cool path. I’ve interviewed lots of people who make their way into web development from something completely different, but never from the world of public policy, so that’s really fascinating.
I was wondering - there’s a lot that we can talk about, of course - ethical hacking, hacking, security and stuff like that, but I was wondering if you could explain a little bit maybe about what a bounty is?
Pete: A bounty, for lack of a better term, is a payment for finding a bug on a website. And that bug is typically security-related. So big sites, little sites, all shapes and sizes will either offer their own platform, which typically you don’t see unless it’s a big site like Google. PayPal offers their own as well. But then you have other sites that will use a platform like HackerOne or Bugcrowd. I guess there’s also a couple other - I should be fair. Cobalt, and the fourth one is escaping me.
But anyways, they’ll use these platforms, set up a program and they’ll have a defined scope. So it’ll tell you, “We want you to hack on maybe our core website, or any domain that we have.” And they’ll kind of open the door and say, “Hackers, come check us out.” Sometimes it’s a private program, where you get invited based on your previous experience. And sometimes it’s not. Some pay, some don’t. But the whole idea is if you find something and they pay you get what’s referred to as a bug bounty.
Len: And what’s the biggest bug bounty that you’ve ever earned?
Pete: I think my biggest payment was 25K - oh sorry, not 25K, that sounds a lot worse, or a lot bigger. $2500. And I happened to get that from the HackerOne platform itself.
Len: I’ve got a question about that. Is it ethical for someone - if you discover a vulnerability, say on a website - to email like the administrator of the website and say, “Hey, I found something. Pay me.”
Pete: I would say, I would leave out the “Pay me” part. And even the question of finding stuff is, again, for lack of a better term, questionable. I can tell you, I’ve done it, and it’s not always– Sometimes I’m a little bit hesitant to do it, just because there have been experiences where people have gone and hacked on a site and companies don’t take it well. Especially if there happened to be kind of the malicious people that are out there at the same time. So if you happen to be looking at something, and you happen to do something that a malicious person is doing, it could be misinterpreted as you doing what they’ve done. So I guess to answer your question, I wouldn’t necessarily recommend it. I definitely wouldn’t recommend, “Hey, I found a bug. Pay me.”
Len: That’s a really clear answer, and one I’m glad to hear. It’s funny, when I was looking at your book, I was reminded for some reason of one of my favorite shows from the 80s, which was Magnum PI. I don’t know how many of our listeners will remember that. But at the very beginning of the very first episode of Magnum PI, he’s breaking into the compound. And you don’t learn until afterwards that he’s been paid to break in, to discover security vulnerabilities. And he actually, in the show, gets into computers a little bit, as well, eventually.
But there’s this great scene when he’s trying to break into the Ferrari, his iconic Ferrari. And Higgins, the sort of majordomo, has sent the dogs after him. And Magnum has this moment where he’s like, “Don’t look at the dogs. Don’t look at the dogs. Don’t look at the dogs.” And he’s just got to focus on getting into the car. I was wondering if web hacking has any analogies to that? Where you’ve got to really stay focused on one part of what you’re doing, when something might be coming at you from another direction?
Pete: That’s a really cool analogy. It kind of resonates - I don’t know if every necessarily been chased by the dogs. But I can tell you from what I refer to as the ethical, the white hat perspective - that focus is definitely there. I’ve been lucky enough to see some hackers working on sites, and one of the things that I’ve recognized that I need to focus on is that - lack of a better term, again - that focus. That kind of resiliency.
Especially when you see something that you know that isn’t right, and that could potentially be a vulnerability. For me at least - when I’m working on a site, sometimes it’s tough. You put in 30 minutes, an hour, hour and a half, two hours and you don’t see anything that looks like it could be potentially exploitable. And so then you start thinking about, “Well, what am I doing with my time?” And at least for me, I can’t speak for others - it starts really becoming a mind game.
Where it’s, “Should I keep going? Should I not keep going? What’s going on? Should I do this? Should I change targets?” Whereas some guys who are very successful, I just see them - they sit down, an hour, two hours, three hours, four hours. They might not find anything, and then all of a sudden something clicks and they do find something. So I don’t know if it entirely answers the question, but yeah.
Len: That’s really interesting. It was a question about the internal workings of what it’s like when you’re in the midst of this. And that’s a really good answer.
I was wondering if you wouldn’t mind talking about what the worst vulnerability is that you’ve ever found? I mean, worst can be interpreted in various ways, but I guess most potentially damaging to the company?
Pete: Yeah, I definitely don’t mind. I guess the one that comes to mind is actually really recent. Unfortunately I can’t name the program, because it’s a private program - and they still haven’t fixed it. But I mean once [they go public] I’ll probably disclose it, because I want to include it in my book.
But I found a couple things. One, I was able to [assess their] registration process. When you register, and you verify your account, they have this login process which eventually redirects you to a URL that includes a user ID in it. As I was watching this traffic, I decided to try and change that user ID. So let’s say I was User 123, I used a proxy - which is something that can intercept your traffic. So I stopped the request before it actually got to the site. And I said, “Instead of being User 123, I want to be User 122.” And I passed it forward to the website - and sure enough I was logged in automatically as User 122, and had access to their full account.
Len: Oh my.
Pete: Yeah, so that’s what’s called an Insecure Direct Object Reference, an IDOR. Those are kind of fun to find, because they can be pretty devastating. Other vulnerabilities I’ve found - actually on that same site, I was able to delete all images from the site. And I’ve also found - some fun ones are when you find information disclosure. So on another site, I happened to find a user object. So with that, rather than just return say a username, and a first name/last name, it would actually take the full object. So you might have a whole bunch of properties on there - 10, 20 properties. And they would return that in the response. So you wouldn’t see it on the website, but if you looked at the traffic you would see their account information. You would see their phone number. You would see all kinds of personal information.
Len: Oh my. Those sound pretty bad.
Pete: Those are fun.
Len: I wanted to ask you a little bit about what the white hat hacker community is like. You were mentioning to me before we started the interview that you were at something called DEF CON last week in Las Vegas. I should mention, it’s probably implicit in one or two of the questions that I’ve asked, but Pete is in - you’re based in Toronto that’s right? In Canada?
Len: And he was in Vegas last week for this DEF CON conference. I was wondering if you could tell us a little bit about that.
Pete: I guess it’s kind of a shameless plug, but I’m going to be writing up a blog post on it as well, because it was an incredible experience. I was lucky enough to be sponsored to go by a company who offered to bring me out, as kind of like a new and upcoming hacker. I wasn’t one of their top hackers. But I guess they saw some potential in what I had reported so they offered to bring me out.
And so I got out there, and I had known - I guess I know a fair number of people in the community. I had never met anybody face to face, and when we did - honestly it was such a tight-knit community, everyone was welcoming. Everyone’s really cool. Everyone is insanely smart. I can’t speak highly enough of the people that I met. Really, I didn’t have a bad experience with anybody there. It’s actually a really tight-knit community, but at the same time somebody new could walk in tomorrow.
A shout out to my friend Kev, who was in Vegas. He and I had never met, but he kind of started bug bounties when I started them. And we had chatted back and forth, talking about different vulnerabilities and stuff that we worked on. When I got out to Vegas, he came to the hotel right away. We hit it off, and we went to the HackerOne party together, and he just absolutely killed it when he was there. There were a couple events that HackerOne threw for hacking, and he walked in as kind of an unknown. I think he came in 2nd place in the hacking that we did there. So all that is to say, it’s not like it’s a closed community. I’m relatively new, Kev was new. If you’re good you share what you know, you’re kind of open. Everybody seems to reciprocate that type of atmosphere.
Len: And if you’re thinking of joining this community, where would you go as a first step?
Pete: As I mentioned there’s HackerOne and then there’s Bugcrowd. I’m not as active on Bugcrowd as I probably should be or want to be. But those two platforms are probably the best place to go. You can check out the programs that are there, and start reading through what people have found. So HackerOne has the hacktivity, and then Bugcrowd has their forums which also have some disclosures there as well. Those are great places to start because it’s open information about what people have found.
And then from there - I mean, I guess as bad as it sounds - Twitter is actually a great space for it. When you start seeing the people that are disclosing vulnerabilities on say, HackerOne, they typically have their Twitter profile associated with that on HackerOne, so you can check them out and start following them. You’ll start to see the conversation that goes in and around the community on different things - people posting blogs about stuff that they’ve found, explaining bugs that they’ve found. That’s probably the best. And then, shameless plug - you want to check out my book.
Len: Go ahead, plug away, Web Hacking 101 at Leanpub.
I was wondering specifically - I mean obviously people in the community get together for conferences and things like that, and collaborate around things online. But do people ever work in pairs, or in teams, to exploit vulnerabilities - or to discover vulnerabilities, I should probably say?
Pete: Yeah, they definitely do. I don’t have as much experience with it. It’s definitely something that I want to do, and actually coming to DEF CON I made a few good friends - we’ve stayed in contact and we’ve opened up our own chat, so that we can do that. We can stay together and we can work through things. But I know two of them, out of the four that we are now, they submitted stuff together when they were at DEF CON. And they’re working through - because the company’s asked for a more concrete proof of concept of a hack to be actually exploitable. But I know of a whole bunch of other guys that do hack together and have found vulnerabilities together. It definitely happens.
Len: I only know about this subject mostly from the tech press and things like that, but I was wondering if there was any discussion at the conference, or if you have a particular opinion of your own about the future of passwords? Are we going to be using passwords still in 10 years? Or will there be some kind of facial recognition or some other - or two-factor authentication everywhere, or some sort of addition to or alternative to password use?
Pete: That’s a good question. I mean, if I was completely honest, I probably haven’t given it much thought. I can tell you that I think 2FA, two-factor authentication, can definitely be improved by a lot of sites. I tend to like to look at it, and try to hack on it. I’m actually working through a proof of concept for it now, that I’ll be finishing up after this interview. So I mean, to answer the question, I think OAuth might be the way to go, where maybe you have a couple sites that are considered locked down and you use them, and you log in through them.
There’s also the idea of the 1Password, [where you use a] single password, and that service happens to store all of your passwords and kind of be locked down as well. But I guess recently, before DEF CON - there was a couple hackers looking at those, and finding vulnerabilities. So I really don’t know what the answer is, I don’t know what the future holds. It’ll be interesting for sure. Either way, I’m sure someone will find a way to break into whatever it is that comes along.
Len: That’s kind of the thing, right? I have a friend who’s got a very strong opinion about, for example, online voting for like federal government elections. And his opinion is that we should never do it, because anything can be exploited. If it’s an electronic voting machine - or at least if it’s done over computers and the internet and that kind of thing. Have you thought about that? Do you have an opinion? Is there a threat to democracy there? Or is the risk outdone, potentially, by the reward of having more people vote more often?
Pete: I like to think that technology offers us a lot of solutions, a lot of convenience. I don’t know that I would necessarily - I guess there’s a broader scale if you open up the technology that there’s potential for exploitation. But at the same time, there’s also quite a number of means to track that and monitor that. There’s also a lot of smart people that work with technology, right? So I think either way, systems can always be broken, whether they’re manual or electronic.
In terms of putting it online, I would be a proponent of that. I would say I like the use of digital services. And in terms of that - it could always be exploited, or someone will be out there. Open it up to us ethical guys, and let us take a look and see what’s there and report it. That’s a good way to plug some holes.
Len: One thing I’m curious about is what your setup is like? As a hacker, do you have a special type of computer? Or do you use special types of instruments of any kind?
Pete: I really wish I had a cool answer for that, but no. No, when I was doing web development, one of the things that I liked to do was record video tutorials, because I found that teaching others - and this is actually why I got into the book, was teaching others helped me solidify what I was learning. And so when I was doing that, one of the things that I invested in early was a computer that I could do video editing and that kind of thing on.
