Imposter syndrome… for the win!

Published April 21, 2018  ·  All posts on Apr 21  ·  

while it is always a good idea to question one’s own work, and to be open to outside criticism, if you are a professional in a given field there probably are good reasons to think you know what you are doing, especially when your work gets repeatedly validated externally.

~ Massimo Pigliucci from, Stoic advice: impostor syndrome

slip:4uwoso1.

One of the things I particularly LIKE is the imposter syndrome aspect of the Movers Mindset podcast.

“…wait. wat?”

Yes.

You see, there’s an entire universe of “perform interview” skills that I don’t have, and I’m loving learning something entirely new. It’s also pretty much orthogonal to my previous life experience — “listen,” had to learn that. “empathize,” had to learn that. Even this weird thing you have to do to imagine everyone who is listening and try to read the minds of people you are imagining… it’s bonkers. I love it.

ɕ

Just three things

Published April 20, 2018  ·  All posts on Apr 20  ·  

I have just three things to teach: simplicity, patience, compassion. These three are your greatest treasures.

~ Lao Tzu

slip:4a104.

The great teacher

Published April 19, 2018  ·  All posts on Apr 19  ·  , ,

How can you improve your conception of rationality? Not by saying to yourself, “It is my duty to be rational.” By this you only enshrine your mistaken conception. Perhaps your conception of rationality is that it is rational to believe the words of the Great Teacher, and the Great Teacher says, “The sky is green,” and you look up at the sky and see blue. If you think: “It may look like the sky is blue, but rationality is to believe the words of the Great Teacher,” you lose a chance to discover your mistake. Do not ask whether it is “the Way” to do this or that. Ask whether the sky is blue or green. If you speak overmuch of the Way you will not attain it.

Eliezer S. Yudkowsky from, Twelve Virtues of Rationality

slip:4uyura1.

If you don’t think intentionally… If your ideas and beliefs don’t produce a working model of reality… well…

When an honest person discovers they are wrong, they stop being wrong or they stop being honest. It’s your choice.

ɕ

Data ethics

Published April 18, 2018  ·  All posts on Apr 18  ·  

This is like lashing a rope around the cracking foundation of a building. What we need is for an ethics of data to be engineered right into the information skyscrapers being built today. We need data ethics by design. Any good building must comply with a complex array of codes, standards and detailed studies of patterns of use by its eventual inhabitants. But technical systems are today being built with a minimal concern for compliance and a total disregard for the downstream consequences of decades of identifiable data being collected on the babies being born into the most complicated information ecology that has ever existed.

~ Colin Koopman from, How Democracy Can Survive Big Data

slip:4unyoi6.

Presented without commentary.

ɕ

So obscure it confused _ME_

Published April 17, 2018  ·  All posts on Apr 17  ·  ,

I think the problem is more subtle. It’s an example of two systems without a security vulnerability coming together to create a security vulnerability. As we connect more systems directly to each other, we’re going to see a lot more of these. And like this Google/Netflix interaction, it’s going to be hard to figure out who to blame and who — if anyone — has the responsibility of fixing it.

~ Bruce Schneier from, Obscure E-Mail Vulnerability

slip:4usebo12.

I had to read the entire thing twice.

I’m on a “security” tirade here for a few days, so here’s my strategy for security: Get off the peak of the bell curve.

If someone wants your stuff, they will take it. Actors can always, if sufficiently motivated, apply more resources than you have available for defense. Therefore, one should not bother defending (worry, spending crazy amounts of resources,) against a “motivated” attacker. Instead, deploy defense in depth and then make incremental improvements everywhere.

https://en.wikipedia.org/wiki/Defence_in_depth

ɕ

Don’t give away details about yourself

Published April 16, 2018  ·  All posts on Apr 16  ·  

I hope readers don’t interpret this story as KrebsOnSecurity endorsing secret questions as a valid form of authentication. In fact, I have railed against this practice for years, precisely because the answers often are so easily found using online services and social media profiles. But if you must patronize a company or service that forces you to select secret questions, I think it’s a really good idea not to answer them truthfully. Just make sure you have a method for remembering your phony answer, in case you forget the lie somewhere down the road.

~ Brian Krebs, from Don’t Give Away Historic Details About Yourself

slip:4ukedo1.

“Two Factor” authentication (2FA) is best. “Two Factor” means two DIFFERENT methods of interacting with you — so a web site login, which requires also sending you a code via a message to your phone is “Two Factor”.

…and 2FA via your phone is a TERRIBLE idea, because you can easily lose it or have it stolen. There are better methods of 2FA, but I won’t bore you here.

So asking you “security questions” does not in fact increase security. But you’re stuck with it because you have no power of the entities you have to interact with. So what to do?

Treat those questions just like passwords — MAKE THEM UP!

However you are storing your passwords — that’s an entire other discussion — just ALSO record the questions they asked, and the REAL-SOUNDING BUT TOTALLY FAKE ANSWERS.

I repeat…

MAKE UP FAKE ANSWERS AND STORE THEM WITH YOUR PASSWORDS.

You might be AMAZED to discover my mother happens to have 42 different maiden names.

You might be AMAZED to discover how many different cars I learned to drive stick on.

…or the 42 different names for my first dog.

…you see where this is going?

