Monday, April 28, 2014

EVERYBODY PANIC II: Operation Clandestine Fox

Update:  There is now a fix available.  Run Windows Update or go get it: https://support.microsoft.com/kb/2961887

Well, just as the news of HeartBleed winds down, here's another serious alert.  This time, a security vulnerability in all versions of Internet Explorer that is actively being exploited in what the internet hype machine is calling "Operation Clandestine Fox".  No fix is available, though one will most likely be out shortly.  Homeland Security is taking the drastic step of recommending not using IE.

In the meantime, Chrome is your huckleberry.  Lest Google and Apple fanboys get too cocky, 3 days ago saw a similar issue patched by Google and by Apple.





Tuesday, April 22, 2014

Great Classic Kindle Books I've Read to My Son

We have a long way to go figuring out this parenting thing.  In fact, I'm hesitant to dole out advice on something I so clearly am just "winging it" on myself.  But one thing I think we get right is reading.  We read tons to our two kids (1 and 4 years old).  They always have fresh library books. However, starting when he was about about 2 and a half, I began reading night-time books that are way over my eldest's age, and this has been great on many fronts.  There is the obvious reasons:  science shows reading is good for kids.  Increased brain development, imagination, and social awareness can be linked back to reading.

But less obvious are some bonuses that reading "older kids" books brings.  A book with few pictures will often put kids to sleep with no fussing. You can read a chapter or two in a nice dark room and the kid will be droned to sleep before they know it.  It's as close as I've found to a magic trick when it comes to The Bedtime Wars.  Also, it can be "incentive" for other bedtime routines.  "If you hurry up and get your pajamas on, we'll have more time to find out where the submarine goes next".  I won't say this always works for ours, but it has helped.  Finally, it's also good for you: an excuse to catch up on those classics you never read as a kid, or don't remember from when you were little.  I've come to see bedtime reading as a good respite from a hectic day at work and other duties.

But this is a nerd blog, and so I have to involve some gadgetry.  Our reading is done primarily on Kindle.  This works great because it's easy to read with the lights out, and is available on iPad, Kindle, iPhone or laptop. Plus, while I am a fan of dead-tree books, I've lugged enough boxes of once-read books to appreciate having my library in the cloud and accessible from a 12oz gadget. I recommend either getting a Kindle Paperwhite or an iPad Mini and downloading the Kindle app. Even though Apple has their own bookstore, I like the ability to take my books to any device - Kindle, Windows and Mac laptops, iPhone and iPad.

 The downside is that not all titles are available on Kindle.  Apparently some publishers are trying to wait out this whole internet thing to see if it's going to really take off.  This is especially the case for lots of classics.  Here, Kindle and the rest of the online bookstores seem to have a gap.  Lots of out-of-copyright books exist, and are even free.  However, many of these are not well edited and contain errors.  Some even look like they were scanned in and never checked for accuracy.  Newer books are often (but not always) available, but many of these are not what I would call "timeless classics"

To that end, I've put together a list of  "older" books I've read to our now-four-year-old, and I'm sure yours will enjoy as well.  If you have suggestions of other Kindle books that kids may enjoy, leave them in the comments below!


22 Thousand Leagues Under the Sea.
 This was the first "older" book I read to ours, and he loved it. He obviously didn't grasp the whole story, but to this day, he wants to be a submarine driver when he grows up.

The Lion, The Witch, and the Wardrobe (or any Narnia book).
 A timeless classic, and one of my all-time favorite series.  Lesser known is the Space Trilogy by C.S. Lewis, though these may not be quite as approachable by younger audiences.

The Hobbit.
Another classic made popular nowadays by the movies.  This does contain some elements that may be scary to younger kids, but the overwhelming arc of the story is perseverance and bravery of unassuming, simple Bilbo. 

Caddie Woodlawn.
I was a little skeptical of this at first,  but ended up enjoying it.  A pioneer tomboy staves off war with Indians.


Flood Friday
This one is about a massive flood in the Northeast. May be heavy subject for sensitive children, but mine does not seem traumatized.