So it’s nothing special, but I think I have - which doesn’t sound as crazy now as it did when I bought it - but like 32 gigs of RAM, a great video card, two monitors. Again, and it all kind of sounds very standard now - but that’s pretty much it, just that. And then I typically, in terms of software - I use Burp Suite, which is a proxy which allows us to intercept traffic, take a look at it. I usually have a virtual desktop set up so I can run Linux while I’m using Windows. And then on my laptop it’s typically the same idea. I think I run Ubuntu on it, and I have Burp on there. I actually need a better laptop, but no, nothing overly special.
Len: There’s obviously a lot of Hollywood around people’s views about hackers. One particular narrative that people might have is of someone who, when they’re very young, does something they very much should not have done. And then later on, turns to the good side and puts on the white hat. Have you ever met anyone who’s gone through that? Or is that much rarer than people might think it is?
Pete: No, actually coming from DEF CON, there were quite a number of people who have that story.
I’ve done some pro-tip interviews as well. As I’ve tried to learn, I’ve been picking the brains of other hackers. And I think recently, I did one with Jason Haddix from Bugcrowd. And if memory serves, he’s the technical director of Bugcrowd, and he’s an awesome guy. He did a presentation at DEF CON 23, which was last year, on, he called it “How to Shot Web”. And so it was, how you become a successful hacker. And if memory serves from that interview, he started out doing some questionable things, and turned it around. And if I’m mixing that up, Jason - I apologize.
And then there’s some other hackers that I talked to, some that I met at DEF CON, who had that experience. One or two of them had some run-ins with law enforcement, and it really opened their eyes and they quickly stopped that. But at the same time, I’ve talked to other guys who are very successful, who I think started hacking because their parents would lock them out of the internet after an hour or so - and so they wanted to get around that. So, not everybody starts off on the dark side and comes over.
Len: That’s funny. I know a guy who ended up in design, not in hacking. But his first experience with technology was his parents trying to prevent him from watching cable. He had this kind of running game - but it wasn’t really a game - with his dad where he’d figure out little hardware hacks to get the cable working. And then his dad would see what he’d done and try and prevent that, and he’d have to come back and try a new workaround. It’s interesting that that experience of being young and being blocked from something that you want to do, can inspire this kind of desire to get through.
Len: On that note, I guess I would be remiss if I didn’t ask you something you probably are bored of being asked at the pub, but how accurate is Mr. Robot, the TV show?
Pete: You know what? I wish I was asked that more. So, this is going to sound bad, but I actually haven’t watched it. I’ve followed some conversations on Twitter, and I can’t think of who it is now, but the technical advice from that is provided by a hacker. From what I understand it is very accurate. That’s something I have to get into. I have a little one, so I don’t have as much time to watch TV as I would have liked. I meant to watch it on the flight to DEF CON, but things didn’t work out the way that I wanted them to.
Len: Oh well, fair enough. You’ll really enjoy it when you get to it. Thanks for the expert opinion coming from people who would know, that’s really good to hear, because it is just an amazing show.
Moving onto your book, shameless plug, Web Hacking 101: How to Make Money Hacking Ethically. I was wondering if you could explain a little bit about what the book is about and who it’s for?
Pete: Absolutely. As I mentioned, I started it off as a learning experience for me. As I was learning to hack, there’s a lot of technical stuff that’s out there and so I’ve written it for people who are brand new to the scene, who are kind of coming in and want to learn more. As I was working through that, I was reading reports. And I would recommend everyone check out Egor Homakov’s blog, because he does awesome work.
He was writing about some complex stuff, and I couldn’t follow it. I didn’t know what was going on. And someone in the comments had said, “I’ve written a plain language explanation of what he’s talking about.” And that to me was a light bulb that went off, and I was like, “If I’m having this trouble, and somebody else is having this trouble, and they’ve written an explanation of this, maybe there are more people out there that want that.”
So that was my first step into writing the book. Originally what I had tried to do was just take 30 vulnerabilities, and explain them in plain language. So if somebody was brand new to hacking they could understand what was going on. Like, what are the typical types of vulnerabilities that you find on a site? What’s cross-site scripting? What’s SQL injection? What are HTTP or HTML parameter pollution? Those kinds of things.
And in doing that, actually, HackerOne reached out to me. They had found the book, and I think Michiel from HackerOne, one of the co-founders, was the first customer that I had. He bought it within - I think - an hour of it going live. And then their CEO reached out to me and was really interested. He kind of kept poking and prodding me, and getting me to improve the book. And so it took off from there.
And really, the first half of the book is just explaining what the vulnerabilities are, and then after HackerOne pushed, poked, prodded, and also contributed to the book, we expanded it. I wrote about what a good report would look like if you’re getting started and you’re going to be reporting to a company, what that interaction should look like. What are terms you should know? What are tools you should use? And how you actually get started - I have a chapter there that I’ll probably continue to improve as I improve, on what it looks like to get started, how you get started, and where you look, and how to be successful.
Len: I really enjoyed that story that you tell at the beginning of your book, about how you had a kind of a couple of “oh shit” moments, when you had, in a way, both the best, but kind of scariest thing that could happen. Where you publish your book, and you get a customer which is awesome, and then they’re reaching out to you - and it’s an authority figure in the area that you’re writing about.
Pete: Yeah. It’s not as bad now, but I definitely struggle a lot with the impostor syndrome, especially as you join a new community, something that’s established. The hacker community is obviously well-established. And so to step in there and start writing a book was a little bit nerve wracking for me. When Michiel bought the book, I think he said, “Great work. Keep me updated”, that type of thing. And then Jobert, another co-founder there, he had written a post on Quora, and I was following up with an answer, and then I thought, “Oh man. Should I really do this?” And so I did that.
And then Martin’s email to me was like, “Hey. I saw you’re writing a book. I’d love to know more.” It was just like, “Oh man.” I was using content from their websites so I thought for sure it was going to be some kind of trouble. But no, it turned out he was a complete fan, and wanted to really support it and support the community - which was awesome. And he did a lot. He actually paid for the cover. I should mention that because before - and he called me out on it at DEF CON - it was not good. I think it was white with like a purple, or white - something like that.
Len: That’s a fantastic story.
Actually on that note I was wondering - how far along would you say the book was when you published the first version?
Pete: Oh, from where I am now comparatively, it was really early stages. I think my first publication of it maybe had 20 vulnerabilities? And originally all I wanted to do was just plain language, 30 vulnerabilities. So if you’d bought the book, you would have an idea of kind of what those key vulnerability types were. So if I was putting it into perspective, it was maybe 20% done from where it is now.
Len: Right now it says, I think, 97% complete on the website. Does that mean you have a few edits to make? Or another chapter? Or some more - you’d mentioned at least maybe one more vulnerability that you want to add.
Pete: To be honest, the 97% a bit of a misnomer, I really don’t have - and that’s one of the great things that I like about Leanpub is, I don’t really have any plans to finish the book. Because I’m still learning, there’s still new vulnerabilities out there. There’s lots of stuff that I don’t cover in there. I plan to keep contributing to the book. And so really it should just say kind of “indefinite”, because I’m just going to keep adding to it. I think that’s one of the benefits that the guys - or I shouldn’t say guys - but the people that have purchased the book like about it, in that, they get the lifetime updates. So they make their one-time purchase, and then they get notified whenever I make the changes. To me it’s kind of, I don’t know, I guess I see it as at least in the short term, a lifetime endeavor.
Len: That’s really fascinating. We refer to that sort of as a “living book”. We don’t refer to it formally anywhere like that, but that’s how we think of it internally.
I noticed also that you include your email address in the introduction to your book, which is something that a lot of Leanpub authors do, asking for feedback. I wanted to ask, is that something that people have been taking advantage of?
Pete: Yeah, absolutely. I was originally pretty hesitant about it. But I’ve been pretty open in terms of my video tutorials, and my website, and people getting in contact with me. I threw it out there because I really want to hear from people. And I do. I hear from a good number of people, and it’s really interesting to hear their stories.
Like when I was at DEF CON, I got an email from a 37-year-old single mother who thanked me for the book, and said it was awesome. She’s learned a lot. Another guy reached out to me - a developer of 12, 13 years, who didn’t know where to start with hacking, and has picked up the book and is now working away. It’s always awesome to get those kind of emails. I really appreciate when people do. And I do get a lot of people reaching out on Twitter, as well.
Len: That’s great. I noticed also that there are already two translations of your book on Leanpub - one in Russian and one in Arabic. [There is now also a Spanish translation - eds.] I wanted to ask how that happened - did the translators reach out to you?
Pete: They did, actually. So the first one, Eugene who did the Russian translation, he had worked with another author on a Rails book. He translated for him, and he just said, “Hey, I’m really interested. I’m a big fan of the book. I’d be interested in doing a translation if you wanted to. Here’s my experience.” We ran with that, and it’s been awesome. He’s a phenomenal guy - a ton of great work. And so that was kind of our first step.
And then same thing happened with the Arabic. Someone reached out to me on Twitter and said, “Big fan. I’d love to do some translation.” And so he did the sample book, got it done quickly, and the work was good, so we just took it from there and now we’re working through the full Arabic version.
Len: And how did you find working with Leanpub? I imagine this is your first self-published book, and I wanted to know a little bit about what the experience was like.
Pete: It’s going to sound like I’m just kind of pumping your tires, but I really enjoy working with the platform. It was a bit rocky for me at the beginning, because I wasn’t familiar with Markdown. And so when I started writing, I was also - I don’t know why, but I guess I wasn’t technically inclined. And so I started using the online editor. Which I mean, if anybody’s going to be listening to this and wanting to write a book, I would say, I would recommend, take the hour, take the two hours. Get familiar with Markdown, and get familiar with linking up with GitHub. Actually, I use Bitbucket, so not GitHub. I think you guys may or may not interact with GitHub?
Len: We do. But it’s not free for private repositories and Bitbucket is.
Pete: So I would say get a repo set up, get familiar with Markdown, and do it that way, because it is so much easier. It’s so convenient. With me, I can, with the laptop, having access to the repo, I can go to the coffee shop, pump out a chapter, push it to the repo - and then the preview’s automatically done, and I can see what it looks like in the PDF, in the EPUB. So yeah, that would be my advice.
And it was the same thing with the translators. Eugene had experience with it, but the author doing the Arabic version - he was asking me if he could do it in Dropbox. And I was fine with that, I was open to it. But when you’re doing translations - at least for Eugene and I, him more so - when you can grab the repo and you can check the changes between what you’ve done the last time, or what’s happened in a quick version check through it, I think it just makes things so much easier. Obviously you can do that with kind of Word and all the rest of that kind of stuff. But if you’re a developer and you have experience developing, I just find it easier to do it from that perspective.
Len: I was going to ask about that. It’s interesting, the challenge of translating an in-progress, living book. How do you deal with that? Do you write something, publish the new version of the English book, and then pass on that change to your translators?
Pete: Yeah. So, they have read access to the repo for the English version. And then they obviously have write access to the translated version. I’m pretty sure they’re both customers. They can pull the changes from the English version, read them, and then check the version history, and then do whatever they need to translate, make it to their specific repo, and then push those changes up.
Len: Is there anything around community that you wish we had built that we have not, that you can think of?
Pete: That’s a good question. It would be kind of cool to reach out to other authors. Recently, I’ve reached out and man - the Rails developer - his name escapes me now, of course. But it was his book that introduced me. It’s on multitenancy Rails.
Len: Ryan Bigg.
Pete: Yeah, exactly. Ryan’s book introduced me to Leanpub. I think it was the first book - it might be the only book that I’ve purchased off of Leanpub. And so I reached out to him on Twitter, because somebody was talking in a feed about e-publishing versus physical publishing, and there was kind of a conversation going on around there. There were some big names that were actually responding to that.
It was cool to see that communication going on, but that was just on Twitter. So if there was something along that line, that would kind of bring the community together, I think that would be pretty valuable. Hear what’s worked for other people, what hasn’t. Even in terms of like, if you’re doing self-publishing, you obviously don’t have a big marketing budget, or I wouldn’t assume you did. So it’d just be cool to hear what worked and what didn’t for other authors.
Len: That’s really interesting that you say that. Thanks. Actually, we were talking internally about something along those lines just recently. And it’s very early stage, just ideas right now. But one of the things we’re thinking of was - how can we help get authors who have succeeded at self-publishing together with each other, so that they can exchange their war stories and strategies?
