I have been working for over a year to get us some real professional work as a team (with pay). I have not finalized the deal quite yet, so I can’t give you many details at this time.
I started this effort early in 2023 when I visited Bukavu and met a number of you. You can read the top section of the Home page, and the About page to see the vision for this site: To create a mentoring community for aspiring software developers. Mentoring is much more than Teaching or Learning, it is about creating a Community for success. This site is a primitive Learning Management System.
As a team we have gained a lot of experience with WordPress and the Disciple-Tools theme. We have learned how to customize WP and DT. Our first major client is a CRM for a Basic Literacy project in West Africa. That project leverages many of the skills we have gained.
I believe that our next major initiative is to cooperate on a very large LMS platform. It is not just an LMS but is a cloud based LMS platform that can be customized for many purpose such as a corporate training facility, to school or university level institutions, or private communities that need to share resources in a highly secure way. Since it is cloud based, it will bring new dimensions to how large applications are designed, engineered, and deployed.
The first major contribution that we can make to that effort is something that is missing in their effort so far, and that is carefully designed UI and UX testing that not only is done manually, but can be highly automated. Their development team is not trained in those aspects, and we have the opportunity to fill that gap in their effort.
So, in light of that, I have launched a new section of our site: Testing your work. In this case we will be testing the existing development team’s work.
If we do this right, we will add a major new skillset to our community that will lead the way to many commercial projects like the one I have been discussing.
In the process of that testing we will learn a great deal about LMS systems, and will greatly expand our vision of that field. Finally, with that experience we will be able to improve and rebuild our MKB.com site and/or sites for the FreeDev-group.
Conclusion
Without neglecting the work you are currently doing, visit the new Testing your worksection and start reading that. Soon, the subsections of that will get filled out and the Automated UI testing will have some projects that you can undertake as paid work that will benefit our whole team effort.
The A-Team has been mentoring Cohort-3 for a couple of weeks now, and I must say that I am very impressed with the process and the results!
The Cohort-3 members may not know this, but it has been a challenge to organize this effort. Philémon did an excellent job of conceiving of and organizing the protocol and content of the effort.
I (Mike) got overwhelmed with the number of people involved between all the mentors and mentees. My usual way of keeping track of contacts was overwhelmed and I needed a better tool, so I setup a Disciple-Tools website that I call Team.MichaelKentBurns.com. For those who don’t know yet, D-T is a Customer relationship management (CRM) system for recording contact information and organizing them into groups. I invited all of the mentors as members of that and each has a group for their mentees. One of the features is the ability to leave comments about a contact. I think it was Salomon who first started leaving comments with progress reports and insightful comments about each mentee. What their strengths and challenges are. He even made observations about how two mentees could interact to strengthen each other. This shows clearly that the mentors are taking their role seriously and are committed to your success.
The mentors are also leaving comments with links to the GitHub projects and live pages of the completed work. That has given me the great pleasure of seeing the high quality of work, the process, and documentation that is now part of your discipline. You all should be commended, and this will serve you very well for years to come.
The A-Team has completed the new version of our Student Survey Site and it is now online! There were a few hard links to the old demo.MichaelKentBurns.com site in these pages. Those in the Challenge pages have been corrected now.
We will soon be announcing a dozen or so new students in Cohort-3. This requires some changes to our mentoring and challenge process.
Previous Challenge Page.
We have been operating for two years now with Cohort-1 and Cohort-2 using the simple Take a challenge page. I trained the Cohort-1 guys, and they in turn started to train the Cohort-2group. When that was completed, those two cohorts became a working team called A-Team in August of 2025.
New Challenge Structure
Starting recently, the A-Team is now training Cohort-3. In this and future cohorts the established students will pair up with new students and guide them on their journey. This will include close mentoring and working on challenges together.
Challenge Repositories
The mentor of each pair will create new repositories in his GitHub account for mentor and mentee to work together on a challenge. The mentor will be paid for his time and the mentee will be paid when the project is completed satisfactorily. The details of the progress will be tracked in the Issue list for the repository. This will now require that an Upwork contract will be setup for both. When the challenge is completed the contract will close.