Rikki-Tikki-Tavi (Illustrated)
A heroic Mongoose saves a family from deadly cobras. There's just something about this Rudyard Kipling classic that mine enjoy.  

The Borrowers
Ever wonder where your clothespins, paper clips, and knick-nacks go?  This series has spurred little imaginations with a creative new look at everyday objects.  


The Mouse and the Motorcycle
What's more fun than a mouse that rides a toy motorcycle around?



My Father's Dragon: The Classic Story for Children (Illustrated)
We've read this short crazy story a couple times now. A young man sneaks away to Wild Island to rescue a dragon from a host of cruel animals.


The Sign of the Beaver
A pioneer boy survives alone with the help of an Indian friend.


Chibi: A True Story from Japan
A True story about a duck that captivated Japan.  Very -erm- stereotypical Japanese, but a cute fun story.

Disclaimer: I use affiliate links for some links on this site, but only for items I've tried and think are worth sharing.

Wednesday, April 16, 2014

This Warren Buffet Inspired Trello Board Could Make You a Millionaire

This post is based on a section from my book Trello Dojo.  If you like this template or want to learn dozens of other creative ways for using Trello at home and work, go get the book!

How about that link bait title, huh?  Obviously, somebody who's not a millionaire (yet) and has never met Warren Buffet has no business writing irresponsible titles like that. But, a Trello board just like what I'm going to describe has been useful for me personally, and I think is sound advice for those interested in coming up with "the next big thing" or even just  "a next pretty good little thing".



Simply put, create a board where you can jot down ideas, prioritize them, then motivate yourself to take action on them. I do this with an "Idea Incubation" board in Trello.  I can quickly  put ideas for projects or products in a list when inspiration hits. Periodically I review the list, laugh at some ideas (I still think a fly-tying kit for toddlers is going to be EPIC one day) and others I pull to the top of the list (just wait and see).  This gives me a good, prioritized list of things I could do one day, but it doesn't help me get them done.

Here's where Warren Buffet comes in.  According to a guy on the internet who claims to have met his pilot one time, Buffet suggests focusing on your top five projects at any given time.  This only makes sense:  we have a limited number of hours, a limited amount of energy, and a tendency to loose focus.  So, I keep only five ideas in a "Top Five" list.  Periodically I review this list and move things back to 'Ideas' to make room for something else.

On this board I also keep a "Stinkers" list.  This is where I keep ideas I once thought were good, but find are impractical or in retrospect not so great an idea.  Keeping these less-than-stellar ideas around, spurs creativity.  No, the kanban website for organizing kanban boards isn't worthwhile now that I have Trello, but it does make me think of this other thing....

Finally, A Ready To Start list is where I copy ideas from the top five that I'm ready to take action on.  Here, I give them legs by creating checklists or linking to other project boards.  This helps focus the top five even further- these are my favorite ideas that I can do something about, and the next steps that need to happen to make them come to life.

I've described the board as a personal board- something the next Zuckerberg can use in their dorm room to think up the next Facebook.  But this approach can be handy within an organization as well.  Invite team members to add ideas and vote for their favorites, then as an organization focus on the top five things that will make you all millionaires.

You can get started with a board just like this one by following these steps:


Monday, April 14, 2014

9 Online Tools to Make Your Day a Little Better

I've been a software developer for 15+ years, and as such have come across some online tools I think others may find very useful and may or may not know about.