And the thing that we’re working through that’s difficult is like - we’re nice guys, right? So the idea of making a kind of exclusive club is something that we would want to manage very carefully. But at the same time, if you can have a group where you can go where you know everybody there is working hard, and good at what they’re doing, and not just dropping in without any real commitment to the process, and just kind of asking - it’s the classic forum problem, right?
That’s something we’re going to think hard about, because we were wondering if there wasn’t a desire out there for authors who - I mean, you’ve got 420 readers for your book right now, which is really good, you’ve got two translations. We can see from our end, that’s definitely somebody who’s taking it seriously. And we were thinking of some way of helping people get together around that. So this will give us some extra impetus to go ahead and see what we can figure out about that.
Just before we go, I was wondering if you had any questions you wanted to ask me?
Pete: Well that’s - I’m going to put you on the spot. I can’t think of the developer’s name - you asked me about hacking on sites that don’t necessarily let you hack on them. And so - this is completely unrelated to the platform, whatsoever - but I had decided to take a look at Leanpub to see how stable it was - if I was going to be selling my book on there. And I noticed a couple vulnerabilities. And Pete had emailed me back and said that the fixes were supposed to be pushed. But I don’t know if they ever did, and I haven’t gone back to test them. So I was curious.
Len: We are working on them right now. Thank you very much for the help. We really appreciate it.
Len: Alright, well thanks very much, Pete for taking the time to do this. I had a great time chatting. And thanks for being a Leanpub author. Good luck with your book. And if you ever have any questions, please just reach out and let us know.
Pete: That’s awesome. I really appreciate it. Thanks very much; the feeling is definitely mutual. It was awesome to chat.
published Nov 24, 2016
This year, Black Friday is on November 25, and Leanpub authors from around the world have decided to offer discounts on their books. These deals will extend through Cyber Monday, November 28.
Below is a list of Leanpub Black Friday-Cyber Monday deals, with links.
Have fun checking out these great deals and discovering new books and authors!
(A note to our non-North American customers: Black Friday is an annual tradition in the U.S. when retailers across the country offer discounts on many of their products. Cyber Monday is the online shopping version of Black Friday, and while the distinction has become a bit of an anachronism, it’s still part of the culture, and often American customers will delay planned purchases until this time of year arrives.)
If you’re interested in discovering even more deals, follow Leanpub on Twitter, as we expect even more authors will be announcing deals throughout the day and over the weekend.
Author: Kevin Karplus
Title: Applied Electronics for Bioengineers
Deal: Reduces minimum price from $3.99 to $2.56
Author: Joseph Benharosh
Title: The essentials of Object Oriented PHP
Deal: Reduced minimum price from $4.99 to $2.99
Author: Karen Greaves and Samantha Laing
Title: Growing Agile: A Coach’s Guide to Training Scrum
Deal: 33% off!
Author: Karen Greaves and Samantha Laing
Title: Growing Agile: A Coach’s Guide to Agile Requirements
Deal: 33% off!
Author: Karen Greaves and Samantha Laing
Title: Growing Agile: A Coach’s Guide to Mastering Backlogs
Deal: 33% off!
Author: Karen Greaves and Samantha Laing
Title: Growing Agile: A Coach’s Guide to Release Planning
Deal: 33% off!
Author: Karen Greaves and Samantha Laing
Title: Growing Agile: A Coach’s Guide to Agile Testing
Deal: 33% off!
Author: Karen Greaves and Samantha Laing
Title: Help Work to Flow
Deal: 33% off!
Author: Karen Greaves and Samantha Laing
Title: A Coach’s Guide to Facilitation
Deal: 33% off!
Author: Karen Greaves and Samantha Laing
Title: Scrum Master Workbook Part 1
Deal: 33% off!
Author: Karen Greaves and Samantha Laing
Title: Kanban Workbook
Deal: 33% off!
Author: Adam Tornhill
Title: Patterns in C
Deal: Reduces minimum price from $4.99 to $2.99
Author: Steve Jalim
Deal: Reduces minimum price from $19.99 to $9.99
Author: Rachel Panckhurst
Title: Fait maison
Deal: 50% off!
Author: W. Jason Gilmore
Title: Easy Laravel 5
Deal: Reduces minimum price from $28.00 to $20.00
Author: Nate Dickson
Title: Painless Tmux
Deal: Reduces minimum price from $4.99 to $1.99
Author: Nate Dickson
Title: Painless Vim
Deal: Reduces minimum price from $5.99 to $1.99
Author: Luc P. Beaudoin
Title: Cognitive Productivity
Deal: Reduces minimum price from $15.99 to $3.49
Author: Michael Müller
Title: Web Development with Java and JSF
Deal: Reduces minimum price from $19.50 to $9.95
Author: Michael Müller
Title: Visitors: Observe Bees and other Insects visiting plants
Deal: Reduces minimum price from $4.99 to $2.50
Author: Robert D. Brown III
Title: Business Case Analysis with R
Deal: Reduces minimum price from $9.97 to $3.99
Author: Robert D. Brown III
Title: It’s Your Move: Creating Valuable Decision Options When You Don’t Know What to Do
Deal: Reduces minimum price from $3.97 to $1.99
Author: Christian Tietze
Title: Make Money Outside the Mac App Store
Deal: Reduces minimum price from $19.99 to $10.00
Author: Christian Tietze
Title: Exploring Mac App Development Strategies
Deal: Reduces minimum price from $7.99 to $5.00
Author: Christian Grobmeier
Title: The Zen Programmer
Deal: Reduces minimum price from $7.99 to $0.99
Author: Christian Grobmeier
Title: Zen. Für Programmierer.
Deal: Reduces minimum price from $7.99 to $0.99
Author: Christian Grobmeier
Title: El Programador Zen
Deal: Reduces minimum price from $4.99 to $0.99
Author: Christian Grobmeier
Title: Das Geheimnis des Vormieters
Deal: Reduces minimum price from $0.99 to FREE
Author: Nicolas Fränkel
Title: Integration Testing from the Trenches
Deal: Reduces minimum price from $20.00 to $10.00 and reduces the minimum price of the 5-copy package from $80.00 to $40.00
Author: Aymen El Amri
Title: Saltstack For DevOps
Deal: Reduces minimum price from $10.00 to $7.00
Author: Jeff Geerling
Title: Ansible for DevOps
Deal: Only $0.99 through Cyber Monday
Author: Kostas Maniatis, Alex Kyriakidis, and Evan You
Title: The Majesty of Vue.js 2
Deal: Reduces minimum price from $24.90 to $14.90
Author: Daniel Schmitz and Daniel Pedrinha Georgii
Title: Practical Angular 2 Book
Deal: Reduces minimum price from $25.00 to $10.00
Author: Daniel Schmitz and Daniel Pedrinha Georgii
Title: Practical Vue.js
Deal: Reduces minimum price from $21.99 to $10.00
Author: Daniel Schmitz and Daniel Pedrinha Georgii
Title: Vuex Concepts
Deal: Reduces minimum price from $7.99 to $2.00
Author: Daniel Schmitz and Daniel Pedrinha Georgii
Title: Vue.js + Vuex Bundle
Deal: Reduces minimum price from $27.99 to $11.00
Author: Duncan Dickinson
Title: The Groovy 2 Tutorial
Deal: Reduces minimum price from $10.00 to $5.00
Author: Kristopher Wilson
Title: The Clean Architecture in PHP
Deal: Reduces minimum price from $16.00 to $10.00
Author: Esteban Herrera
Title: The BPMN Graphic Handbook
Deal: Reduces minimum price from $6.99 to $3.99
Author: Esteban Herrera
Title: Java 8 Programmer II Study Guide: Exam 1Z0-809
Deal: Reduces minimum price from $11.99 to $5.99
Author: Lee Baker
Title: Practical Data Cleaning Kit
Deal: Reduces minimum price from $15.00 to $7.50
Author: Lee Baker
Title: A Holistic Strategy for Discovering The Story of Your Data
Deal: Reduces minimum price from $15.00 to $7.50
Author: Zsolt Nagy
Title: The Developer’s Edge
Deal: Reduces minimum price from $14.99 to $6.99
Author: Diomidis Spinellis
Title: The Elements of Computing Style
Deal: Reduces minimum price from $9.95 to $4.95
Author: Tonya Mork
Title: Refactoring Tweaks Bundle
Deal: Reduces minimum price from $$27.99 to $19.99
Author: Len Epp
Title: The Identity Project: The Atlantic Half
Deal: Reduces minimum price from $7.99 to FREE!
– Posted by Len Epp
published Nov 23, 2016
Patrick Applegate is the co-author of the Leanpub book Risk Analysis in the Earth Sciences: A Lab Manual with Exercises in R. In this interview, Leanpub co-founder Len Epp talks with Patrick about his career, his book, and his experience self-publishing on Leanpub.
This interview was recorded on July 14, 2016.
This interview has been edited for conciseness and clarity.
Len: Hi, I’m Len Epp from Leanpub, and in this Leanpub Podcast I’ll be interviewing Patrick Applegate. Patrick currently holds the position of scientific programmer with the SCRiM, or Sustainable Climate Risk Management network. Hosted by the Earth and Environmental Systems Institute at Penn State University. [Patrick was working in the Sustainable Climate Risk Management network when this interview was conducted. He has recently begun working for Research Square, a company that helps to streamline the scientific publishing process for scientists and publishers. - eds.]
Patrick has a PhD in Geosciences, and has authored or co-authored 20 peer-reviewed scientific papers. He has done research on areas like estimating the age of glacial deposits, and the contribution that ice sheets make to sea level rise. Risk Analysis in the Earth Sciences: A Lab Manual with Exercises in R.
Risk Analysis in the Earth Sciences is a free textbook that teaches readers about statistical concepts required for doing assessments of climate risks. In this interview, we’re going to talk about Patrick’s professional interests, his book, his experiences using Leanpub, and ways we can improve Leanpub for him and other authors. So thank you Patrick for being on the Leanpub podcast.
Len: I usually like to start these interviews by asking people for their origin stories. I was wondering if you could tell us how you first became interested in your academic field, and your journey to your current position with the SCRiM Network at Penn State.
Patrick: Sure. I actually started out life as a geologist, but ended up in this position, and along the way, I sort of ended up as a data scientist and a technology educator.
So it turns out there are lots of different kinds of geologists, and I was the type of geologist who goes and looks at glaciers to see how they’re changing, and at traces in the landscape that tell us how glaciers have changed in the past.
We do this because glaciers are really sensitive to past climates, so they can tell us about how the climate has changed in the past, if we know something about how the glacier has changed. That tells us that it got warmer or colder, depending on the direction of the change. We’re also really interested in glaciers and ice sheets, because when they melt, they make the sea level go up.
And that really matters because if all the ice on land right now were to melt, sea level would go up by tens of meters or hundreds of feet. And people living along the coast right now would definitely notice that. People are already starting to notice that. And so, even a small fraction - if even a small fraction of the land ice that’s out there right now were to melt, that would really matter for people. And we’re interested in what could happen in the future. Understanding the past helps us say something about the future.
So I stopped being a straight up geologist, and became more of a computer person during my PhD. The landscape tells us how a glacier has changed in the past, but we need a time signal in order to get at rates of change. There’s a method out there that lets us take samples from the landscape and figure out the ages of different land forms, and that provides the time signal that we need, in order to look at how fast glaciers have changed in the past.
Turns out that method isn’t perfect. There’s a lot more noise in the data than we would expect, based on our measurement techniques. And so I spent my PhD developing computer models that help us to understand that noise, and to pick out the signal in already published data sets. So that was sort of my first step from being a geologist, towards being somebody who spent more time in front of a computer.
But then a couple of years before I finished my degree, the Fourth Inter-governmental Panel on Climate Change Report came out. This was in 2007. So the IPCC is a big body that’s organized by the United Nations, and it really organizes scientists to assess every few years what’s known about the climate system and how it works. So this report came out in 2007, that I’m talking about right now. There was another report that some of your listeners have probably heard of, that came out more recently in 2013.
