I’ve heard people saying that wearing a pair of AirPods makes you look like a douchebag. Well, I don’t know about that, but it fits my story.
A couple of years ago I bought myself one and actually I really like it. While working, I still use the regular wired EarPods because I wear them for several hours, and the AirPods’ battery doesn’t really last that long. But they are really handy for when I go to the gym or doing dishes or cooking, for example. Not having a wire on the way is great, and its Bluetooth works flawlessly.
Anyway, another day I was walking my dog and listening to a podcast with my AirPods when a lady approached me and started asking me something. I couldn’t hear a thing she was saying. So to pause my podcast, I double tapped the right AirPod with my finger. But she didn’t know I was pausing my podcast so I could hear her. She thought I was signaling her something like, “Hey, I can’t hear you” while not removing the AirPod from my ear to give her attention.
She thought I was being rude. I tried to explain to her that I was just pausing my podcast to help her out. But everything happened so fast, and she just walked away pissed off saying she just wanted some directions.
I guess the next time, I’ll just remove the AirPod from my ear.
Last Friday something funny happened at work. A colleague called me desperate in the afternoon, telling me that he did a major fuck up.
Just a little bit of context before I elaborate on what happened. We run a Marketplace, which is a bespoke solution developed in house using Django. We manage several sellers, and we provide an end-to-end solution for them. For our administrative tasks, we make heavy use of Django Admin.
So, back on the fuck up. My colleague works in the finance department, and one of his duties is to pay out our sellers. He has a daily routine where he searches for approved withdrawals, sends the money via bank transfer, attaches the receipts. By the end of the day, he marks all withdrawal requests as completed. He does this process via an Admin action named “complete the withdrawals.” It is a fundamental step because it finalizes the workflow and mark all the transactions as withdrawn and issues a debit transaction of the value of the withdrawal to net the transactions.
We also have another Admin action named “cancel the withdrawals” that happens to be placed right below the “complete the withdrawals.” That’s where the fuck up happened. Instead of completing the withdrawals, he canceled all withdrawals. And it is a pretty destructive action because it releases all transactions making it available for withdrawing again.
Now that was a rookie mistake on my side because such a destructive action should never go straight without asking for confirmation. Also, it was very poorly placed (right next to the action used to complete the process).
Thankfully I was able to revert the problem by making use of our heavy logging of the interactions. Every step is logged, and any change is recorded. I asked the operations and customer service to pause all reimbursements to avoid changing the current balance and re-created the state before the cancellation action.
The bottom line is, always ask for confirmation before destroying data. Also, always log information and keep track of important changes, it may be vital to fix a problem. Even though there was a problem in the process, we were able to go back and revert it thanks to the logs.
A couple of months ago my wife and I decided to get a puppy. I always wanted to have a dog, but when I was a kid, my parents never let me have one.
Her name is Nina, and she is eight weeks old. We named her after the singer Nina Simone. Nina is a short and cute name. It’s also sort of a common name in Finland, and well, she is Finnish after all.
We had to travel to Eastern Finland to get her, in a city called Joensuu, about 400 km (248~ miles) away from Oulu. We were a little bit (very) worried about the trip because we had to bring her on a bus, and it was a long trip (6:30 hours).
Before bringing her back to Oulu, we spent the weekend with her on an Airbnb in Joensuu so she could familiarize with us and feel safe around us. After all, she was just seven weeks old at the time, and we just separated her from her mother and littermates. We started to get worried about the trip because she wouldn’t stay on our lap for very long and staying inside the transportation crate was an absolute no for her. She would cry and try to get away from it. I thought she would want to start wandering around the bus or start whining and crying.
But she proved me wrong and came sleeping very calmly and quietly on the floor during the whole trip. To our surprise, she even let us hold her for the last one hour of the trip. It ended up being a great bonding experience with her.
Anyway, I never thought it was such an intense experience having a dog. Our routines changed dramatically, in ways we didn’t anticipate. It has been so different from what we thought our lives would be when we get Nina. But at the same time having a dog or a pet at home bring so much joy and happiness. We’ve never been happier.
For a long time, I was reluctant about using a password manager. One of the advantages of using one is the ability to have a strong and unique password for each service, without having to memorize each password. It drastically improves security.
Without a password manager, we unavoidably start reusing (bad) passwords across several services. Sometimes those services get hacked, and our info gets leaked, and you already know how this story ends.
A password manager nicely addresses those problems, but it also introduces new issues. Now, the reason why I was reluctant to use one was twofold:
Trusting a third-party with all my passwords;
Being unable to log in a specific service because I don’t have access to my password manager app.
