Time: “Why You Should Change Your Amazon Password Now”

Entrepreneurship, Media

Part I in a series on personal online security. Parts II and III can be found here and here.

keep-calm-and-change-your-password- 400x467

“Why You Should Change Your Amazon Password Now”

So says the headline of a recent Time magazine article. The word “now” sure makes for provocative news. The article begins, “Hackers said Friday that they leaked data associated with 13,000 accounts on Amazon, XBox Live and other sites.” The writer concludes, “[This] news should underscore how important it is to change your passwords frequently.”

But is this just alarmist rhetoric? Should we really worry about such a small number of victims?

Online retailers say we have nothing to fear. Not only was the number of victims small, the 13,000 were spread out amongst 14 different retailers, not just Amazon. Some might point to the much larger 2014 Home Depot hack as cause for concern (56 million credit card numbers stolen). But the online retailers say the Home Depot crime wasn’t actually a “hack,” per se. In that attack, credit card info was stolen from Home Depot’s self-checkout machines in physical stores, not from the company’s computer database.

In other words, according to the spin doctors, cyber security is sound. They might admit the 2013 hack of Target was large (40 million credit card numbers stolen), or that the Sony hack of 2011 came with high costs for the company. But Sony, Target, Home Depot, and any big company watching the fallout of their hacks, have cried, Never again! They’ve elevated their cyber security. They declare online retailing to be safe–or even safer than–shopping in a physical store.

That’s plain wrong.

In a recent segment of CBS 60 Minutes, cyber security expert Dave DeWalt says “97 percent–literally 97 percent of all companies–are getting breached.”

What a mind-blowing figure. And DeWalt should know. Target has hired his security firm, FireEye, to prevent future breaches. “Even the strongest banks in the world . . . can’t spend enough money or hire enough people to solve this problem,” he says.

Perhaps the real takeaway from the 60 Minutes piece was that “80 percent of security breaches involve weak passwords. One of the most common is: 123456.” In other words, 80 percent of the passwords now in the hands of criminals were absurdly weak to begin with. Or, rather, 80 percent of us are still using passwords the way we did in the 1990s: simplistic, easily remembered (aka, easily guessed by strangers).

DeWalt says, “The days when we our username and password is our son or daughter’s name, or our cat or our dog, is not enough security to thwart today’s hackers.”

So, don’t just “change your passwords now.” Make them stronger.

My next post: Password managers, or Doing Passwords Right

Surviving Wisconsin Winters, Part 1: High Performance Business Casual?

Entrepreneurship, Health

Image

High performance work clothing? Does such a thing exist? And I don’t mean flame retardant electrician’s pants or stretchy business-bombshell blazers.

Answer:  Levi’s 511 Corduroys.

Although wool is my new favorite fabric for activewear, there are two applications for which synthetics still rule:  rain gear and winter work/weekend attire. I’ve already written a post on rain gear. As far as business casual goes, Levi’s 511 Cords are a surprising fabric that can double for winter cycling.

Especially good for winter bicycle commuting, their 66%/33% blend of cotton/elastane creates surprisingly efficient wicking of perspiration. Then, when the moisture is drawn up into the corduroy, the corded channels evaporate it to the outside air. Think radiator fins on an air-conditioning unit — the greater surface area vents moisture fast. That makes these pants high-performance street clothes. (Just FYI, the tag says “polyester.” But I verified it to be elastane.)

[UPDATE 10/23/2016:  See bottom for the bad news about more recent specimens of these cords.]

Jeans used to be my mainstay winter-biking pants. It’s only denim, so I didn’t stress out when the cuffs got crusted with salt or blackened with road slush. But getting sweaty in jeans meant the denim staying damp for hours, afterward, a.k.a., cold and clammy. By contrast, Levis cords dry out in minutes.

My ideal setup is to wear a wool base layer beneath the Levis cords. The wool breathes really well, too, moving perspiration to the corduroy, which then evaporates the moisture quickly. The wool also acts as a barrier to odor causing bacteria, allowing me to wear the same pair of cords for three-plus days between washings. How’s that for high performance?