So going back to that 2007 report, one of the main conclusions was that we really didn’t know how the great ice sheets were going to contribute to sea level rise in the future. And that really surprised me, because at that point, people had already been building computer models of how the ice sheets work for decades. We knew what - we know a lot about how ice sheets behave.
So my question at that point was - well how is it that we still don’t know enough to predict what’s going to happen with the ice sheets and sea level rise? And so to try and understand this question better, my first job after my PhD involved going to Stockholm University in Sweden, and working with one of these computer models, to try and understand where these remaining questions were coming from.
So there again - step number two away from being a geologist, towards being a computer person, working with computer models. So once I was done with that, eventually that project came to an end, and I moved back to the US. I kept working with sea level rise, but the group that I moved into - and that’s the SCRiM group that you’ve already mentioned, uses the R programming language for everything.
So that group is very heavily invested in the R programming language. And this is one of the key languages that people use in data science - that’s a discipline that combines programming, statistics, and a real understanding of data, to pull out insights. I know that you’ve already interviewed Roger Peng, Jeff Leek and Brian Caffo for this podcast series, so it’s a lot of fun to be following them here.
Anyway, so I picked up R there, and took another step away from being a geologist, and more into the computer realm. During my time here, I’ve spent a lot of time writing code, and a lot of time teaching people - teaching other people how they can write their own code. So I co-taught a course that developed into the book that we published with you guys at Leanpub. And then I spent a year as an instructor at one of our branch campuses. And I spent time there bringing R programming into those courses, which was a lot of fun.
So at some point I realized that I really enjoy writing code and teaching other people to write code. And so that’s the story of how I went from being a geologist to being a data scientist and technology educator.
Len: Thanks very much, that’s a really great answer. You actually answered my next two or three questions spontaneously.
I guess I’d like to ask you next about SCRiM. Tell us a little bit about the Sustainable Climate Risk Management Network - what it’s purpose is, who are the people working on it, things like that.
Patrick: Sure. SCRiM’s a network of people, mostly at universities, who look for strategies to help us manage the risk caused by future climate change. So we expect that climate change is going to have consequences for us now and in the future. Particularly in the future. We’d like to figure out how we can best address those challenges. And so, the network’s mission statement says that the strategies that SCRiM is trying to come up with, need to be sustainable. They have to be scientifically sound, technologically feasible, economically efficient, and ethically defensible. I’m just reading from the website here, so that I don’t mess this up.
Patrick: As you can imagine, creating strategies that satisfy all those requirements, requires bringing together a lot of people with very different expertise. And so SCRiM is this organisation that makes that conversation possible. And I should mention that what really makes this work is a generous grant from the US National Science Foundation. So we thank them for that support.
Len: You had an article published in 2015 about something called “solar radiation management geoengineering”. I read the tech/environment news, so I think I have some idea of what that is, but I was wondering if you could explain - as an expert - a little bit more about what that is, and maybe talk about climate engineering more generally - the current state of affairs and that discipline.
Patrick: Right. So one of the things that I loved about Jeff Leek’s podcast in your series here, was that he was careful to say at some point, “that’s actually a little outside my expertise”. And so, I’m going to give you a partial answer here. And I’m going to try to flag the parts that I know more about, versus the parts that I know less about. Does that sound fair?
Len: Oh perfect, yes, yeah.
Patrick: Okay. So the part of this problem that I’m the most familiar with, has to do with the connection to sea level rise and the ice sheets - as I’ve said before. And so you mentioned solar radiation management, which is also called “albedo modification”. This is the idea that we could deliberately change the earth’s climate to be something that we would prefer - by changing the earth’s reflectivity, essentially. So if we were to somehow make things so that a little more solar radiation went back into space, instead of making it through the earth’s atmosphere to the surface - then that would make things cooler down here, and maybe we would like that better.
So that’s all fine, and I should mention that this technology has not been tested. People are starting to talk about testing it. There are other strategies out there for potentially changing the climate. But the aspect that we looked into, had to do with some claims that some scientists had made, that this would help us avoid sea level rise. So on the face of it, this makes a lot of sense. As temperatures go up, the glaciers and ice sheets melt. The ocean waters expand, and that all makes sea level go up.
So it seems pretty logical, that if you were to just make it so the temperatures went down - or didn’t go as high, that that should then save you from sea level rise. So our work involved using one of these computer models of ice sheet behavior. And essentially what we were able to show is that it’s a lot less effective than you would think in terms of preventing sea level rise from the ice sheets - that probably that anticipated benefit of solar radiation management and other geo-engineering schemes won’t materialize if they’re put into practice.
Len: And why is that?
Patrick: So what’s going on is that the ice sheet creates its own weather, because it’s both white on the top, which makes it reflective, and it’s also tall, and so there’s this thing called the atmospheric lapse rate, which means the temperatures decrease with elevation. So the higher you go on a mountain, the colder it gets. Because the Greenland ice sheet’s a couple of kilometers tall, and it’s above sea level in its middle part, and because it’s reflective, it’s cold up there. But if the ice sheet gets a little bit smaller, then that reduces that happy weather generating effect that the ice sheet has.
So if it shrinks a little bit, and then you try to save it by bringing the temperature down, you’re unlikely to be successful. Because the system develops an inertia that keeps it going in the direction you don’t want it to go.
Len: I think that a lot of our listeners are probably on board with the idea that climate change is real. I think probably many of them also know that a rise of tens of meters would be very disastrous. It wouldn’t just mean some beaches go away. It would be very bad. Without committing yourself to any kind of position professionally, what’s your personal feeling about the direction things are going with respect to attempts to mitigate the future impact of climate change?
Patrick: Okay so - I want to be careful to emphasize that we’re not talking just yet about a future where sea level goes up by hundreds of feet or tens of meters. It’s more that relatively small changes can still create problems for us. And we want to think in advance about how we’re going to meet those challenges. And that’s really what SCRiM ends up being about - understanding what the challenges might look like, and developing strategies to try and address those.
In terms of where I feel our efforts are going, there I really have to say, that is totally outside of what I can address, I’m sorry.
Len: Oh, no, that’s okay. I understand and I very much appreciate your straightforwardness about that.
Just changing topic slightly. I can see from your bio that you’ve taught college level courses, and you’ve done two postdocs. I wanted to ask a little bit about the value you see in university education. I ask because, especially in the startup tech scene, there are people who repeat the refrain that university education is no longer necessary. It’s sort of the more extreme version of the “We should all learn online now”. And I know it’s a big question, but I was curious to hear your opinion on this topic, especially as someone involved as a sort of academic scientist in university life.
Patrick: Right. The value that I have seen in my education is that, from a straight-up personal level, I’ve gotten to do a lot of cool things as a result of the education that I’ve received. So I’ve gotten to do field work in Greenland and Peru and the western United States. I’ve gotten to visit glaciers in Canada and Iceland. Lots of different places. And that’s the kind of thing that I certainly wouldn’t have received if I’d studied all these things in an online program.
Also there is a habit of thinking, and a way that you’re taught to think in advanced education, that you certainly can acquire for yourself outside of it, but I still think that the system of graduate education that we have here in Canada and the United States, and also in Europe, is really very excellent. And that’s something that’s worth preserving and maintaining.
Now I can speak to the other side of your question here, because I have gone on all these Coursera courses, and also done some online education through Penn State. And I have to say that if you’re a very self-directed learner, absolutely, you can pick up everything you need to know that way. To do lots of different things.
So I guess what I would say is that for sure, if your goal is to be someone who’s more on the tech side, then maybe the best strategy really is to do some personal projects, get involved in projects that other people are doing. Find a codebase to work on. And pick up what you need to do, what you need to know from the internet. But if you’re doing something that’s more, certainly more hands on, or requires you to travel and see things, I still think in-person education winds up being a good way to go. Better or worse, I won’t say.
Len: Okay. Turning to the topic of your book, you mentioned already the programming language, R, and I was wondering if you could explain a little bit about why its popularity is growing amongst scientists, and data scientists in particular?
Patrick: Sure. So reasons why people love R. R is a great language, because it’s free, it’s open source. There are a lot of people that use it, and they share their code. So free and open source is nice, because if you’re working at a university or a company that has site licenses for whatever statistical packages you want to be using, that’s all fine. But if you’re cash-strapped, or your working in a smaller organisation - boy it sure is nice to know that there’s a full-featured statistical and computing environment, that you can just go download off the internet, and do whatever you want with.
So we’re getting to the point in the modern world where you really can operate almost exclusively in a Free Software environment, and basically not pay for things, not have to pay for things. It used to be that if you wanted a good vector drawing program, you had to get Adobe Illustrator. These days, you can download Inkscape. And it’s kind of the same way in scientific computing. Pretty much everything you need can be had for free. So that’s very nice.
The other part of it, I mentioned that people share their code. And so, R has this great system that’s called the package system, where, in one line of code, you can download and install these nicely-formatted software libraries that other people have written. And then you’re off to the races. You can use their code to do whatever you wanted to do. And that’s just a tremendous time saver, because it saves you from reinventing the wheel, and also from testing any tools that you might build.
So you could write your own Markov chain Monte Carlo algorithm for example. But why would you when someone else has already done it, and a million people have used it - and it works?
Len: Speaking on the topic of free versus paid, when you were first getting on board with Leanpub, you emailed us, and asked us to set your book so its maximum price would be zero.
Just to explain to people listening, this is relatively unique. On Leanpub, books are sold on a variable pricing model, so that you set a minimum price for the book and a suggested price, and then customers can pay the minimum price, or anything between the minimum price to the suggested price, or anything above the suggested price. I think currently the maximum is $500. So what you can do, is you can set your book to a zero minimum price, and a zero suggested price. But it’s still possible that people can buy your book.
Now if you email us, like Patrick did, we are happy ourselves to set the maximum price to be zero. So it’s a totally free book that people can’t pay for. And I just wanted to ask you - I mean, I think I know the answer, but I wanted to ask you to explain to anyone listening who’s maybe picked up your book and is now listening to the podcast, why the book is free?
Patrick: Why is the book free? Well you probably have already guessed the answer. As I mentioned, we were funded to do all the work that the book is based on by the US National Science Foundation. And so, we got paid to do this from public funds. And it seemed to us best to make that free and open source. So not only is the book free on Leanpub, but you can go download all the source off of GitHub and build your own book if you want. So that’s basically the answer - that we felt that this was really the most honest way of distributing what we had done, so that other people could use it.
Len: Yeah, thanks. I think it sounded like a very good principle - that if something is publicly funded, then making it available for free sounds appropriate.
Len: We don’t currently have a ton of textbooks on Leanpub, but we would love to have more. From your perspective, is there anything missing from Leanpub that you think might help us attract more textbooks or accommodate the needs of textbook authors and editors better?
Patrick: You know, I can’t think of anything. I do think that Leanpub is a great platform for publishing this kind of thing. So you have some penetration, particularly in the technology field already. I wouldn’t be surprised if in the future you had more people writing textbooks there. So I’ve contemplated putting together, essentially, book forms of notes from classes that I’ve taught. I wouldn’t hesitate to do it.
Len: Do you think that for a textbook author, that the in-progress model of publishing that Leanpub allows people to use, is something that might be useful? For example, I’m curious to know if someone writing a textbook would be open to changing a chapter that they’ve written, based on feedback that they’ve publicly received from a reader.
Patrick: That’s a good question. The in-progress model that Leanpub follows is tremendously helpful to us. We’ve recently released an updated version of the book, that actually incorporates a lot of feedback that we’ve gotten from both our classroom users– Some of the authors have taught a course with the book, and gotten feedback, where people said, “Hey, this part needs improvement. I didn’t understand it”. So where we can, we’ve gone and fixed those things. And we’re also going to add a bunch more chapters, so the book’s going to get something like 50% longer in the not-too-distant future.
