Top
Contact Info & Subscriptions
Stats
Categories
Contact Info & Subscriptions

Keep Up To Date!

Subscription Options:
Email
RSS Reader
  Mobile Version

Google+

Search this site
Categories
Stats & Stuff

Visit The GTD Zone


 

hits counter

 

Thursday
Jul262012

5 Ways Taking Classes Helps Improve My Skills

DateThursday, July 26, 2012

This week I was reminded of a great way to improve your skills:  hands on practice in a well-organized workshop or training program.  In my case, I took some "boot camp" courses in computer hacking at a security conference to brush up on my skills and learn about new tools.  I felt like I was getting rusty and wanted a refresher.  Boy, was it fun!  [Note: I don't hack things for malicious reasons - I help people secure things for a living, and a strong defense requires a deep knowledge of how the attackers will come at you.]

I try to keep up with things from online sources (blogs, discussion boards, etc.) but it is difficult to internalize some of this without sitting at the keyboard and trying some things.  In this regard, the workshops I was in had a few key advantages:

511 3582850

Access to experts who can help you learn

I am generally good at solving problems because I have a good mental process for figuring things out.  However, sometimes I know what questions to ask but not how to get the answers.  This happened a lot in my class.  

One of the instructors set the stage nicely for this by saying, "I won't tell you the answer, but if you ask me the right question I will tell you how to get the answer."  Essentially, he was testing for whether or not we grasped the concepts behind the problems we were trying to solve; if we understood well enough to formulate the right question, he would point us to the right tools, resources, or processes for us to research how to get the answer we were looking for.

Access to others with different approaches

Another aspect of the classes that I liked was how we compared solutions and approaches after each challenge.  Each student would independently solve the problems, then we'd talk through how we got to the solution at the end.  I learned a bunch of techniques from other people that helped me improve my own skills - in other words, when I saw a method that worked better than my approach I added it to my arsenal.

We also learned about tools and tricks to make things easier - typically leveraging a proven process, or automation, or resources we didn't know about before the classes.

A safe environment to try new things

We were all in the classes to learn new things, so there was no stigma attached to making mistakes, and no shame in asking for help.  

Also, the people who conducted the classes provided us with a fantastic assortment of systems to hack, each with different operating systems, different vulnerabilities, different kinds of target "prizes," etc.  This is very difficult to come by in the real world unless you have a pretty sophisticated lab setup. It felt kind of like a playground.

Competition fuels the fire

In a lot of classes, there are competitive exercises intermingled with the learning exercises.  My classes were no exception - we had several "capture the flag" scenarios that allowed us to compete with each other to see who could achieve the goal first.  This was a lot of fun, as it forced us to apply the things we'd been learning but put some time constraints on us.  That made it feel much more real, and not so academic.

Feed the thirst for knowledge

The other side effect?  I now want to learn even more about the topics I worked on in class.  I have a long list of things that I touched on in class, but want to research more deeply.  And I want to check out a few training classes that can help me get there faster.

There you have it - 5 ways classes helped me improve my skills.  There are other benefits (met some great people, got CPE credits, etc.) but these are the ones that will keep me coming back.  What about you?  Have you taken a course lately?  It might be a good way to get you into a new mode of learning and improve your skills.

AuthorDwayne Melancon | CommentPost a Comment | Print ArticlePrint Article | |
tagged , , , in , , , ,
Tuesday
Jul172012

Should you change your password?

DateTuesday, July 17, 2012

There have been a lot of well-publicized data breaches in the news lately, and I always wonder if I've been affected by them.  When credit card data is affected, you get a letter from your bank or card issuer (I've gotten a few), but when it comes to web site hacks that go after passwords, you never know.  Or do you?

I'd like to share a couple of resources you can use to find out whether you should be concerned, as well as a couple of things to help you increase your password effectiveness in the future.

Find out if you've been a victim

A site called "ShouldIChangeMyPassword.com" has aggregated (as of this post) 11,802,026 compromised passwords from a large number of the publicly disclosed data breaches.  If you go to the site and enter your email address, it will tell you if your email shows up in the list of compromised accounts.  In my case, I've been breached at least once, as the graphic below shows.

SICMP

My password was compromised in the Gawker Media breach but, fortunately, I used a unique password so my exposure is very limited.  I also changed my password the moment I found out (Gawker was very responsible in their notification, and I knew within a few days).

Other sites you can use to find out if your password's been compromised include:

 Stronger passwords in the future

Portable thumbnailIf you want to protect yourself better in the future, here are some tips that can help:

  • Use different passwords for each site you visit
  • Use complex passwords (mixture of upper & lower case, numbers, random characters that aren't in the dictionary, etc.)
  • Don't write your passwords down

The challenge with this is that it makes it nearly impossible to remember what password belongs to which site.  To make it easier, I recommend using a "password vault" that can generate complex passwords for you and then help you remember them.  The best ones are multi-platform, never store your data in an unencrypted form, and allow you to share your password data securely across multiple devices.