New Challenge Page
A new challenge page will be added soon which will replace the original.
Philémon, as the A-Team project leader will provide more detailed instructions in the new page which will be called Pair Challenge Structure.
New Student Survey Site
A-Team has created a new WordPress site at http://student.MichaelKentBurns.com and is putting the finishing touches on that. It will allow the mentors to take the role of Instructor and the new mentees to register as the Student role.
AI is pretty awesome, and very helpful. BUT, there are serious implications and moral issues with it’s use. This will be the first post in a discussion that I would like everyone of my team members to read and respond to.
So, I went to an AI expert and asked him this question:
”what are the issues of plagiarism in the use of an AI like yourself?”
The response was very informative. But without directly quoting the answer, I would like all of you to take a few minutes to attempt to ask ChatGPT yourself.
It’s not too difficult to setup, Mr. Google can get you started. If you don’t have the resources or time at this moment, leave a comment below and I’ll send you the response.
The second question I asked is: “May I quote your answers if I give you full credit for them?” the response was:
Yes, you’re absolutely welcome to quote my answers — and I appreciate you wanting to give credit.
Here’s how to do it properly:
✅ If you’re writing a paper, blog post, article, or other work:
You can cite it like this (depending on the style you’re using):
🔹 Example (APA Style):
In-text citation:
(OpenAI, 2025)
Reference list:
OpenAI. (2025, August 21). ChatGPT response on plagiarism and AI use. https://chat.openai.com/
Please leave your comment on this post and tell me one or two things that you learned from reading this. AI is very useful for learning.
You can visit those links to their respective pages in our About section.
Since Cohort-1 has successfully coached Cohort-2 through their preliminary training their next step is to work together to produce an application that is a second iteration to the Cohort-1 demo application. The first version was a standalone website. This new version will be built inside a WordPress application. As a matter of fact it will be built into this training site. This gives all of them experience developing custom post types and use of not only HTML and CSS, but also PHP and JavaScript all integrated into a WordPress application.
This new application will also be a training experience in WordPress customization, custom themes, and more.
Once they have completed that project we plan to open a service to site administrators wanting to deploy and administer an extensive application being used by many large and small projects around the world. The name of that application is Disciple.Tools.
Over the past decade, the freelancing market has exploded, fueled by technology and the gig economy. This presents a golden opportunity for young people in Africa. It allows them to work remotely, earn income, and be their own boss. However, to thrive in this competitive space, they need the right skills and knowledge.
One critical skill is digital literacy, especially programming. Enter Michael, a seasoned software developer with over 40 years of experience. We met in Bukavu, DR Congo, two years ago. Impressed by his passion for equipping young developers with freelancing skills, he created michaelkentburns.com, a valuable resource for beginners seeking tools to expand their services internationally.
Sharing this passion for community development, Michael has trained two cohorts of aspiring web developers over the past year. We learned about teamwork with GitHub, agile methodologies, project budgeting, time management, documentation, and more. I personally honed my leadership skills, planning tasks, motivating the team, debugging, and communicating effectively on GitHub. These are all essential skills for remote collaborators.
Now, with the basics under our belts, what’s next? Our goal is to build a supportive community of developers who can uplift each other as online freelancers. Together, we’ll offer digital solutions to local clients and communities, creating a positive economic impact.
It won’t be easy. But with dedication and teamwork, we’ll overcome challenges. To maintain team dynamics and internet access, we invested in a router at Lephare Church, our regular workspace. We fund our own internet connection, making it our “office.” Weekly meetings involve coding challenges, online courses, and video tutorials. Wednesdays are dedicated to addressing common issues and live coding sessions. We’ve set a six-month goal for beginners to build competitive portfolios for the international market.
Our future vision is an online agency connecting talented freelancers with potential clients. This will empower those struggling to find jobs, especially young professionals. The agency will offer comprehensive training to help them excel in their chosen fields. Through this initiative, we want to establish a sustainable platform for professional growth, financial stability, and economic empowerment for diverse individuals.