I would think that - particularly for fast-moving fields, that’s very, very nice. In terms of textbook authors, sort of traditional textbooks - you have to have some kind of minimum length, so ideally a textbook is something that you can use to teach a one semester course, or even a full year course. So, you do want to make sure that your book has some number of chapters before you publish it. That I think is the one thing that, if you’re going to be doing like a calculus textbook, the body of knowledge there does not change rapidly. And also, it has to be a particular length, in order to be of use. Does that make any sense?
Len: Oh yeah, that totally makes sense. That’s a fantastic answer, thank you. It hadn’t occurred to me before that - and it’s a very good point - that oftentimes a textbook is meant to be taught along with a course, and that a professor isn’t going to probably buy your book on the hope that chapter five will be ready in time for week five - that although the in-progress theme of being able to change rapidly based on feedback that you’ve received from people, or publish new chapters to add to it in the end - all that’s very useful, probably more so than the average Leanpub book, there needs to be a sort of - there needs to be a set of, with respect to what it’s doing, complete information before someone else would take up that textbook and use it in their course. So that’s a very interesting thing for us to learn.
Patrick: Yeah the standard for the Minimum Viable Product for a textbook that’s going to be used in the classroom is probably a bit higher.
Len: Yeah, yeah. And I think, I believe you wrote your book using your own tools, and you produced a PDF and then you uploaded it to Leanpub. I’m curious if you would think about writing in plain text and in Leanpub Flavored Markdown or Markua - as we’re developing in the future. Is that the kind of thing that you would find attractive?
Patrick: Potentially yes. This was a case where we had a technology in mind that we wanted to use to write the book. I got really excited, when I realized that Leanpub would let us put up our own home-brewed PDF, and I noticed recently that you do have GitHub integration, which could make this very simple for us. The challenge, or the reason why we did things the way we did, is because in R you have this great technology that’s called R Markdown.
So it’s R-flavored Markdown, and that lets you have pieces of R code interleaved with your human readable text. The interpreter goes through, generates a nice LaTeX document, and then turns that into a PDF. But it also processes the code, and dumps any results to the PDF document. So that is very nice, because if you then go back and change the code part of the document, you don’t have to remember to update the output part. You just have to check and make sure it doesn’t look funny afterwards. Does that make any sense?
Len: It totally makes sense, thanks for that - that’s really great to hear about that process. I was wondering if you intend to make a print version of your textbook?
Patrick: We haven’t thought about that. I would have to say - I mean certainly that is a discussion that would have to happen with particularly my co-editor, Klaus Keller, but also the other authors. And that’s something that hasn’t come up so far.
Len: One thing I always like is to finish off interviews by asking people, if you could ask us directly to add one feature, or to fix one problem - and we would go to work doing it for you - what would that be, or is there anything that you can think of?
Patrick: Things that could be added? Well you and I had a little email correspondence recently about the past downloads page, I think? And the - this is so trivial that I hesitate to bring it up. Let’s just say I can’t think of anything substantial. From an author’s side, I don’t think there is anything.
Len: Increasingly that’s the answer that I get to that question from people that I interview. I think I might have to try closing off these interviews with another question, or maybe try formulating it a different way from now on. But I wanted to say, thanks very much. I think people will find it really interesting to hear about data science from an environmental perspective, and environmental science.
Also other people in your position who are thinking about publishing textbooks on Leanpub will probably be very interested to hear about your process and how you - especially at the end, how you described incorporating feedback and improving the textbook for current and for future readers.
So, thanks very much Patrick for being a Leanpub author, and for being on the Leanpub Podcast.
Patrick: Thanks Len, this was a lot of fun.
Len: One last thing, is there anything that I left out that you wish I’d asked you about in this interview?
Patrick: I want to be sure that I give appropriate credit to my co-authors on the book. It’s been great fun to work with these people. So we’re expanding the book; we’re going to add more chapters. But the people who are on the book right now include Klaus Keller, Ryan Sriver, Greg Garner, Alexander Bakker, and Richard Alley.
I should mention Klaus in particular. He’s head of the SCRiM Network, and he was co-instructor on the course that gave rise to the book. Ryan’s an atmospheric scientist, who thinks a lot about tropical meteorology and hurricanes. Greg’s an atmospheric scientist who works on decision science. Alexander thinks about sea level rise. And Richard Alley’s a great guru of ice sheet science and climate science in general. So there’s a lot of different expertise among the people who’ve been involved with this book. And we’re only going to add people as time goes on.
published Oct 05, 2016
Scott and I launched Leanpub back in April 2010, with the goal of creating the best way in the world to write, publish and sell in-progress and completed ebooks. Our first customer was this up-and-coming guy named Eric Ries, who was advocating a strange idea called “The Lean Startup”. We made a Leanpub book out of Eric’s blog. This led to our second customer, Babak Nivi, who let us make a similar book out of his and Naval Ravikant’s blog, Venture Hacks. Eric, of course, went on to write The Lean Startup, and Naval and Nivi created this small thing called AngelList.
Eric wasn’t just our first customer, he was also the reason for the name Leanpub. After my experiences writing two books, I realized that Eric’s Lean Startup principles had great applicability to the way that authors should write and publish books – that as an author, you should publish your book in-progress, using lightweight tools and many iterations to get reader feedback, pivot until you have the right book and build traction once you do. I called this approach Lean Publishing, wrote a manifesto and book about it, and talked about it wherever I could. Leanpub was a reference to the idea of Lean Publishing – and if you wanted to do Lean Publishing, then Leanpub should be your obvious choice.
Leanpub’s positioning and our traction from the launches of Eric’s and Nivi’s books helped us gain an initial customer base with agile and computer programming book authors. It helped that these authors were highly technical – since our books were authored in Markdown, our user interface was terrible and our book generation was flaky, to get past all these hurdles and actually finish a book it really helped if you were a computer programmer.
Since these humble beginnings, we’ve grown steadily, and today thousands of authors from around the world use Leanpub to publish early and publish often. We’ve paid over $4.4 million in royalties to authors, and we currently pay over $100K in royalties to authors every month.
Leanpub is a powerful platform for serious authors. This platform is the combination of two things: a publishing workflow and a storefront. Leanpub is more than the sum of its parts, however – by combining a simple, elegant writing and publishing workflow with a store focused on selling in-progress ebooks, it’s something different. Leanpub is a magical typewriter for authors: just write in plain text, and to publish your ebook, just click a button. (You can click a Preview button first if you want!) Once you’ve clicked the Publish button, anyone in the world can instantly buy your ebook from Leanpub, and read it on their computer, tablet, phone or ebook reader. Whenever you want to distribute an update to all your readers, just click the Publish button again. It really is that easy.
Our workflow is flexible. Authors can use our simple in-browser editor or upload completed ebook files, but most choose to write their manuscripts on their own computers, using either plain text (formatted using Markdown or Markua markup) or Word documents. These manuscripts are synced with Leanpub using either Dropbox, GitHub or Bitbucket. From these manuscripts, we generate ebooks formatted in PDF, EPUB and MOBI which look great on all devices. This is a fully-automated process: authors literally just click a button. We also automatically generate print-ready PDF and InDesign files, so that authors can easily create and sell print books on sites like Lulu or CreateSpace. (The InDesign files are for a book designer to make a custom book, but the print-ready PDF files are exactly that: ready to be published as a print book.)
Our storefront is an elegant way to sell in-progress or completed ebooks. There are lots of good places to sell completed ebooks, such as Leanpub, Amazon or Apple, but the Leanpub storefront is the best place to sell in-progress ebooks. It includes attractive book landing pages, variable pricing with minimum and suggested prices, analytics and mailing list integrations. Our variable pricing feature alone earns many of our authors thousands of dollars of extra money. Just as people love backing projects on Kickstarter, readers love supporting authors – and our pricing sliders which show the author royalties make it clear to readers how buying a book on Leanpub does just that. Readers often voluntarily pay much more than the minimum price of a Leanpub book. In fact, our bestselling book by lifetime revenue, R Programming for Data Science, has a free minimum price!
One of the most interesting features of the Leanpub storefront is the royalty rate our authors earn: 90% minus 50 cents royalties per paid sale; free for free sales. On Leanpub, a $10 ebook sale earns $8.50 in royalties, and a $20 ebook sale earns $17.50 in royalties. Respectively, those royalty percentages are 85% and 87.5%, which we’re very proud of. By the way, in case you think those ebook prices are higher than what Amazon “encourages” you to charge, or what you hear from publishing industry commentators, you’re right: the average paid ebook sale price on Leanpub is over $14. Now, a $14 ebook sale earns $12.10 in royalties on Leanpub, but would only earn $4.90 on Amazon KDP – while Amazon KDP essentially pays 70% royalties for books between $2.99 and $9.99, it only pays a 35% royalty rate for books which cost less than $2.99 or which cost more than $9.99. Many books on Leanpub cost more than $9.99, so Leanpub authors earn a far better royalty percentage on those books than they would on Amazon KDP.
Our royalty rate is better than Amazon’s and Apple’s royalty rates for any book over $2.99, and it is far better than Amazon’s royalty rate for books over $10. Leanpub exists to support authors, and our royalty rate does just that – regardless of what minimum and suggested prices an author chooses for their book. Since we adopted this royalty rate in 2010 we haven’t changed it, and we are not changing it now.
Today we are changing the pricing of Leanpub. Until now, Leanpub has been totally free for authors to use. We have earned all of our money from our portion of the storefront revenue. (After the author royalties, PayPal fees and chargeback costs, our gross margin on the storefront is about 8% – for every $100 of book sales on Leanpub, we earn about $8.)
Going forward, it will cost money to create a new Leanpub book. Here’s the cost:
$99 per book.
That’s it. This is a one-time charge, not a subscription. This price includes all the features of Leanpub, and is the price regardless of what writing mode you choose. We are charging the $99 at book creation. Like any Leanpub purchase, it will have our 100% Happiness Guarantee: for 45 days, you can get a full refund by clicking a button. (Refunding a book writing purchase deletes the book if it has no sales, and archives it if it has sales.)
Leanpub authors have created tens of thousands of books. We are, of course, grandfathering every one of these books: they will have all the features of Leanpub, for free.
For new books, there are discounts available based on lifetime royalties earned. There are also special discounts for translations.
We want to reward loyal authors who support Leanpub through their storefront sales. So, we have two discounts based on lifetime royalties earned across all your Leanpub books. Once you’ve earned at least $1,000 in royalties, creating a new book costs $49 per book. Once you’ve earned at least $10,000 in royalties, creating a new book is free. Hundreds of Leanpub authors will immediately qualify for one of these discounts, and we hope thousands more do in future.
Authors can create translations of their Leanpub books for $19 per book. Some Leanpub books are translated into a large number of languages, and at $99 each this would add up fast. (Of course, if you’ve earned at least $10,000 in lifetime royalties, creating a translation is free.)
To be clear, regardless of what you pay (even $0) to create a Leanpub book, this one time charge includes all the features of the Leanpub workflow and storefront. For example, there is no charge to create packages or bundles. (Packages let you sell extras with your book, like videos or code samples. Bundles let you sell your book bundled with other Leanpub books, at a discounted price.)
Again, the royalty rate for authors is unchanged: 90% minus 50 cents royalties per paid sale; free for free sales.
If you’re a publishing company, our publisher program just got a lot simpler. For any new book created by a publisher the price is now $99 per book. Our publisher program helps forward-thinking publishers like TidBITS Publishing easily produce dozens of professional ebooks using Leanpub’s simple, proven workflow. Publishers own their ebooks and can sell them wherever they wish. If a publisher chooses to use the Leanpub storefront, we pay 90% minus 50 cents in revenue per paid sale. Using Leanpub for ebook production is a pragmatic choice, like using a third-party printing press for print book production or using AWS for web hosting.
Why We’re Doing This
We haven’t changed our pricing since 2010, so we’re not making this change lightly. We have thought really hard about this. This pricing change will help us address a number of the challenges we have been facing:
First, where we were earning our money and where we were creating much of our value were different places.