I've tried quite a few of them and the one I like best is called "1Password."  It works on Mac, Windows, Android, iPhone, iPad, and I've been using it faithfully for a couple of years.  It stores an encrypted data file on your system (the makers of 1Password don't store your passwords on their own systems), and it easily shares your encrypted password data using Dropbox as the conduit.

1Password also has the ability to store other information such as credit card numbers, software license keys, and more.  It can also generate and stores secure passwords for you, which makes it easy to satisfy the tips I mention above.

If you want to take a more manual approach, there is a good "personal algorithm" method using Steve Gibson's "Password Haystacks" model, detailed on the Gibson Research Corp. site.  This is also a great educational site on how longer passwords offer exponentially more security.

AuthorDwayne Melancon | CommentPost a Comment | Print ArticlePrint Article | |
tagged , , , in , , ,
Friday
Jul062012

Beeminder is keeping me on task

DateFriday, July 6, 2012

I'm roughly 100 days into my use of "Beeminder" and wanted to provide an update.  If you recall from my earlier post on Beeminder, it is a "put your money where your mouth is" kind of commitment tool.  I committed to blogging at least 4 times per month and, if I don't, I owe money.  Yep, cash money.

I got into this base purely on curiosity, but I am now a huge fan.  There is nothing like a commitment to someone else to keep you honest, and nothing like a commitment of money to get you to take things seriously. When I first found out about Beeminder, it was relatively unknown.  Last month, the Beeminder team (now located in lovely Portland, Oregon along with me) received some well-deserved publicity from LifeHacker.

Here is how my progress is going so far:

Beeminder gc July 6

Basically, the yellow line is my "yellow brick road" and my goal is to stay above it - below it, I owe money.  This is a great system and I am growing addicted to it.

They do a great job of providing you with updates via an email from the Beeminder Bot.  You can provide updates via email or on the Beeminder site, and provide data to make your graph go, as mine has. Rumor has it they are working on even more mobile-friendly ways of updating your status.

Got a goal that could use some pressure / encouragement?  Head on over to Beeminder and give it a try.  You'll love it.

AuthorDwayne Melancon | CommentPost a Comment | Print ArticlePrint Article | |
tagged , , in , , ,
Sunday
Jul012012

An easy way to play music from your phone over Bluetooth

DateSunday, July 1, 2012

My current car has an iPhone / iPod adapter built into it, which was really great when I had an iPhone.  Recently, however, I switched to a Samsung Galaxy S III which is Android-based, and not compatible with the iPhone jack.

I'm lucky enough to also have an Aux plug in my car, which means I can play any audio source that uses a 3.5mm stereo plug so that made switching to my Samsung was pretty easy.  For a week or so, I used a patch cord to connect the headphone jack on my Samsung to the Aux input on my car stereo.  

However, there were two problems with that approach:  

  • First, I didn't like having an extra wire get in my way all the time.  
  • Second, I got this "whining" noise along with my music, which happened anytime my phone was plugged into both the USB charger and the Aux input.

I've found good solutions to both of these problems, for a reasonable cost.

AuxJack

Solution 1: Use Bluetooth to play audio from your phone over your car's stereo

I found a device called the "Miccus BluBridge Mini-Jack RX: Bluetooth Music Receiver" which you can pair with your phone, plug into the Aux jack and play your music wirelessly.  It works very well, and I find the sound quality to be very good - I think the fact that Bluetooth is a digital signal contributes to very good quality audio.

The only (minor) inconvenience is that I have to push the button on the BluBridge to turn it on so it connects to my phone when I get in the car.  Aside from that, I'm very happy with this device.

You can use this device with anything that has a 3.5mm stereo input jack, not just in the car.  It comes with a number of cables to allow you to connect it to things like the RCA plugs on the back of your home stereo, too.  That means you can pipe your phone's music into external speakers, the input on a home stereo, etc.  It has rechargeable batteries that last about 8 hours in continuous use.  

In my case, I leave it in the car so I plug it into my car to keep it charging anytime the car is running (I have a USB charging adapter that plugs into the 12v adapter in my car - the jack that we used to call the cigarette lighter in the olde days).

Oh - and by the way (on my car, at least) I can still take calls over the Bluetooth handsfree gizmo built into my car, since Bluetooth only classifies the BluBridge as a "Media Device" so the phone still sends phone calls to my car.  When the call comes in, the music pauses, then starts up again when the call hangs up.

Solution 2: Stop the whining noise when your phone is plugged into the charger

416ZLyfET8L SL500 AA300Initially, when I had my phone connected to the Aux jack with wires, I got whining over the speakers any time my phone was plugged into the charger.  Apparently, this is engine / alternator noise that bleeds through.

When I switched to the BluBridge it didn't matter if my phone was plugged in, but I still got that same whining anytime the BluBridge was plugged into the cigarette lighter to charge.

For both of these cases, the solution to getting rid of the whine is pretty easy - I bought a device called a "PAC Ground Loop Isolator for 3.5 MM Applications," which is an inline noise filter.  You plug your audio source into one end of this device, then connect the other end into your Aux jack and the whining noise magically disappears.  OK, so it's science, not magic, but the sound is still gone.