[Image credit: Wikimedia]

[UPDATE 10/23/2016:  Sadly, I’ve just bought a new pair of these cords. Levi’s has changed the fabric, reducing the elastane content to a mere 2%. That’s 98% cotton and 2% elastane. I don’t know how long ago they changed up. Too bad. I predict this new pair won’t vent anywhere near as well as my three old, now threadbare pairs bought back in 2012. Curse you, Levi’s!]

My New favorite TV Writer/Producer: Wendy West (DEXTER)

Media, Writing
Dexter

Dexter showcases the talents of my new favorite writer/producer, Wendy West.

West knows how to push my thematic buttons. My TV tastes favor stories of the human condition. Think of David Milch’s heroes coping with alcoholism as a stand-in for human emptiness and alienation. Think Andy Sipowicz in NYPD Blue, or Calamity Jane in Deadwood.

 

Dexter lends itself a priori to such themes. Serial killers are addicts, after all. Plus, other Dexter writers had worked the addiction angle before West began working for the show in Season Four.

But Wendy West goes for the thematic (ahem) jugular. Her writing strikes the optimal balance between methodical structure and dramatic authenticity. For instance, she returns to a single trope, over and over, giving variations of it in each of her five episodes: in each script, she contrasts Dexter to a second killer, deftly marking out the boundaries of Dexter’s values and aspirations as he kills the other killer.

  • Season 4, Episode 4, “Dex Takes a Holiday
    • the killer:  Zoey Kruger (police officer, killed her husband and daughter)
  • Season 5, Episode 6, “Everything Is Illumenated” [sic]
    •  the victim/killer:  Lumen Pierce
  • Season 6, Episode 7, “Nebraska”
    • the killer:  Brian Moser, “the Ice Truck Killer”
  • Season 7, Episode 4, “Run”
    • the killer:  Ray Speltzer (forces victims to run through his torture maze)
  • Season 8, Episode 8, “Are We There yet?”
    • the killer:  young psychopath-in-training, Zach Hamilton

In the most darkly hilarious episode of Season Six, “Nebraska,” West has Dexter’s addiction talk to him in the form of his dead brother, Brian, a serial killer whom Dexter was forced to kill in Season One.

In this road-story plot, Brian is ravenous for junk food. In each scene he tries to persuade Dexter to kill freely–i.e., to dispense with Dexter’s code of only killing serial killers—all the while scarfing drippy, convenience store nachos and falling-apart, Dairy Queen cheese burgers. The motel side table strewn with the burger’s detritus is not only a sight gag (more than anything, ghosts miss eating), but also a way of reifying the character, and in turn dramatizing the power of Dexter’s addiction.

Later in the episode, rather than rushing to kill Jonah Mitchell, Dexter insists on working to verify Jonah’s guilt. This annoys brother Brian:

“Ugh, your code, again…”

“The code is more than that.  It’s kept me safe.  It’s given me a life–“

 “–A life that’s a big fat lie.”

Remember, this is Dexter’s addiction talking. If Brian can persuade Dexter that his life is “a big fat lie”–that his family relationships are merely a front to hide a serial killer in plain sight–then darkness wins.

But Dexter wants a real life, wants love and to be loved. This is the force of Dexter’s burgeoning humanity struggling against his addiction.  Dexter is a psychopath. Psychopaths are incapable of emotion. For Dexter to be the best serial killer he can be, he needs to be fearless, unattached, uncaring of those individuals he’s manipulating to be his camouflage.

What makes Dexter a tragic figure is he wants the lie to be real. He wants to be honest with his friends and family. He wants to be worthy of the trust he has falsely cultivated.

This is Dexter wanting his own undoing. Were any family or friend to know the truth, they would not only shrink back in fear. They would turn him in to the authorities. Plus, because Dexter truly cares for his friends and family, he is vulnerable to his enemies using them as leverage against him.

In the end Dexter spares Jonah, and Brian vanishes. West gives Dexter a closing monologue. He wonders “if darkness is defined by light. If so, darkness can’t exist on its own. There must, by definition, be light somewhere, waiting to be found.” Translated:  Dexter’s “Dark Passenger” (the nickname he’s given to his addiction) has a companion of its own–the light. Perhaps Dexter is not simply a monster. Perhaps he can nurture the light in him to overtake the darkness.

This is brilliant thematic writing. We so want Dexter to succeed.

The tragedy is that’s the same as wanting Kryptonite for Superman.