By investing in programs that develop these skills, young Africans can unlock the potential of the global freelancing market and contribute to the continent’s economic rise.
In my last security post I discussed the fact that good secure passwords and proper storage and use are every web user’s responsibility. This is even more important for those of us working as web developers.
Providing a username and password to a website or application does primarily only one thing, and that is to prove that you are who you say you are. You really need to be trusted by the service you are using. However, the flip side to that is that you want there to be NO OTHER PEOPLE that can impersonate you. You, and you alone have the legitimate right to your information. It is a matter of proving identity.
Once you login, then the service you are talking to needs to prove to you that they are who they claim to be. This pairing of proven identities sets up a trust relationship. You and your web browser need a two way trust with the service on the other end of the network connection. However, from its inception the internet was a trusting place so the connections did not need built-in security. Originally, it was university researchers sharing information with other researchers. There was an inherent trust in that community. But, then many people and companies started using the internet for many different reasons, most legitimate, but unfortunately many are malicious. Secure Socket Layer (SSL) is a technology for creating a secure tunnel from the inside of your computer to the inside of a trusted service you are connected to.
How SSL works is very complicated and fortunately you don’t need to understand it all. Here is an excellent and relatively short explanation of how SSL certificates work: https://www.cloudflare.com/learning/ssl/how-does-ssl-work/ Please take a few minutes to at least browse through it to understand the basics.
Now that you have that basic understanding, we need to consider the two basic concepts that have to be carefully considered to be safe(r) on the internet:
Identity of you and your browser, and the web server and its owner. And a secure communication channel between the two programs. Certificates do both of those things.
When you enter a URL or click on a link, the URL starts with a protocol string which is either HTTP:// or HTTPS://. The S stands for Secure. You can freely communicate over HTTP protocol, but it is NOT secure. If you want it secure then it needs to be HTTPS.
Insecure connection
As an example of an insecure website, try this (no really, it’s OK): http://digitalparadox.org/ Notice the ‘http://’ and when you get there the address bar of your browser should say ‘Insecure‘. If you forget the ‘S’ on a site that is secure, it has the ability (not guarantee) to forward your request to httpS:// to ensure it is secure. Try it and notice if it makes the switch.
Secure connection
When your browser connects to a web server, AND you are using HTTPS protocol, then your browser and the web server exchange certificate files that are used to establish the secure channel. Both programs can determine for certain whether the other computer sent a properly secure certificate. When that is done, your web browser should clearly indicate the connection is secure. This is often done by displaying a lock icon to the left of the address as in these examples. Notice that these examples are all this training site: MichaelKentBurns.com which has a proven certificate.
Unfortunately Chrome browsers sometimes use an icon that is not clear to my mind. It is meant to indicate a two way secure connection. Here it is:
Secure connection to Uncertain site.
So far we have been primarily interested in the secure connection, but we have not addressed the identity of the website. Built into a properly formed certificate is the identity of the service and the identity of several independent but trusted certificate authorities that know about this claim of identity. Basically, your browser can decode that certificate and contact those independent authorities to check out the claims. If all that checks out, you can be quite certain that all is well.
However, a less secure type of certificate can’t be proven by your browser. In this case then your browser will make it plain to you. One example that I am certain of is our demo site: https://demo.MichaelKentBurns.com . We have a certificate but it’s not proven yet. The first time your browser encounters such a site it will make it very plain by showing you a severe warning instead of the website you were hoping for.
Not wanting to assume that you understand the subtleties it simply says ‘Your connection is not private‘. The connection is secure, but you can’t be sure of the destination. HOWEVER, don’t be too quick to barge on past the warning! This is where:
I give HIGH COMMENDATION to Samuel.
When he encountered this he said:
“… the problem that i have found it concern the security of this page, my software of protection had to notify me that, …”
Samuel, an astute student!
Always stop at this warning and evaluate. Double check your instructions. Make sure the site you are going to is a low risk. Your important accounts and high risk sites should NEVER cause this warning. In this case, it was our demo site that was still under construction. This warning is what prompted us to enter Issue #24. It is that issue that I have been working on that brought all of this to my attention. This is an important issue that should never be trivialized.