If you have either or both of these challenges in your car audio life, I recommend these solutions - I'm very pleased with them.  Now I can listen to my music, or catch up on podcasts during my drive time.

Oh - the phone? I love the Samsung Galaxy S III, as well.  The iPhone was great, but I found the screen to be too small for me (I have large hands) and I like the big, bright AMOLED screen.  It's also fun to tinker with Android.

AuthorDwayne Melancon | CommentPost a Comment | Print ArticlePrint Article | |
in , ,
Wednesday
Jun202012

Effective metrics drive the results you want

DateWednesday, June 20, 2012

This week I attended the Gartner Security & Risk Management Summit in Washington, D.C.  I attended a lot of very good sessions, but the one that left the biggest mark on me was a session called "Metrics That Matter," delivered by Jeffrey Wheatman.529 3218902

I went to this session because I've had a lot of conversations with information security executives this year, and a common question is "What should I really be measuring?," or they make comments like "I report on a lot of things, but I am not sure what the top indicators are that I should roll up to my executive team."

My initial reason for attending this session was for my "day job" as the CTO of a tech company, but I feel like I can "generify" Wheatman's guidelines to apply to anything that needs to be measured & tracked.

  1. Effective metrics must support the business's goals, and the connection to those goals should be clear.
  2. Effective metrics must be controllable. (In other words, don't report on things that "just happen" - report on things you can drive up or down with your own, direct actions).
  3. Effective metrics must be quantitative, not qualitative.  If you need to measure something "softer" like customer satisfaction, find a way to make it quantitative, such as with a method like Net Promoter Score.
  4. Effective metrics must be easy to collect and analyze. (Wheatman says "If it takes 3 weeks to gather data that you report on monthly, you should find an easier metric to track.")
  5. Effective metrics are subject to trending.  (Tracking progress and setting targets is vital to get people to pay attention)

This set of guidelines really resonated with me, and I am going to run my metrics through this regimen to make my own metrics better.  If you're a Gartner client, there is a detailed research report from Wheatman on this topic, and I suggest you grab a copy.

I've also learned that it helps to simplify how you report on metrics.  When dealing with executives, stick with small numbers and primary colors - and when you get senior enough, try to boil it down to up/down, happy/sad.

What about you - do you have any best practices to share around metrics?  Could you apply these to your own individual metrics or self-improvement goals?

AuthorDwayne Melancon | CommentPost a Comment | Print ArticlePrint Article | |
tagged , , in , , ,
Friday
Jun082012

Cheat codes for your real life

DateFriday, June 8, 2012

I was just reading an interesting compilation of "cheat codes" for real life on Reddit.  I play quite a few video games, and I'm familiar with cheat codes there - you can use them to gain access to special weapons, gain super strength, open up hidden challenges, and things like that.  I've used them a few times myself.

257 2878811

The list on Reddit is similar - special commands, sequences, etc. you can use in real life to gain advantages.

The full list or real life cheats is very entertaining (be warned, there is some adult language in there!) - here are a few I really liked from the list:

 #1. Stop: Stop: Play. Skip advertisements in movies and go straight to the movie.

#17. Can't find your car in a parking lot? hitting the lock button trying to get it to beep? Extend the distance of key-less entry by putting the key under your chin. The signal will resonate in your skull increasing the range dramatically. I swear to god this works, and I'm told it's safe because the radiation is non-ionizing.

#23. To peel a boiled egg, roll it around on your plate for a while until all of the eggshell is cracked evenly. Then it's easy to remove the complete shell at once. After you boil eggs immediately place them in ice cold water for a few minutes. No vinegar or salt or oil or whatever people use. Shells slip right off

#53. On flights, if you are fighting for an arm rest with a stranger. bring your arm (the one thats on the same side the arm rest you want) up to your mouth and sneeze/cough. Then place it by the armrest. The other person will move their arm. Has had 100% success rate.

There are a bunch more.  I can't vouch for whether they all work, but some of them are things I want to try (#53, for example).

Also, on #23 for peeling boiled eggs, I have my own little tricks for boiling eggs:  

  • When you are going to boil eggs, put them in the water while it is still cold and let them warm up with the water - this greatly reduces the likelihood that the shells will crack during the cooking process. (You can further reduce the chances of cracking by letting the eggs warm up for 15-30 minutes after you take them out of the fridge.
  • To make them easier to peel, add 1-2 tablespoons of baking soda (not baking powder) to the water before you boil them.  It doesn't affect the taste of the eggs at all, but it definitely makes it easier to peel the eggs - particularly if you peel them while their still warm.
  • Also, the fresher your eggs are, the easier they are to peel.

Got any real-life "cheats" of your own?

AuthorDwayne Melancon | CommentPost a Comment | Print ArticlePrint Article | |
tagged , in , , ,
Page 1 ... 2 3 4 5 6 ... 118 Next 6 Entries »