Normally, I try to keep these ramblings succinct, but here’s a fun story…

Many moon ago, Tracy and I had a Blockbuster account. We were in the store, in the check out line, and the cashier says to me, “Oh, can I have your phone number?” We had been customers so long, it was before Blockbuster figured out people just keep the DVDs, and so they wanted to be able to start calling people. Someone expanded their customer database fields, added a new data field to the checkout screen and then trained or prompted the poor cashiers to gather this data. (This is called “compliance” in the industry — getting the people at the point of sale terminals to comply with the database marketing strategies of the home office.)

Anyway. Here’s this nice high school girl just doing her summer job, and of course, I can simply say “No.” But then they’re probably going to ding her “compliance” score with corporate. (In some cases, your pay, bonus and even employment are tied to compliance scores.)

So without missing a beat, I help both her (compliance) and I (privacy) and I give her my phone number with two digits flipped. I just immediately smiled and said 6 – 1 – 0 – 8 – 6 – 7 – 5 – 0 – 3 – 9 (shoulda been 5309 — you know I’m making numbers up right :)

…and Tracy says, “wait, that’s not our number,” thinking she’s being helpful.

“Exactly,” I say with a smile.

The cashier realizes I had just plainly lied to her. (Technically, I was trying to lie to her corporate overlords.)

…and I said, “oh sorry, 6 – 1 – 0 – 8 – 6 – 7 – 0 – 5 – 3 – 9”. (Same crap, just with two other numbers flipped. I always loved those ‘remember this string of numbers games’.)

“Is that really your number?”

“oh! Sorry, 6108675123… wait, no, 610876432178 … hmmm, you don’t seem to like these digits I’m saying… how about 6105551212?”

Now she’s like, “You’re weird.” (Unrelated ad hominem attack, but alas, true. But probably explains why girls IN high school never asked for my number.)

“…and Blockbuster still doesn’t have my phone number.”

At which point, she [I presume] took the compliance ding and didn’t enter any numbers.

To this day, (we have the same phone number,) Blockbuster — and whomever eventually bought their customer data because that’s the only thing they had in the end worth money — does not have my home phone number.

So there’s a little glimpse into Craig’s head.

Maybe you just realized why 2FA with your phone is really REALLY bad? You’re also giving away your phone number.

Wait, you read this far? Great, here’s how you REALLY do 2FA properly:

https://en.wikipedia.org/wiki/Google_Authenticator

ɕ

Pain is temporary

Published April 15, 2018  ·  All posts on Apr 15  ·  

Pain is temporary. It may last for a minute, or an hour, or a day, or even a year, but eventually it will subside and something else will take its place. However, if you quit that pain will last forever.

~ Lance Armstrong

slip:4a582.

Andy Taylor: Gym building, inspiration, and build standards

Published April 15, 2018  ·  All posts on Apr 15  ·  

Andy Taylor: Gym building, inspiration, and build standards

What are the key considerations in designing, constructing, and sustaining inspiring gym spaces that foster exploration and play?

Andy Taylor discusses the intricacies of designing and building a great parkour gym. Along the way, we talk about what makes a gym inspiring, the evolution of build standards that are safe without limiting parkour vision, and how parkour has been instrumental in the development of a young autistic girl.

When I sit down to design a gym, I try to call to the inner child that is in us that makes us wanna play.

~ Andy Taylor (1:30)

This conversation deconstructs the intricacies of designing gym spaces that inspire creativity and exploration. Topics include the importance of tapping into a child-like desire to play, using thoughtful design to increase engagement, and ensuring safety without stifling creativity. Practical examples are shared, such as integrating features that naturally draw attention and encourage varied movements.

The discussion also touches on challenges unique to parkour gyms, such as meeting building codes, balancing budgets, and navigating regulatory hurdles. Andy and Craig explore how gym designs can range from expansive, multi-use facilities to smaller, community-oriented spaces. They emphasize the need for better standards and guidelines to support gym builders in creating safe yet imaginative environments.

(more…)

The Second World War

Published April 14, 2018  ·  All posts on Apr 14  ·  

Losing the War

slip:4uleai1.

~ Lee Sandlin

“Where’s the pull-quote?” I don’t know how to choose one.

“What’s the take-away?” I don’t know how this could be made more succinct.

“Why should I read it?” I have no idea how to place the thing which is “The Second World War” into context. (…nor into the context of my life, and certainly not into the context of your life.)

Obviously, I don’t remember the second world war.

Obviously, I don’t understand the second world war.

But I do know that this shook me to my core. This brought a tear to my eye. I read it twice — the first time in one sitting; straight through. Somehow, it seems to grab at all the frayed, loose ends of all the things I know about the War and– well, just grabbed them all into one place.

ɕ

Waking up

Published April 13, 2018  ·  All posts on Apr 13  ·  ,

Sometimes when my wife and I have conversations in public, it looks like the scene from the movie Dogma where Loki and Bartleby walk through the airport talking about their previous exploits as angels. We often look around at all the sleeping people in the world, noting that they barely register as conscious beings. They go through their lives working meaningless jobs, enduring unfulfilling relationships, and drugging themselves to avoid facing their unfaceable fears. Their conversations are nothing but trivialities in the grand scheme of things.

~ Steve Pavlina from, Are You a Bear or an Eagle?

slip:4usebo13.

There is a fine line between condescendent and enlightened. The first requisite for enlightenment is awareness of the line, and another is having the courage to get precariously close to it.

ɕ