Leanpub is the combination of a publishing workflow and a storefront. We have put years of work into the workflow, and it creates much of the value we provide an author. We were giving away the workflow to drive author growth, but this was only being monetized by the storefront. Now, when we were working on storefront features, there was an immediate connection to increased revenue – for example, adding a shopping cart helped us sell more books. However, when we were working on workflow features, there was a huge delay between a workflow improvement and increased storefront revenue. We have a viral loop, but it takes a lot longer to write a book than a tweet! By making our workflow a source of revenue, and not just the main reason that authors use our storefront, improvements to the workflow will also have an immediate connection to increased revenue.
Second, we’re a bootstrapped startup, so cash flow actually matters.
Leanpub has raised exactly $0 in investment. We’re based in BC, Canada, and while startup funding climate in BC is improving, it’s not exactly Silicon Valley. Since we’re bootstrapped, work on the startup is fueled by revenue from either the startup itself or from us doing consulting work for clients. So, the timing of revenue matters. For Leanpub, a successful book will earn a lot of money over its lifetime in our storefront. Almost all of this revenue is for its author(s), as it should be. But some of it (about 8%) is for us as well. However, we can only spend our portion of that revenue once we actually have earned it, and much of this is deferred for months or years. By charging money when a book is created, we can spend that money on development or marketing as soon as its 45-day refund period elapses. This means we get our first $99 of revenue from a book months, or years, sooner than we do today. (Currently we don’t earn $99 from a book until it has been published and earned about $1200 in sales.)
Third, our pricing didn’t work well for authors who only want to sell their books directly.
Since we have created an amazing book writing and production workflow, some authors naturally wanted to use Leanpub to make books, while only selling those books on their own websites. This is perfectly legitimate. There are some good reasons to want to own the customer relationship. Some authors put a lot of work into developing an entire range of products, of which their books are only one component. For these authors, a purchase directly from their website is more valuable to them than a purchase on Leanpub, Amazon or Apple. For example, when an author sells a book on their own website, they can require the reader to share their email address. With Leanpub, readers need to opt in to share their email address with the author.
We need to support these authors. Leanpub authors own the copyright to their work, and are free to sell it wherever they want. Just as we value reader privacy, we value author control. However, the current situation was sub-optimal. For us, not only did we earn no money from those books, there was a support cost as well. For the author, they were stuck doing cheesy things like only previewing their book, and putting it in stealth mode so it didn’t show up in our store. Worse, there was a feeling of guilt: we’ve had multiple authors ask us to invoice them for our services, which is a hassle for both us and them. Charging money on book creation makes using Leanpub just for our workflow a guilt-free transaction for these authors: they’re not freeloaders, they’re customers.
Fourth, our pricing didn’t work well for publishers.
Just as some authors want to only sell their books directly from their own websites, many publishers want to do this as well. With our previous pricing, we used to make publishers choose when they created a book whether they wanted to use the Leanpub storefront. If they did, the book was free; if they didn’t, the book cost $299 to create. We had good intentions here, but basing a pricing plan on punishing honesty is a bad design choice. Making the price be $99 per book for every book created by a publisher is both simpler and fairer.
Fifth, books which did not earn a lot of revenue were costly for us to support.
We are genuinely helpful people who enjoy building tools to help authors write books. We also sincerely try to provide good customer support via email to email@example.com, via Intercom, and via our Google Group. There are many reasons to write a book, and direct compensation from author royalties is only one of them. But since the only way we earned money was from a percentage of a book’s storefront revenue, providing good customer support was problematic. With this pricing change, we earn money from every book, right when it is created. This will help us pay our support people, so that we can help any new Leanpub author to get started using Leanpub.
We thought really hard about this pricing change, and considered many alternatives. One thing we really don’t want to do is charge a monthly or yearly subscription fee per book. Books take a long time to write, and when you’re starting a book it’s hard to predict when you’ll finish. We don’t want authors to feel that they’re on a clock, or that they can lose access to their book once they’ve started it. We also want to keep things simple. Authors shouldn’t feel that they need a doctorate in Leanpub to understand what it costs.
This is really important to us. If we price Leanpub fairly, and if we can convince enough people to pay this fair price, then we can earn the revenue needed to go much faster than we have to date. We can build all the features we want to build, for both the author and the reader experience, much sooner. We can even spend money on marketing, helping the entire flywheel turn faster – which will drive us to grow and develop features much faster than we have in the past. If you’re a member of our Google Group, you’ll definitely appreciate this. As an author, paying to create a Leanpub book is an investment, since we will be spending that money to improve your experience using Leanpub.
Scott, Len, Braden and I would like to thank every Leanpub author who has helped us build our platform over the past six years. Without you, there’s no Leanpub. Thank you very, very much. Our sincere hope is that this change to our pricing helps us go a lot faster in the years ahead.
October 5, 2016
published Oct 04, 2016
Don is an expert on Microsoft’s business technology platform and a popular conference speaker. A co-founder of The Dev Ops Collective, he is also the author of The DSC Book: Second Edition, which teaches “everything you need to know about Microsoft’s Desired State Configuration technology”.*
This interview was recorded on July 21, 2016.
This interview has been edited for conciseness and clarity.
Len: Hi, I’m Len Epp from Leanpub, and in this Leanpub podcast, I’ll be interviewing Don Jones. Don is a leading expert on Microsoft’s business technology platform, and a popular speaker at technology conferences, and he has received Microsoft’s Most Valuable Professional award since 2003. He co-founded The Dev Ops Collective and powershell.org, and is currently a curriculum director for Pluralsight, which offers online video training courses.
Don is a prolific author who has written over 40 books, including PowerShell in Depth and Learn Windows PowerShell in a Month of Lunches. Recently, he published his first book on Leanpub, I think - *The DSC Book: Second Edition. His book is focused on the topic of desired state configuration - or DSC, which we’ll be talking about a little bit later.
You can follow Don on Twitter @concentrateddon, and he blogs at donjones.com. In this interview, we’re going to talk about Don’s career, his professional interests, his book, and his experience self-publishing an in-progress book on Leanpub.
So thank you, Don, for being on the Leanpub podcast.
Don: Thank for having me. Good to be here.
Len: I usually like to start these interviews by asking people for their origin story. I’ve read a little bit about your story on you blog, and I was hoping you’d talk a little bit about how your career got started, and how you got to where you are now.
Don: Yeah, so I was working for a company called Electronics Boutique, which has since been purchased by GameStop. They’re a video game retailer. That was my first IT job. I worked in one of the stores for a while and wound up with a job at the home office in IT. I was an AS400 operator, but I’d always had a programming hobby background, and so it wasn’t too long before I was doing a lot more than just helping run the AS400. And from there, I’ve worked at companies like Bell Atlantic. I’ve worked for Microsoft training partners. I’ve been independent. I was independent for about 12 or 13 years, I guess.
I did a lot of consulting and a lot of work for different clients - all kinds of different stuff - and a lot of writing. That’s, I think, when I did probably the most writing, particularly in the long-form published books. Then a couple years ago I took a job as a curriculum director with Pluralsight, which kind of gives me an opportunity to reach out a little bit further than myself, and help work on large projects, and help other people becoming better trainers and reach people. So it’s been a lot of fun.
Len: I read on your blog that your first job was working on military jets, that you were a military jet mechanic? Is that right?
Don: I was a civilian employee for the Department of the Navy, for their depot-level maintenance which is when they pull the airplane all the way apart to nuts and bolts and rework the whole thing. The Navy guys don’t do it, just because it takes so long. By the time you’d finish it, your enlistment is up and you can get out. So I was a four-year apprentice, and worked on A6’s and F14’s.
Len: This is going to be a little bit left field, but it just occurred to me when I read that. As someone who used to work on those jets, I was wondering if you have any thoughts about the F15? (Note: Len meant the F35, not the venerable F15 - eds.). This controversial fighter jet that’s been developed over the past few years - and has run into so many hurdles, but may have jumped the last one recently.
Don: So the 15 has actually been in service for a long time. That’s an Air Force aircraft, and it’s kind of a contemporary of the 14 I worked on. I forget what the number is - I know that - think it’s the F32, or something like that? That’s the one they were going to develop one airplane for all four forces. And I don’t know. I’ll believe it when I see it. It’s a tall order, it’s tough to do that. You’re taking an aircraft that the Air Force wants to be able to fly and do their missions, which is great, and they have a lot of things - when they design an aircraft, they want to be able to change an engine in 20 minutes, and have all these metrics for how the airplane has to be serviceable, which is hugely important to their mission. The Navy on the other hand, basically wants it to be able to crash land on a floating postage stamp in the middle of the ocean - which is a totally different aircraft. Bigger landing gear, much bigger thing - maintenance is often harder. So it’s going to be really interesting to see if they can pull that off.
Len: When you say a postage stamp I assume you’re referring to the aircraft carrier, obviously. Did you ever have an opportunity to go on one of those?
Don: Yeah. Not for anything where they were in combat or anything like that, but as part of our apprenticeship, we got to go take a tour. I think it was the John F. Kennedy that we got to go on to, and see the airplanes that we were working on in real life and operation.
Len: That’s really fascinating to me.
Don: Yeah, they’re amazing machines.
Len: Two nuclear generators on some of the bigger ones, is that correct?
Len: And they’re powered for like 50 years or something like that?
Don: Oh yeah. They can go forever. I mean, they go out to sea for incredible lengths of time with their fleet that travels with them - six months, eight months is pretty common.
Len: Another totally from-another-direction question - you write on your blog about how you became attached to being independently employed, in spite of the uncertainty and the risk. And I was wondering if you could talk a little bit about what it was like to have that kind of independence? I assume you have quite a bit under Pluralsight now, as well. But I’m just curious about that dynamic - about being an independent consultant, versus being an employee.
Don: It’s tough. I mean, the upsides are - when you want to take off, you take off. So if you’ve got nothing going on on a random Tuesday afternoon, and you want to go see a movie - you’re free to do that. You don’t have to hang out and just put in your hours at the desk. So there’s a lot of upsides. If you work really, really hard, and you take on a lot of work, and you get it done well, you get to keep all that money. So it’s not like working for the man where you can really bust your butt and not necessarily come out any further ahead.
On the other hand, you’re the only one making the money. So you’re kind of constantly worried about, “Am I getting today’s job done? Am I marketing for tomorrow’s job? Am I making sure I’m lining stuff up?” You have to kind of get used to when your valleys and your peaks are so that - maybe you have to pile on really hard at a certain time of year, to cover a traditional slump at another time of year. And you have to be able to really manage your money. It’s not like living paycheck to paycheck, where you can spend this one because you know there’s going to be another one just like it in a couple of weeks. That’s rarely the case. The money tended to flow very, very, very unevenly. And so you have to really plan things out.
I enjoyed it a lot. You have to come to accept that you can’t ever be more than you are. So if you can produce a certain amount, you can get paid a certain amount for that - then that’s probably all you’re ever going to be able to do. You can optimize, create some efficiencies here and there a little bit, but only to a point. So if you’re the type of person who really wants to work on big stuff - bigger than one person can do, you wind up being with a company and a team.
And I’ve enjoyed both - the environment at Pluralsight really sets everybody up to be their own little entrepreneur. So you get that impact of working for a large team, but you still get to call your own shots within whatever it is that you’ve been trusted with. And that really, really fits my personality well. So it’s been a good match.
Len: And as a curriculum director at Pluralsight, what is it that you do? It sounds interesting.
Don: We have several curriculum directors that are on different branches of our library. I’m in charge of the stuff that applies to the IT operations crowd. So Windows server, SharePoint server, Linux servers, Windows clients - all that type of stuff. Not software development; that’s another whole chunk. And then we have another whole chunk that’s creative stuff. Your CAD/CAM software, your Adobe software, stuff like that.
So my job is to do research, plan our curriculum, decide what courses it is we should have - either to meet specific customer needs - or to make sure that we’re leading the customer, that we’re going to have the right training that they’re about to need, and maybe they don’t realize they need yet. And then I work with our acquisitions editors to recruit authors to produce those courses.
I work with our authors to get the proposals together, and get the courses outlined. And I work with our editorial and production teams to make sure that the courses eventually do get done and published in the right sequence. So it’s kind of a big coordination job. But I really, really enjoy instructional design - so it kind of fits into a little hobby thing that I’ve touched, on and off again for years.