With no ceremony and in no particular order:
  • LastPass - Manages all of my family's passwords and online info encrypted and synced to every device.  If my wife changes a password to our bank, then she doesn't have to tell me - my phone and browsers already know and will enter it for me next time.  This means our (very long, secure) LastPass password is the last password we need to know.
  • IFTTT.com - If This, Then That lets you automate all sorts of things very easily and quickly. For example "IF it's going to rain, THEN send a push notification to my phone so I don't forget an umbrella."  I use it to automate about two dozen other personal and work-related things.  
  • Zapier.com - Is IFTTT's bigger brother.  It's still pretty simple and has the same concep, but tons more integrations.  It is a pay service, but is a more business-oriented service.  It has integrations for things like SalesForce, BaseCamp, Trello, etc.
(Side note: those last two are good for learning about other popular web-based services, since each integration is typically a 3rd party service itself)
  • Trello.com - Absolutely the best way to manage a project or process or keep a todo list.  I've mentioned this one a few times because I'm writing a book Trello Dojo all about how to get the most out of it.
  • Feedly.com - I used to use Google Reader for the same thing, but Google killed that service, so I jumped to this.  Monitor all your blog feeds in one easy to use interface.  This is my "morning paper" and saves me tons of time staying current on my industry.  You can also push links from it to Twitter, Facebook, and a variety of other services.  IFTTT also works with it, so for example you could add a recipe  "IF I bookmark a link in Feedly, THEN add it to Evernote".
  • Evernote.com - a note taking app that works on any device.  If I paint a room, I snap a picture of the color code so I never forget.  Work notes, ideas, recipes, business cards, and more all go in here and I can pull them up on any device.
  • Bufferapp.com - Queues up posts to send to Twitter, Facebook, and LinkedIn.  I'm just now 'getting' this one, but the idea is not only can you write once and post to all those, you can schedule the posts (or rather, it automatically schedules them based on the best times for posting).  This is handy because it means you can sit down once to schedule a bunch of stuff of interest and it sends them out periodically for you.
  • StatusCake.com is a site monitoring service. Unlimited checks for free, with paid skus for more frequent and thorough checks.  This is probably the best way I've found to be sure all your stuff is "up" and get notified when it goes down.  As a bonus, they also give you some stats like performance and uptime percentage.  (Disclaimer: I am using an affiliate link here, but seriously, this is the best way to monitor your websites)
  • CloudFlare.com is a web accelerator.  This one gets a little nerdy, but it sits between the internet and your site and speeds everything up.  It can reduce bandwidth to your site by 75% (which may translate to savings on web hosting) and add in all sorts of value-add features at the same time.  For example, it will protect your site from DDoS attacks and various other vulnerabilities.  Like StatusCake, the free SKU is generous enough that it may be sufficient for many people here.
What tools do you use to make your day a little better?

Wednesday, April 9, 2014

Five Things to Do Right Now To Secure Your Digital Life

The internet is reeling today from the announcement of "Heartbleed" - a fairly severe security vulnerability discovered in software that over half of web sites use.  The news and hype may make some question what they can do to stay safe online.  As bad as this problem is, there are things that you can be doing that will greatly reduce the chance of being hacked - now and for whatever future nasties arise.

Creative Commons Photo by elchode 


1 - Get a Password Manager
A password manager will greatly simplify your life.  These run on any device and let you securely save and retrieve all of your passwords.  At first it may seem counter intuitive- storing all your passwords in one place means if somebody _does_ get to it, they have "keys to the kingdom".  But, unless you have a really good memory and use different long, cryptic passwords everywhere, you probably are worse off.  By letting you use different random passwords everywhere, and by remembering them for you, a password manager means you can change your passwords more frequently and keep more secure ones.  Good ones, such as LastPass and 1Password use state-of-the-art encryption to secure your data and only decrypt it on your device, meaning even if somebody were to hack into LastPass, they could likely not steal your passwords.  Step 3 will show you how to really ensure this is the case.

Update:  Lastpass has just announced a tool to check to see if your sites contain the Heartbleed vulnerability or have been patched. 

2 - Don't Use the Same Password Everywhere, and Change Them Often
If you've done the first step, you are likely good on this one as well.  Go through all of the sites and change your password to something unique.  Preferably do this once a month or so.  It won't be the most fun thing you do in the month, but maybe incentivize yourself with a nice cold beer while you do it.  If you have LastPass, this just means visiting the 'Change Password' page on your sites and changing your password.  LastPass will keep up with these changes for you and prompt you to save the new password.  If you don't have a password manager, one technique to getting fairly secure passwords is to use a passphrase with some pattern you can remember.  For example for FaceBook, you might use 2255#@FunnyBlogsAreMyFavoriteBlogs this month and remember it as "2255 pound A word that starts with F and a word that starts with B..."  This can be easier to remember, and since it's longer can be harder to hack.  