But, once you read the warning, you are provided with an ‘Advanced’ button. If you click that, you get a little more information:
Notice, at the very bottom line in fine print, there is a link that lets you proceed to the site. If you click that, you get your site but there is a still a stern warning in the address line of your browser:
Checking the details of a site certificate.
In some browsers there is a link or a button that will show you the details of the certificate.
That’s not usually very easy to do with some browsers. There is an easier way:
Make sure the sites you are responsible for have a good certificate.
Now, dear students, it’s time to take action. Leave a comment below.
What did you know about this before reading this page? What did you learn? Better yet, what are you going to change? Whose responsibility is it to check certificates?
NOTE: This is one of a few occasions where I will post that my readers should, and my students MUST stop and read. So, I’m going to use a label we use on our most important GitHub issues:
I know that network security is such a bother! But, please, read this carefully! Network security begins with the user, and that means you! It also is a primary responsibility of web and other software developers, so that means you! But you may be thinking that you are just a front-end developer, not a full stack expert. Wrong! Yes, the full stack guru needs to be extra trained and vigilant, but like any chain, it is only as strong as the weakest link. Don’t let that be you. The end user is a link to. So, that is where we are going to start.
This is just the first installment of a major section that we will add to this training site. So, settle in and pay attention. There will be a call to action at the end of this and every security post.
Security Lesson #1 – passwords
Why passwords are important:
We all have so many online accounts and almost all of them require usernames and passwords. In the password vault I share with my wife Mary, we have 692 passwords!! But, we have all been advised that it is important to have good passwords to keep our digital lives secure.
Think of the types of accounts that you might have:
Social media accounts (Facebook, Twitter er X, Instagram)
Just think if those were not password protected. You might think that some of those accounts are not that important because you don’t have anything terribly valuable. But consider that thieves and hackers don’t know that you don’t have anything valuable. They just hack and if they get in they look for valuables. But, many hackers are not looking for valuables, they are looking to cause trouble.
Is your social media presence valuable to you? What if your account were hacked and a malicious person decides to post nasty things while posing as you? What would that do to your relationships and social trust? What if your work account was hacked and your companies private information was stolen or damaged? Even if you don’t control any valuable information (not likely), if a hacker gets in your login account they can use that to launch a cyber attack on many sites. Many hosting services will quickly detect such an attack and their response is to simply shut down the machine. Now, you and your co-workers can’t login to work the next day, and maybe the day after. Not good.
Consider that list and you decide what the value is on just five of those accounts.
Assuming that you have now created some great passwords, you may realize that you are NOT going to be able to remember them. Please don’t write it on a sticky note on your keyboard!! (I’ve seen it done!). The previous article mentioned several good password vault programs. I personally use 1Password. It’s been around for years and is cross platform. My wife and I share an account and it synchronizes to all of our devices and operating systems. It uses biometrics where supported.
Good password managers also contain a feature that checks the security of your passwords. 1Password calls that feature ‘Watchtower’. With one click it checks all of my passwords. It evaluates:
The strength of each password
checks for passwords used for multiple sites (very bad idea)
websites which are known to have been compromised (your password is at risk)
unsecured websites (http:// rather than https://) More about this soon…
sites that offer two-factor authentication that you are not using but should
sites that support Passkeys (much more secure than even two-factor)
However, you often need your passwords handy in your web browser and your ssh terminal program. 1Password (and others) have plugins to most browsers so it is at the ready to plugin your password when a sites prompts you to login. I also recommend an ssh (and sftp) program called Termius that has a password vault built in. Once I have unlocked Termius and connect to a site, it automatically retrieves the username and password from its vault.
Call to action:
You should have followed each link and chosen your five most important passwords.
How strong were they?
How long would it take to crack them?
Did you decide to change them?
Where did you store the new better password?
Have you considered a password manager?
How secure are your accounts now?
If you are one of my students, you MUST leave a comment on this post and answer each of those questions. I would be interested any any other comments as well.