Len: Speaking of instructional design, one of the topics that often comes up in the interviews that I do with Leanpub authors, and partly because I bring it up, is the - not necessarily the tension, but the relationship between the burgeoning field of online training and learning, and more conventional ways of learning and training. Like actually enrolling in a college or a university, and going there and taking courses. And I was wondering what your thoughts are on that? Do do you see online training replacing entirely some university degrees?
Don: I’d like it to. Particularly in the IT field, and particularly because I’m an American, and we have a particular situation and worldview around it. I don’t have a degree. As I mentioned, I graduated from an apprenticeship, so it was very vocational. I think there are colleges out there that do a fantastic job of preparing people for a job. In the US, it tends to be community colleges and vocational schools.
And they’re very lean, they’re very agile. They’re able to update their curriculum fairly frequently to keep pace with what the market demands. And a lot of times they’re only after you for a couple years. You’re after an associate’s degree or something like that. And a lot of employers, for entry level jobs, that’s what they want.
But we have a situation where kids are going and spending $30,000, $45,000 a year for a four-year degree - and they come out insanely in debt. They’re a couple hundred thousand dollars in debt. And they have a degree that is essentially useless in the marketplace, at least in the IT field. No one cares about it. “Okay great, you’ve got a degree. That means you essentially know nothing other than how to sit in a classroom for four years”. Well, that’s kind of an expensive way to be taught how to sit down for four years.
And it affects our economy, it affects it deeply. We have a lot of millennials who are in that situation, who are not buying homes, because they’re already under a crushing amount of debt, and the last thing they want to do is take on another 100 grand on a mortgage. And home buying is one of the things that deeply drives the fundamental core of our economy.
And so you create this whole situation where everybody feels like they have a degree - because everyone has a degree, it’s not special anymore. So you spent all this money getting something that’s not special whatsoever. It doesn’t differentiate you in the job marketplace. And in the process of doing that, we’re creating this horrible economic black hole that is eventually going to have to collapse in on itself.
So I would really like to see online training - whatever other types of training, particularly for jobs. Just completely replace that. At The DevOps Collective, we’ve put together an educational program that was designed to help someone get the skills they need to get an entry level job, say on a help desk, in a common IT organization. Now, that’s a job that, in the US, pays $35,000 to $45,000 a year. If you’re 19, 20 years old, that is kick-butt money for a first job. And IT tends to promote from within. So once you’ve got that job, you’re going to learn on the job and you’re going to get a $60,000 job, an $80,000 job - and eventually more.
So it’s an inexpensive program that someone can run themselves through. We don’t run it, we just kind of point to where you can go get it yourself, and we’ve laid out the curriculum. And I think over time - I hope that counselors at schools, and career advisers, will start to direct kids to some of these other options. If you want to be a doctor or a lawyer - yes please, go to a lot of school. Go to tons of school. But if you want to be an IT guy, it’s just not necessary. And I hate that we shove it down kids’ throats.
Len: And for those who aren’t familiar with the reasons, what do you think the reasons are that university education has become so expensive in the United States?
Don: Because they can. We live in a market economy, and if people are willing to go take a loan for 45 grand - and other people are willing to loan that money, then that’s how much the universities are going to charge. I mean, they’re going to literally charge as much as they can get away with. Particularly the private schools, and particularly the private career colleges - the University of Phoenix and things like that.
The public schools, the in-state schools, especially ones where you can get your in-state tuition - [they’re] financially [a] much better deal - community colleges. The problem is, those guys just - they’re academia. They’re designed to change at the rate of physics, which rarely changes. And they can’t keep up with really fast, quick changing dynamic fields like IT. So I mean, literally by the time you start - even if they have a brand new curriculum for you on your freshman year, by the time you graduate it’s useless. It’s all changed. And what they haven’t done is taught you how to keep up. And so it just doesn’t work out so well.
Len: One thing I’ve found out of a lot of the people that I interview who are Leanpub authors, and are in tech in some way or another, and I would say, probably at most half of the people I interview studied in school, what they ended up doing eventually in tech. And it seems that people have all sorts of paths to where they end up, and formal training and what they end up doing doesn’t really correlate.
Don: No, it doesn’t seem to.
Len: I wanted to ask you specifically about AR, and what you think the possibilities are in that space - augmented reality for online training.
Don: It’s hard to tell. It’s still something people are playing with. I look at the first video training that was available ten years ago, eight years ago, and you look at where we are now. Back then, it just wasn’t there. And everybody said, “This is going to be the new wave, and the new wave”. And eventually it was, but it took it a really long time, almost a decade. And people’s learning preferences and how your brain learns are really, really fickle. And the new shiny [thing] is not necessarily going to actually work for people’s brains.
I mean, there’s still tons of people out there, thank God, who buy books. They don’t want to go to a class because they don’t learn well that way. They want to be able to sit, read, play with, come back to it. And a book works for them. There’s other people who just hate to read books. So I look at new training modalities like that, and I worry a lot less about, “Is it cool? Can we do it?” And I worry a lot more about, “How does this actually serve someone’s learning needs? How does it fit the way someone’s brain is going to be put together?”
I’m sure there’s a lot of fields, like aircraft mechanic, where it would be fantastic to be able to sit down with a giant visor on your head, and actually work on a thing in virtual space. There’s probably a lot of mechanical, physical fields like that. You get into something like software coding, you could already sit down and do that right in front of you. You don’t necessarily need a honkin’ thing on your head. So if it’s applied well and to the right spaces, like everything else, “right tool for the right job”, I’m sure there’s probably a good future for it.
Len: I’ve seen one or two examples online where it seems like people are using AR to kind of replace training. Where essentially what you do is like you’re looking through these glasses with an overlay of video, or design of some kind. And it’s kind of just like telling you, like a little arrow like pointing at the distributor cap, “Pull this up”. And then it’ll point to your left and say, “In your tool box, there’s another distributor cap. Pick it up. Put it here”. Have you come across anything along those lines?
Don: Yeah, and I think it highlights the difference between training and teaching. I hate the word training. as it applies to anything I try and do. Trainers are for dolphins and dogs. And if all you’re doing is teaching someone to perform a repetitive set of tasks, then that’s fine. If you are the person being trained to do that, and it literally is as easy as someone saying, “Take the distributor cap and put it here”, you have to wonder how long it’s going to be before we just have a robot to do that and then we don’t need you anymore.
Teaching on the other hand is much, much higher level. It’s synthesis, it’s application. It’s helping people change the way they think. So that as a problem comes up, their brain is geared to deal with that problem. And - again - the modality doesn’t matter there, so long as you’re presenting the information in a way that makes sense to someone. But it’s always going to be really difficult to do that with any kind of rote, computer-based, just simulation-type thing, because a simulation can’t do anything really but train you. It might be a great supplement to teaching, but teaching is always still going to be a uniquely human endeavor.
Len: And you spoke earlier I think about course design. I was wondering if you could talk a little bit about that. When you’re designing a course, are you thinking about a certain type of student, or how to accommodate multiple types of students at the same time?
Don: We start with an audience design. I think that’s the most important thing. I view teaching as a story, and you have to know where your - your learner is the hero in your story. They’re the ones who are going on whatever path it is you’re taking them. And you’ve got to define exactly what that path starts as, and exactly how that path ends. Who are they at the beginning, and who are they going to be at the end? And so long as you know that, you can then start structuring a path that has as few distractions, as few gullies, as few hills as possible, and try and anticipate where those hills are, and pre-smooth those out by presenting the material in a sequence that leads them nicely up a slope instead of running them into a cliff that you then have to climb them over.
I think knowing who your learner is, who you want them to be, having reasonable expectations - if you’re trying to do a four hour course, you can only so much. And it might not be the last course they watch. But for this course, what’s the beginning and what’s the end?
And so we spend a lot of time working with the authors at Pluralsight on that. It’s something that I’ve done a lot in my books - “The Month of Lunches” series that I created that Manning Publishing runs, even in the DSC book I’m doing now. Even though it’s being produced roughly a chapter at a time - is when I tend to release updates. I had a plan for that from the outset. I knew what the path was.
Now, given that it’s lean publishing, I might be able to go back later and I might be able to take the skeleton path that I created in the first path, and then start filling in. Maybe some more examples. Maybe covering other scenarios that are a little divergent. So I can go flesh that out and make it a little fatter, but I’ve still got that path from the beginning to the end.
Len: I’d just like to ask you one more question before moving onto talking about your book and the way you’re publishing it, which is - you said the learner or student is on a journey. Do you set that - or do you encourage the course authors to set that up?
Len: End at the beginning. So you sort of set the stage for what the journey is in the first course?
Don: Yeah. And given that my audience is IT operations, we’re a very pragmatic people. We just want to make it work so we can go home. And so I try to have every course start out with a very clear, upfront motivation. “Hey, you know how it sucks when this happens? Well we’re going to learn how to fix that”. So that someone can immediately say, “Okay great, I can relate to that. I know the situation I’m in. I can start to impute some of the problems that are around the edges of this. And so I can get a feel for where we’re going, just with that one sentence. And yeah, that sets the stage for someone. That gives the learner an expectation. And the clearer you can make that, the more likely they are to be happy with the outcome.
Len: Yeah, that sounds really effective. Putting people in a situation where you’ve communicated to them, “Here’s where we want you to start, and where we want you to end. So you’re on a shared narrative.
On the subject of your book, I was wondering if you could explain a little bit about what DSC is, and who your intended audience is for the book?
Don: Yeah. Desired State Configuration is a part of Windows management framework. Which is what includes Windows PowerShell. So DSC actually builds on Window’s PowerShell. It’s kind of a high level part of PowerShell. And its idea is, if you’ve got a computer, maybe a server or a client computer, you tend to want it to be configured in a certain way. And the way we’ve approached that typically in the past is - maybe we’ll write a script, so we don’t have to manually configure the server.
When you set it up for that first time, you’re going to provision it somehow. And you get it the way you like it, and then you put it into production. And then invariably it starts to change. And so organizations spend a ton of time - and there’s management frameworks - COBIT, ITIL, all these other things that create - there’s huge processes around change management. So the idea is, you put something in place, it works. How do we make sure it never, ever changes - ever? So that, because - if we don’t change it, then it should always keep working the same way.
Desired state configuration is designed to kind of flip that on it’s head. You start with a computer and human-readable description of what you want the computer to look like. And then you hand that to the technology, and it builds the computer that way and then it makes sure it stays that way over time.
And if you change your mind - okay, well now we want the computer to look like this. You just change that document. And the technology goes in, and fixes it or alters it or whatever else - and then maintains it in that state. So it’s really kind of, not bleeding edge, but it’s definitely at the leading edge of where IT operational management has been for a couple of years. And this is Microsoft’s flavor of that.
Len: And how does it make sure things stay the same?
Don: It scans the machine every so often, and checks every single thing that you’ve said you want to be true - and makes sure that it is still true. And if it isn’t, then it’s got code underneath that remediates that and fixes it.
Len: You mentioned already that you’re publishing the book in-progress, and I wanted to ask you a few questions about your strategy around that. I think it’s something that other Leanpub authors, or potential Leanpub authors too, would be interested in hearing about. So you mentioned before I think - you had a pretty definite plan before you published for the first time.
Don: Oh yeah. I have a very detailed outline. Down to like second and third level headings. And that’s pretty common for me when I write a book. And I got in that habit for two reasons. One is that, with a traditional book, once you hand a chapter off to the publisher, it’s really kind of a pain in the neck and outside the process to change it. So you kinda have to know what the whole plan is. It’s not like you can get to chapter twelve and go, “Crap, I forgot to mention that back in chapter three”. It’s painful to go fix that. So I’m very used to this kind of top-down design approach.
That made it a little bit easier to just jump in and know what I was going to do. The difference is, instead of releasing a chapter at a time to the publisher - who then saves them all - I just publish it. And sometimes it’s a little ugly, sometimes there’s an error or two. But I think people in the space now are comfortable, so long as they feel they have a way of reporting that to the author, and they see progress. And Leanpub obviously gives people - I’ve gotten emails from people that said, “Hey there’s a typo on page blah, blah, blah”. “Okay great”. I fix that in the next update. That just gets pulled in, and now it’s fixed.