The Heartbleed Bug: How to Keep Your Passwords Safe

Entrepreneurship

lastpass logo

As an entrepreneur, one of your most important tasks is securing your financial information.  In the wake of the Heartbleed Bug, I’ve been fine-tuning my digital security. I’ve especially been fortifying my passwords.  I already use a password manager called LastPass, which I highly recommend.

Though I’ve used LastPass for several years, until Heartbleed, I wasn’t utilizing LastPass to its full potential. The latent Luddite in me was on the fence about fully entrusting my most sensitive accounts to any password manager. But this past couple of weeks has shown me how important it is (and that it truly is safe) to use LastPass for even my bank accounts, PayPal, and other highly sensitive sites.

I’d been using LastPass for dozens of less sensitive sites, while continuing to use easy to remember, “secret” passwords for my bank accounts and Paypal. Not smart. By “easy to remember,” I mean actual words whose significance I believed to be too personal to be deduced by strangers.

How foolish.  Today’s password-cracking software can test out tens or even hundreds of millions of possible passwords per second. Against such brute-force juggernauts, my poor, easy to remember passwords would last mere minutes, if that.

Enter LastPass. LastPass is widely considered the best password manager out there.  You have one master password to log in to the LastPass browser plug-in. Whenever you visit a web service, the plug-in logs you in securely.  As long as your master password is chosen well (i.e., long and complex), LastPass offers excellent security. There’s even a multi-factor authentication feature to make remote hacking virtually impossible.  (Multi-factor authentication is like Google Two-step Authentication, which, if you aren’t using yet, I also highly recommend.)

LastPass generates a different, completely random, character-string password for each of your online logins. Randomness is the key. Randomness actually resists brute-force attacks, unlike actual words. This is how to leverage a single master password while never using the same password for more than one site.

LastPass stores only 256-bit encrypted versions of passwords on its servers. That way, if their servers are ever hacked, the thief would have a monumental task of decrypting just one password, not to mention any others after that one.

Also, LastPass doesn’t store your master password.  Only you know your master password.  That’s how they thwart the potential “inside job” by an unscrupulous Lastpass employee. (Inside jobs are actually the most common form of security breach involving passwords.)

Plus, the LastPass plug-in only decrypts your passwords on your local machine; it never sends an unencrypted password across the Internet. All individual passwords remain encrypted until the moment you use them.

And even then when LastPass decrypts a password to log you in to a site, the password fill-in remains masked (just asterisks), in case a hacker is mirroring your screen. (By the way, your master password is masked when you use it to log into the LastPass plug-in.)

 

My First-ever Beer-industry Publication

Entrepreneurship, Food and Drink, Media, Wisconsin, Writing

screenshot - chocolate chili stouts

Big announcement. Da, da, DAAAAHHH!

I’ve recently published my first-ever piece of actual beer-industry writing. Please go have look!

Totally excited about Mobcraft, a real up-and-coming, two-year Madison brewery, ready to break ground on their $2 million facility.

I’ll be freelance blogging for them. This first post of mine is an article on chocolate chili pepper stouts, in advance of their newly-bottled beer No Stout About It.

My next piece for them will come out in the coming days. Stay tuned . . .

The Walking Dead, Season 5: Death? Uh, yeah.

Media, Writing
screen-shot The Insightful Panda dot com

Rick in the church becoming a god. (Screenshot credit: TheInsightfulPanda.com)

Has ‘The Walking Dead’ Cracked My All-time TV Top 5?

SPOILER ALERT SPOILER ALERT SPOILER ALERT SPOILER ALERT SPOILER ALERT

[If you haven’t watched Season 5, yet, stop reading, right now. Or, enter at your own risk . . .]

Just a few words of praise upon finishing Season 5.

Wow, do I have my hair blown back. And I don’t mean just by the thrills and chills. I mean by the relationship drama, the villains/villainy, the comedy. Perhaps where the show excites me most is the inventiveness — a.k.a., rule-breaking — of its cinematography. That’s especially true of Season 5. Sure, the camera work has always been fresh and ingenious. But now, with all the night shooting and severe-yet-nuanced studio lighting, they’ve really turned the thumbscrews on pure retinal agitation. Plus, shooting on the infinitely more mobile 16mm camera produces some startlingly original looks. Like in Ep. 3, “Four Walls and a Roof,” in the church, when our heroes turn the tables on Gareth and Martin, and the hunters become the hunted. That shot from Gareth’s point of view, looking up at Rick wielding the “machete with the red handle.” Sure, that point of view isn’t new, angled up and making a giant of Rick. But the framing — the shot has the altar and stained glass in the background. You’re not supposed to elevate heroes to the level of God. (Not in America, anyways. It’s not an uncommon trope in Japanese screen culture, especially in anime. See Berserk.)