The second reason is also why I use two-factor authentication very selectively — only on services that offer a reliable recovery method and/or are critical for me. And by a reliable method I mean one-time recovery codes. Using SMS as a recovery method is not always the best option for me because I travel abroad quite frequently nowadays and I can’t count on being able to receive SMS.
Sure, I can always reset my password and change it temporarily in case I don’t have access to my password manager (as long as I have access to my email account).
But it would also be annoying if I wanted to access something on my mobile phone for instance, and having to type a long random string doesn’t sound very fun. So it would be good to have a mobile app to sync my passwords across my devices.
Having passwords stored in a cloud server weaken a lot the security factor of such services. Even though my info will be encrypted using industry standards (well, at least I have to trust they are doing their best), that means my passwords will be stored in an external storage and will probably be jumping around other servers in multiple backups and so on.
A chain is only as strong as its weakest link.
Even having the best technologies, the most secure servers, and strongest security features, none of this really matters if you don’t trust the company behind the service. Social engineering is known to be one of the most effective security attacks. There are many examples out there, for example when an attacker used social engineering to trick a Namecheap support employee to gain access to an account protected by two-factor authentication.
You also need to trust on their processes and personnel.
This year, when Troy Hunt announced the partnership between 1Password and haveibeenpwned.com, I thought about giving it a shot. I’ve been using it since then, and I never looked back.
1Password is such a great product, and it still amazes me how much thought they put into some of its features. For me, the best thing about 1Password is the browser plugins, so you can log in just by hitting the shortcut ⌘ + \. This is so convenient and just works.
The second best thing is the ability to have 2FA stored inside my 1Password vault:
This is awesome because if I lose my phone, I don’t need to set up all my 2FA again or go through all recovery process. Also, the workflow is so smooth. After you hit ⌘ + \ to log in, it will automatically copy the one-time password to your clipboard, so you simply press ⌘ + V after that to complete the authentication. After you are logged in, it will automatically restore your clipboard with whatever was there.
Another cool thing about it is that you can store secure notes, credit card pin code, software licenses, and serial keys.
To be fair, I don’t trust all my stuff there. Especially my main email accounts that are used to register to other services. For those, I keep unique passwords stored only on my mind. That way, even if I lose my recovery key from 1Password, I’m still able to regain access to the software and services that I use. But other than that, it’s been my standard way of storing sensitive information.
I am not exactly a Trello power-user, but I use it on a regular basis, especially when I am juggling multiple tasks and projects.
I keep a separate board for each side project I am working at the moment and the main board for my 9-to-5 work. For the most part, I use them alone.
Basically, I start new boards the same way: a To-Do, Doing, and Done lists. After a while, I start breaking down the To-Do list into different lists, depending on what the work is about. If I am going to use a particular board alone, I eventually drop the Doing list. Otherwise, I keep it for visibility.
For example, for my Python & Django blog I have a Posts Backlog list for ideas for future posts, I also have a Improvements list for existing posts I need to address some issues (some changes on Django or someone suggested some improvements that could be done on the post).
For my 9-to-5 work, I have a list for my Ph.D. related tasks, a list for the project I’m currently working on, a list for tasks related to papers I’m working at the moment, and another list for general administrative tasks.
I try to always set a deadline for all the tasks. Except for cases that do not make much sense, for example, my ideas backlog for the blog, I usually just pick one idea and write about it.
So far so good. But here is where the problem arises: What to do with a card once it is done?
Here is what I do:
I use Trello Power-Up called Butler. It is a utility plugin to automate tasks. I create two simple rules:
When the due date is marked as complete in a card, move the card to the top of the list “Done”;
Every Sunday, archive all the cards in the list “Done”.
It works pretty well for me. The process of clicking on the tasks and marking them as complete give me some sort of energy boost and a perception that I’m progressing and achieving something. It is like a small victory in my day. I used to archive the tasks right away, but keeping them on the “Done” list for the week is incredibly motivating. It gives a good overview of how the week progressed. Then after the end of the week, Butler will archive everything in the “Done” list, and on Monday the board is ready for a fresh start.
Each man practices as he feels inclined. It is said the warrior’s is the twofold Way of pen and sword, and he should have a taste for both Ways.
Even if a man has no natural ability he can be a warrior by sticking assiduously to both divisions of the Way.
Miyamoto Musashi in The Book of Five Rings
This book was first published over three centuries ago, by the Japanese famous Samurai Miyamoto Musashi. Short read, great book. Many concepts and ideas are still applicable nowadays.
One does not need a natural ability or innate talent to become great at something. Practice is what makes all the difference.