Len: So did you give you email address to readers?
Don: No, not yet.
Don: I need to set one up where I do that. And we’re about 50% through the book’s initial pass, so I need to do that. But I’m not that difficult to contact either. Most of the folks who are reading this know how to get me on Twitter, or they can find me on powershell.org. Or through my website, donjones.com. So most of the folks reading it at this point have found the book because of me, and they already know how to get hold of me.
Len: And you enjoy those interactions with them?
Don: Oh yeah, absolutely.
Len: That’s something a lot of our authors talk about. Some will actually put their email address in their introduction, and say, “Email me”, which we see as obviously a very good thing. But one of the things we’re thinking about is trying to optimize that relationship. Would you prefer to be contacted like through Leanpub or something like that? Or do you prefer it the way we’ve got it working?
Don: Yeah I think large scale, it’s probably a little easier to have some bottleneck, where everything can come through. Because obviously I’ve got a job. I’m doing this in my spare time. And so it’d be nice to have it in a queue that I could say, “Okay, once a week, once a month - whatever. I’m going to sit down, and I’m going to start running through all of this”. And that creates a good expectation for people, and you can tell them, “Look, if you send something - don’t expect a reply for this period of time, because I tend to process them in these batches”.
So I do that with my email organization right now. But it would be nice to have something in the platform. And I think it would give people a better perception that there is a feedback mechanism. This is the person I bought the book from, this is the person who wrote the book, and they’re going to help me - all talk to each other.
Len: Before I ask this next question, how much of your book had you written when you’ve first published it?
Don: The first chapter.
Len: The first chapter. So is that about 10% or something like that?
Don: Probably less than that. It was - honestly - the overview, it was probably 2,000 words.
Len: Oh, wow. Okay. Were you trepidatious about that, or did it just come naturally from you to publish something so early?
Don: No it - I write really quickly. And I think the majority of the folks who are accustomed to my work have a good expectation of what it is and how quickly I tend to produce. So I felt fairly comfortable doing that. We didn’t sell a ton of copies right away. It was one or two copies. It was when I hit the 50% point, and I think did a couple of things to make specific commitments to my productivity - that the sales started to spike up a little bit, which really does help keep the project moving.
Len: When it comes to the project moving, this was the question I delayed. I was wondering if you would like to be able to show to readers a sort of history of your progress somewhere on Leanpub. Would that be like, “I released the first chapter on this date. I released the second chapter on this date. Here are the things that I updated when I - or added when I did that. Here are the things I corrected”.
Don: That’s probably a good idea. It would at least show readers that you’re serious about it, and this is a real thing. And if an author publishes a chapter and then vanishes for three months, then readers have reason to be trepidatious - unless there was some commitment otherwise. So yeah, I think that’s reasonable. It kind of makes you a little bit accountable to the audience, which is good.
Len: One of the [things] we’re thinking about is sort of establishing that trust. So someone comes along and sees a book is 30% complete, and maybe they’re not so familiar with Leanpub and the concept of publishing that we’re trying to spread. And then if they can see, it’s only 30% done, but it’s like one chapter per week for the last 3 weeks. That’s a pretty good sign that I should trust that this author is going to complete what they’re doing and that they have a plan.
I was wondering, how did you - this is a big question for self-published authors - how did you decide pricing for your book?
Don: I’ve written a lot of traditionally published books, and so I know what a book of this length - and I’ve got a really good idea what the final length is going to be - I know what that’s usually going to be priced at. And so that’s my target price. I’m actually not priced at that right now as we speak, I’m priced a little lower. I decided to start with kind of an early bird price, to reward the people who jumped in early and helped support the project initially.
When I cross the 60%/75% point, I’ll bump the price up to its final [price], and it’ll be a little bit cheaper than an equivalent, traditionally published paper book would be, because there’s no paper costs. I’ve always felt that the majority of the value in the book should be the material in the book, not the paper. Not the copy editor, not the things that really don’t add a lot of value. So it should be about 20% less than a traditional published book of the similar length.
Len: And why did you decide to publish this book on Leanpub, rather than with a conventional publisher? Which - pretty clearly - you could’ve done if you’d chosen to, you’ve done it so many times in the past.
Don: This technology, like a lot of them, is extremely agile. It changes a lot and it changes fast. And there’s literally no upside to working with a traditional publishing model. I can write a book, I mean if I sit down and take the time - like if I took a sabbatical from work for a month - I can write a 300, 400 page book in a month. I write quick.
And that would be fine, except then it’s going to take two months to copy edit and two months to dev edit. Another month for a tech editor to go through, and then two months in layout. And then, even though it took me a month, it’s nine months to a year before the stupid thing gets out. And now it’s changed, and now it’s not good anymore.
So I really started looking around. I mean obviously there’s sites like GitBook, and Penflip - both of which I’ve used. PowerShell.org’s free e-books are dual-published. We publish those on Leanpub, and on GitBook. And I think GitBook is great for the model, but it’s non-commercial. I mean that’s kinda the whole point of it. Is that there’s no - there’s no storefront. There’s just all open source books.
That’s fine for powershell.org, it’s a non-profit, it’s a community organisation, not looking to sell those books. But this was something that if I wanted to be able to maintain this over time, there needed to be a financial reason to do it, because although I do enjoy writing, and I like getting this stuff out there. If it’s something I’m going to have my head in every month, I’m going to lose interest - unless there’s a - if I can take my family out to dinner once or twice, that’s a financial motive. So sure that works. That keeps me going.
And Leanpub was really kind of the combination of those. It lets me treat the book a lot like an open source project. Meaning, it isn’t open source obviously, but it has a lot of the same characteristics, in that I can make changes to it as often as I want to, or as often as I need to. But it still puts that commercial end on it, so that there is a financial arrangement going on that keeps me interested.
Len: Your book is currently priced at $39.99. I should mention, anyone get the deal now, if you’re listening. And of course, we don’t do DRM at Leanpub.
Len: And so you’re selling a $40, self-published, DRM-free book. We’ve actually got someone else, a guy named Nick Russo, who’s selling his book for a minimum price of $200, and a suggested price of $300 right now. So it’s offering something of a - for a book, a pretty high monetary value, something that people could easily not pay anything for.
Len: Is that something that you think about? Or do you just not think about?
Don: Not any more. I mean first of all, there’s no such thing as DRM. One of my first PowerShell books - some Russian guy bought it, shaved the cover off of, scanned and made a beautiful Windows help file out of. And that was online. I have never ever written a printed book that wasn’t pirated almost immediately. Any DRM can be stripped off really, really easily.
All it does is inconvenience your legitimate customers. It makes it harder for the people who did pay you money to take value for what they got. So I’m not going to punish the people who are supporting it. My experience has been - at least with the audience I work with - that they’re pretty upright people. And if they find value in something, they’ll pay for it. Now my price - my minimum price is $39.99. I’ve had more than a few people pay 60, 70 bucks for the book. So they’re paying what they feel the value is.
And if somebody’s out there, and they’re working with this stuff, and they’re in a country where $39.99 is two months’ salary, and so they’re going to grab the thing pirated some place - that’s fine, okay. Maybe they’ll do well someday, and maybe they’ll take their appreciation and go to DevOps Collective, and make a charitable donation to a non-profit that’s helping kids learn technology. So if that’s their value, it’s fine. My feeling is that it’ll all square itself out in the end.
You don’t write books to get rich. I’ve been doing this since 2001. There’s reasons to write books beyond the money. And so long as there’s enough of a financial thing to make it worth my time - and so far there has been - then that’s fine. I’ll go with that. But I think most people in the industry are accustomed to paying for something of value.
I’ll give you a really good example. I mentioned the free e-books on powershell.org. We put those on GitBook, which is very useful. But a lot of people are blocked at work from accessing GitBook, and one of the reasons we decided to also dual-publish them to Leanpub, was because we can set a minimum price of zero, and let people pay for the book if they want to. And it becomes a charitable donation really, because we give the books for free already. 90% of the people who get the book from Leanpub pay for it. Maybe they’re paying two bucks, maybe they’re paying four bucks. But I think people are willing to pay for it if they find value.
Len: Thanks for that, that was a great response. I agree, there’s so much in there that we agree with, and it’s great for us to hear that we built that, it can accommodate that. Our bestselling book in terms of copies and revenue last year has a free minimum price.
It’s just a fascinating thing to watch how our variable pricing model is succeeding for authors in this way - that they can offer the book for free and for money at the same time. And so do both those things that you can do as an author, two of the big reasons to write - the main one is to get whatever your message is out there to people. But one of the main advantages is to gain an audience. And the other one is to potentially make some money. And the idea that you can combine those two by making a free minimum price, but also having a suggested price that allows people to pay, has turned out to be very powerful.
So was one of the reasons you chose to publish your book on Leanpub rather than with a conventional publisher - was obviously, sort of ease of production. But was it that freedom to set your own price, and maybe play around with your pricing - did that - was that part of the reason as well?
Don: Yeah, that was a factor. And honestly another factor is - publishers just don’t do much to help you sell books, but they keep the majority of it. Most authors are getting 10%, 12% and that’s not a lot. So you’ve got this massive machine that really, in a lot of cases, doesn’t add a lot of value.
I’ve been very happy with Manning. I think they’re a great publisher. And for the “Month of Lunches” series, they’re a great fit. But this is a niche technology, it’s a very high-end technology. There’s never going to be 5,000 copies of this sold.
And it just made sense that if I was going to do this, to do it on my own terms. I’m going to be responsible for bringing the most readers to this. That and word of mouth. And so I don’t see any reason why there should be a giant publishing machine skimming 75% of the revenue off the top, when I and my audience are the ones who are going to have to do most of the work on it.
Len: Are you intending to make a print version when it’s done-done?
Don: No. I mean people can get a PDF and print it if they want to. But I’m not planning to traditionally publish it.
Len: Great, it’s interesting actually. I’ve just got to tell a little story I heard from my co-founder once. I think this was a Leanpub book. I was just reminded of this when you mentioned that it was someone from Russia who pirated your book once.
We had a story about a guy who published a book, and then someone from Russia translated it and was selling it. And so the original author - instead of getting mad, pointlessly, and trying to do something that you can’t do about that, got in touch and said, “Hey, would you like to translate my next book, and let’s sell it together?” And of course the translator was like, “Of course, I’d love to do that”.
It was interesting that something that a segment of the authorship community sometimes sees as a big threat, other people can see as a potential new connection. Building an audience for them.
Don: Yeah, and I’ve done similar things in the past, and I would do so again. I think you get a lot further creating opportunities for people than creating barriers. And I do have just about five more minutes too, so–
Len: Just one more brief question while I’ve got you here. If there was one thing we could build for you that would help you, what would that be? Or if there was one thing we could fix, what would that be?
Don: Gosh, I don’t know. It’s been working so well and so smoothly. I would say - oh man, I don’t even know. The one thing that I’m not doing in this book is any kind of professional copy editing. And it’s the one thing that I feel a little bit guilty about, because it does put it on the audience to do that. And I’m very patient with it, and I try to be very responsive when they point out errors.
But I’m not sure how I would collaborate with an author. Because I’m using the Dropbox publishing method, we basically [could] just have a shared Dropbox. I’m not sure how to loop an editor into that, like if I was going to use an editor and kind of notch this up a bit. It’s the one thing I feel little bit guilty about, that I wouldn’t minding putting a little money into.
But I worry about it just really slowing down the whole workflow. I’d want to release a chapter to the editor, let the editor do their thing - and then release that to the publishing queue. And the next time I hit publish, it grabs everything in that queue, and makes a new version. So that it’s - there’s a clean hand off back and forth. Or I can have two or three people working on the same document at the same time.
Len: Okay thanks, that’s a really great answer. We’ll think about that. I know your time’s about up, so thanks very much for being on the Leanpub Podcast, and for being a Leanpub author.
Len: We really appreciate it.
Don: Oh thanks for having me. Have a great day.