Though it’s impossible to argue what the show does best, consistency has to be part of that conversation. Not a single episode feels like a dud, not in any of the five seasons. Only the rarest cable drama reaches this astonishing level of reliability, episode to episode. The Sopranos, Six Feet Under, and Deadwood keep it at a “10” from bell to bell. But other shows? I can’t think of any. Even some of my favorite shows of all time have their off, phone-it-in days. Dexter, Breaking Bad, The Wire. None of them can match such perfection.

In its mature state the series unsurprisingly has become heavily philosophical. Mostly themes of identity and ego. And, oh yeah, that third theme. Despite having way more characters who die than survive, the show has rarely been about death. Season 5 is about death. Tyrece, Beth, Bob, Martin. (Martin. Yep. Death.) That the nature of existence depends on death — or, rather, IS death — that’s one common thread among the episodes of Season 5.

It’s no coincidence Beth is only a great character when she confronts death.  At the front of her plot arc (Season 2, Ep.10) she tries to kill herself; at the back of her plot arc (Season 5, Ep. 8) she dies bitterly. In both, her cynicism and clear sight ring true. Take for instance her first real scenes (Season 2, Ep. 10). Maggie tries to talk Beth out of suicide.

Maggie: “You could do that to Dad?”

Beth:  “He’s clueless. He had us waitin’ for a cure.”

Maggie: “You could do that to me? I can’t take another funeral.”

Beth: “You can’t avoid it. What are we waiting for? We should both do it. At the same time–”

Maggie:  “What!”

Beth: “–help each other. It’s hard to do–”

Maggie: “Stop talking like that.”

Beth: “–our choice. Then it would be over. Or we’ll be forced to do it when this house and the farm is overrun . . . I don’t want to be gutted.”

In Seasons 3 and 4, the middle span of her plot arc, Beth comes across as flat and contrived and superfluous. But her lustrous scenes in Season 5, Ep’s 6 – 8, anchoring the drama of the mid-season finale, she grows into herself. She survives in that Lost-like, dystopian hospital from hell. She stands up to the depraved corruption, the naked abuse. She helps shield victims of what is essentially a prison. She becomes larger than life, becomes a worthy member of our group of super heroes. In her swan song she says, sneering, seething at Dawn, “I get it now.” She stabs Dawn in the chest and gets shot in the face. Showrunner Scott Gimple could’ve gotten many more great miles out of her. But her death feels just forthright. It is certainly courageous on his part.

Throughout this season Rick feels the need to tell the town folk over and over, “It’s all about survival.” Well, that’s one side of the coin.

Metro-style Wunderlist: a Productivity Tool that Hurts Productivity

Entrepreneurship
wunderlist_beta_windows

No taskbar!

Oh, how I loathe thee, Metro-style Wunderlist (the new version of Wunderlist made for Windows 8).

First I should praise Wunderlist to high heaven. I adopted it early on and continue to trust it with my entrepreneurial life.

But the Metro version? Not so much. Notice the absent Windows taskbar in the image above? Not only does Metro-style Wunderlist hide the taskbar by default, the settings contain no way to change that. If you want to see the taskbar, the only way to do that is to mash your cursor against the bottom of the screen, then . . . you . . . wait . . . Bounce the cursor around down there, and sometimes the taskbar emerges. Sometimes it doesn’t. Same goes for calling up “recent apps” in the upper-left corner. It often takes three or four tries to show the taskbar or recent apps.

My list of grievances goes on and on. But let’s just leave it at that. It feels funny to grouse about something I otherwise love and respect a great deal. Plus, I try to keep positive on this blog. Instead, I’ll just cut to the happy ending.