3- Setup Two-Factor Authentication Wherever Possible
Where the above techniques fail, two factor authentication can really save your bacon.  The best security is "Something you have and something you know", meaning to gain access, you need both something from your head and something in your hand.  This comes in many flavors and differs from site to site, but in general they involve an additional step to logging in from new devices.  For example, if you got a new computer and went to log into Google, it would prompt you to enter a code that they send to your phone in addition to your password.  Once you got it right one time, then it offers to remember the computer for the next time so you don't have to do this every time.  This way, if a person _were_ to steal your password they still wouldn't be able to get into your stuff.  Gmail, Facebook, and many other larger sites have this, with smaller sites starting to implement it as well.

TwoFactorAuth.org is a great site listing major sites that implement this scheme.

4- Don't Do Questionable Things Online
Downloading music, movies, and browsing to _ehem_ less-than-reputable sites are all vectors for getting hacked.  In the same way that walking down a dark alley at night whistling Dixie is a bad idea, so is taking part in the darker web.  Are there ways to do this stuff without getting hacked? Probably.  Does your best friend's cousin who is, like, a computer expert know an app that gives you tons of new movies free without any viruses or other vulnerabilities?  Probably not.  Stay away, stick to the main road, and your computer will be happier for it.

5- Keep a Balanced Perspective
Yes, there are risks online.  Your credit card can be stolen if you're not careful, but often if you are quick to notice, you can get the charges canceled before they hit your account.  Your Facebook password can be stolen, or in some cases even hacked without stealing the password.  It won't be fun, but usually you can recover from it.  The key is realizing that there are risks _everywhere_ and using an appropriate but not debilitating amount of caution. 

Heartbleed! Everybody PANIC!

If you haven't already, now is a very good time to change your passwords. All of them- banks, email, social media, etc.  A major security vulnerability was discovered yesterday that by some accounts left 60% of the web vulnerable to intercept and account theft.  This is certainly one of the worst I've heard about.  You can read more at http://heartbleed.com/

The problem is if the site has not been patched, changing passwords won't do any good. Most major institutions probably have patched already, but it wouldn't hurt to check with your smaller banks etc.  Just email support and ask if they have patched the "OpenSSL Heartbleed vulnerability".

I have recommended Lastpass before and still do.  It was one of the vulnerable sites, but due to the way it's built, theoretically should still be safe.  It's still a good idea to change your master password there and the passwords it contains.

One last tip: if you get a password reset email, go to the website directly to reset your password instead of clicking a link in email.  This will prevent any related phishing attempts.

PS: Don't really panic.  Just be safe and change your passwords regularly and do not use the same ones everywhere.

Friday, April 4, 2014

Use Trello to Slay Debt the Dave Ramsey Way

The following is an excerpt and free template from my book Enter, Trello Dojo. Enjoy!


Debt-Free Trello
Financial Life Plan Template - To use this template as your own, simply click the link and then Show Sidebar -> Copy Board.
Two of my favorite personal finance books of all time are Financial Peace and Total Money Makeover by Dave Ramsey. These excellent guides show step by step how to take control of your finances, get out of debt, and save for retirement. I was introduced to them in college and they have had a huge impact on how I view my personal finances. This template lays out his seven steps with links to information about each one. By using Trello to keep track of where you stand, you have an instant big-picture view of your financial goals. Dave's plan is simple:
  • Step 1 - Get a budget and save a $1000 emergency fund.
  • Step 2 - Pay off all debt, except for your house. List them smallest to largest and ATTACK! The template above includes a checklist where you can get that gratifying feeling of progress as you check them off.
  • Step 3 - Save 3-6 months in your emergency fund.
  • Step 4 - Save 15% of your income in tax-advantaged retirement accounts.
  • Step 5 - Save for your kids college.
  • Step 6 - Build wealth and give!
At first, even these simple steps can seem impossible, but thousands of people from all walks of life call in to Dave's show every day having achieved various milestones in this plan. In practice, you may find yourself going back and forth in them a few times. Dave himself has. But it is possible with hard work and discipline, and maybe a Trello board or two to provide inspiration along the way. You can read more about Dave Ramsey and his financial guidance in various areas of life at http://www.daveramsey.com.