For anyone still struggling with this sorry app, it turns out you can ditch the offending Metro-style Wunderlist and retrieve the old-school, Windows 7, desktop version. The trick is to download it directly from Wunderlist, not from the Windows App Store. The Windows 7 desktop version works perfectly well in the Windows 8 environment.

https://www.wunderlist.com/download/

As a related side note, Wunderlist’s Android app performs really well. Because of its small footprint, it performs with nimble ease, even on my under-powered LG Volt. Despite its light weight, the app gives you virtually every functionality of its big, desktop brother, including sub-tasks and notes.

(Notice how I slipped in that “big brother” reference? Microsoft has acquired Wunderlist this year.)

A major bonus: the Android widget. I’ve got the widget on my phone’s lock screen. The widget displays any of my to do lists, in their entirety, without the need to unlock my phone.

IMG_20151012_102919

The Wunderlist Android widget on my lock screen

Wisconsin Friday Fish Fry — Japanese Style

Food and Drink
The Spot cobia2

Seared cobia and a snifter of Louie’s Reserve Imperial Scotch Ale

(Before I start, I should mention this isn’t a fried fish review.)

Lately, the Friday fish fry menu has been the draw for us at The Spot. While I enjoyed the fried walleye last week and the grilled salmon the week before that, tonight the seared cobia gets my vote.

Cobia is a firm, fairly fatty, flavorful white fish. The Spot flash sears it: the skin side comes crispy, the meat side, bronzed, and the core, wonderfully raw.

Think sashimi, but add carmelized fat (if you eat the skin) and a more succulent lusciousness. Searing collects the juices and drives them inward, concentrating the moisture and fat to boost the flavor into the realm of the highest-quality toro. The Japanese call seared fish or meat tataki. But rather than pounded flat or sliced thin as in tataki, the Spot’s seared cobia is an inch-and-a-half thick.

What a surprisingly adventurous dish for such a straight-ahead, casual restaurant. Anyone squeamish of sashimi or tartare might want the grilled salmon or fried walleye, instead. But I’m sure the palates of Madison’s Near Eastsiders will take to it, no problem.

I’m not used to any sauce on a seared piece of fish. But the chef adds TWO: a) a pesto cream, which seems a 21st Century update of the traditional mustard-mayo on tuna carpaccio — perfect for this mostly raw fish; and, b) a balsamic reduction. But, wait! There’s more. The fish floats atop a fluffy cloud of Parmesan risotto. Sound like an overwrought train wreck? Nope. It’s an ingenious amalgam of surprising textures and flavors that scores brilliantly. The sweet/tart drizzle of the balsamic reduction weds the rich sauce to the fatty fish perfectly. And the humble Parmesan risotto, which rivals the best I’ve had anywhere, causes no confusion with its only moderately-rich, mildly salty cheesiness. (I actually don’t love the Vegetable Quinoa Risotto elsewhere on the menu.)

Just a side note: at first blush the piece of fish seems small. But one feels that mild disappointment only relative to the portions of restaurants charging twice the price of this dish. There may not be a lot to take home in a doggy bag. But with the risotto and the nice pile of broccoli, it’s plenty substantial, especially at just $17. I actually do have some left over and look forward to my midnight snack.

We then totally enjoy dessert: a savory, pumpkin cheesecake. The muted sweetness of the filling leaves the pumpkin really prominent. The dish gets its sweetness instead from candied pepitas (so flavorful and chewy, they’re clearly fresh-roasted) and a dollop of sugary fresh cream. The bartender tells us the pastry chef is formerly of the fancier restaurants Harvest and Graze.

When we first started eating at The Spot, I was addicted to the burgers. I’ve tried all three of the burgers on the menu and would be hard-pressed to pick a favorite. They’re all half-pound (I think) patties, grilled to order on a beautiful roll, with a side of wilted mustard greens (or any side dish). $8 for the basic burger, including the side dish? No wonder I was addicted.

I have tried the pork tenderloin and the sirloin steak. But I return again and again to the fish. I love the salmon from the regular menu. And another standout special has been the escolar.

Fish. That’s the chef’s strong suit.

Check out their menu, here.

Eww: the Good Humor Strawberry Shortcake Ice Cream Bar

Food and Drink, Health

strawberry shortcake

Although I enjoy the cattiness of a scathing New Yorker film review, I myself take no pleasure in calling out bad products on my blog. I generally skip yucky beers or boring sitcoms, choosing to write about things I want to share with others. (My review of cycling rain jackets is a rare exception.) Chalk it up to temperament, I guess.

In this case I’m compelled to warn others away from this quote-unquote “ice cream” bar.

Either the quality of this product has eroded over the past 38 years, or my taste sure has changed since I was eight years old. (It’s probably not an either/or scenario!) Walking home from our neighborhood beer bar last night, I had the munchies and bought one of these babies in a corner store. “Cake-coated vanilla ice cream, with a strawberry flavored center.” That’s how Good Humor describes it on their site. That, and a prolix list of mostly chemical ingredients. The nutrition app Fooducate describes it differently:

“D+ much worse than average.”

good humor Strawberry shortcake D+

That’s about right.

At eight years old, however, I was addicted to them. The Strawberry Shortcake bar led me down the path to my first real scolding from my parents. That summer my family had just joined a country club, whose swimming pool snack bar inexplicably allowed second graders to sign the tab for hot dogs, sodas, and ice cream on a stick.

For four weeks, before my parents would get the first monthly snack bar bill, I ate five or six of them a day. Often, more. The snack bar was like a narcotics sting operation, with a detective undercover behind the counter in an apron and hair net, enticing addicts to come and get it. Technically that would be entrapment–inducing my brother and me into downing hundreds of dollars’ worth of sugary things we wouldn’t otherwise have access to.

The mid-1970s was a hard time for the fifty-year-old Good Humor brand, what with upstart competitors like Mister Softee and the health food craze that spawned frozen yogurt. Could country club snack bars have been a ploy to boost Good Humor sales? The company certainly could no longer ride the coattails of their genius, mid-century, sleeper PR campaigns. Ever heard the urban legend of the hero Good Humor man who rushed a pregnant woman to the hospital in his jingly ice cream truck? I sure had.

At the end of the month when the jig was up, my parents gave me a strong talking to, disappointed I didn’t have better sense. But could I be blamed? Was it not an insane setup:  that hundreds of dollars’ worth of ice cream could be purchased and consumed in a single month by an eight-year-old and his little brother?

[image credit:  Nestle (drumstick.com)]

To Soak or Not to Soak?

Food and Drink

Kidney_beans - photo by Sanjay Acharya

My biggest cooking frustration? Waking in the morning to assemble ingredients for the slow cooker, only to find I’ve forgotten to soak the beans overnight.

No problem, Plan B is always the “quick soak,” i.e., boiling the beans for five minutes then covering and leaving to soak for an hour. That is, if you have an hour to spare before leaving for work.

Turns out, there’s no reason to soak beans, at all. Or at least that’s what food editor Russ Parsons contends in a recent LA Times piece. In it Parsons surveys the history of the soaking question, talks with food writers on both sides of the aisle, attempts to put the question to bed with science, and crows that he’s been anti-soak for decades. The article even looks at the question of beans and flatulence!

“That’s wrong,” says my wife, when she asks me about the bag of unsoaked beans among the rest of my ingredients. She recites the main reasons an overnight soak is necessary: cook time, tenderness vs. mushiness, flavor, and, yes, reduced flatulence. I’m not surprised by her recalcitrance in the face of legume reform. Every bit of advice I’ve ever seen, heard, or read sides with my wife.

Yet, here’s Parsons from the LA Times article.

Letting dried beans sit overnight in a bowl of cold water does nothing to improve their flavor or their texture. In fact, it does quite the opposite. . . . Finally, soaking does absolutely nothing to reduce the gas producing properties of beans.

We shall see. I’m dumping the bag of unsoaked pinto beans into my Crockpot, now . . .

Bean Soup with Tamarind and Ginger (7-qt. slow cooker)

1 lbs. dried  pinto beans

0.5 lbs. ham hocks

2 lbs. chicken drums

5-inch piece fresh ginger sliced

1 can tomato, diced 24-oz.

3 med onion, cut in 1/8th’s

6 dried red chile peppers

5 tablespoons tamarind soup base

7 cups stock + 2 cups water

12 cloves garlic, sliced

1 bunch kale or collards

Directions for SEVEN QUART Slow Cooker:

Wash and sort beans.

Place all ingredients (except for greens) into slow cooker.

Switch slow cooker to high until simmering.

Switch to low.

Cut greens into 2-in. strips and add 10 – 20 min. before serving.