Kindle Highlights

December 14, 2018 • #

I started making this tool a long time back to extract highlighted excerpts from Kindle books. This predated the cool support for this that Goodreads has now, but I still would like to spend some time getting back to this little side project.

Eric Farkas has another tool that looks like it does this, as well, so that’s worth checking out as a possible replacement. What I really want is my own private archive of the data, not really my own custom extraction tool. The gem I was using for mine might’ve been the same one, or does something similar reading from Amazon’s API. It’s nice because it outputs the data in JSON, so then it can be easily parsed apart into yaml or Markdown to use elsewhere. Each excerpt looks like this:

  "asin": "B005H0O8KQ",
  "customerId": "A28I9D90ISXNT6",
  "embeddedId": "CR!CJ3JV6W1D918FDT8WZTVP0GG6CNN:86C04A71",
  "endLocation": 72905,
  "highlight": "Springs like these are the source of vein-type ore deposits. It's the same story that I told you about the hydrothermal transport of gold. When rainwater gets down into hot rock, it brings up what it happens to find there—silver, tungsten, copper, gold. An ore-deposit map and a hot-springs map will look much the same. Seismic waves move slowly through hot rock.",
  "howLongAgo": "2 months ago",
  "startLocation": 72539,
  "timestamp": 1446421339000

If I can soon I’ll spend some time tinkering and see if I can pull some for other books I’ve read since.

The Personal Security Footprint Review

December 12, 2018 • #

Once a year around this time I like to do some “winter cleaning” of my personal security footprint, mostly covering passwords and internet service accounts I have that may be out-of-date, unmaintained, or unneeded.

1Password is a dream for things like this. If you don’t maintain an account, it’s well worth setting one up for the family with their 1Password for Families product tier. Worth every penny1.

Good hygiene with passwords has been a perennial problem in internet-land, and the security risk only goes up with seemingly-daily announcements of the next hack or data breach. While those risks are part of our current reality, it’s possible to lower your risk profile with some simple maintenance tasks with 1Password. Here are some general best practices and my personal annual review process.

Raise the complexity

There’s no excuse not to be using highly complex passwords these days. When creating new 1P entries, you can autogenerate complex passwords. Sometimes you’ll need to tweak the generation parameters to create passwords that are acceptable for certain sites2, but it’s worth making sure you’re maximizing the complexity where you can. When I review my accounts, I look for any entries that have less than 1P’s “Fantastic” rating, and sign into those and update them.

Complex Passwords


1Password has a feature called Watchtower that helps you conduct targeted review to keep yourself secure. Things like compromised or vulnerable logins, reused or weak passwords, or where 2FA isn’t enabled. It’s nice because it checks against a couple of known databases to help keep you on guard. This is the go-to spot to look for areas of attention in the review. It’s worth setting yourself a reminder (quarterly or so) to check here for any changes. If services you rarely use have security incidents, you probably won’t know, so this helps.

1Password Watchtower

Two-factor authentication

I wrote previously about 1Password’s native two-factor authentication. Wherever possible and recommended I go through my account entries and enable 2FA setups with the one-time passwords configured. Another tip for this is to use a password field type to store the “recovery codes” that most services will generate for two-factor, which allow you to recover your password if something gets hosed. Web services commonly generate these codes in a text file for safe storage, which you can do in 1Password if you want, but I’ve never been a huge fan of the way file storage and linking works in the app. I prefer to copy the codes directly into the 1P database entry anyway.

Purge unused services

Shutting down accounts for services you don’t use is another good practice to reduce your exposure to breaches. If you aren’t using or no longer need a service, might as well not have it hanging out there. Since you can sort entries by “date used”, it’s straightforward to comb through ones you haven’t used all year and assess. When I go through my annual review, I always find a couple not worth keeping, so I sign in and spin them down if possible. If they don’t have a public-facing way to delete my account, I usually reset the password to something huge and delete whatever unrequired personal info might be on file (like credit cards and the like).

Other scattered tips

A few other pointers that factor into my annual review:

  • Change any duplicates — I don’t intentionally create dupes, but it happens occasionally, especially when creating accounts from my phone when I just want to type a password in signup
  • Check for https — This isn’t a huge problem these days, but a nice recent addition to 1Password will alert you to entries with insecure URLs
  • Assess shared accounts — Using the 1Password for Families account, we have a single shared vault for accounts we both need: bank accounts, credit cards, kid-related stuff, Netflix, Amazon
  • Organize — I go through and change entry names, make things consistent, and just generally scan through for any junk to keep it all clean

With the review done, it feels good to have a renewed sense of security having checked your digital footprint. A well-organized, clean 1Password setup can also be a huge productivity boost. The more services you work within (and the more secure you want your behaviors to be), the more a clean, healthy passwords vault will help you.

  1. All of the following I do in 1Password, but other services like LastPass or KeePass presumably can do similar things, but I haven’t used them. 

  2. It’s still mind-boggling that in 2018 so many sites can’t handle any string of characters as a password. I shudder to think what the software or database structures behind the culprit services look like. 

Language and Progress

December 11, 2018 • #

A wide-ranging conversation on linguistics, human scientific advancement, and enlightenment thinking with Steven Pinker and John McWhorter.

Linguistics is endlessly fascinating.

I might be an outlier, but I absolutely love YouTube as a medium for this kind of content. This sort of long form video is an example of a fantastic new thing that couldn’t exist or thrive prior to YouTube.

Weekend Reading: Railway Logos, Meditation, and the Next Feature Fallacy

December 8, 2018 • #

🔩 The Next Feature Fallacy

The vast majority of features won’t bend the curve. These metrics are terrible, and the Next Feature Fallacy strikes because it’s easy to build new features that don’t target the important parts.

This certainly rings true for me from experience over the years. It turns out that a single feature itself is far from the main problem halting people part way into on-boarding with a product. This falls into the category of focusing on what we know how to do already, rather than what’s important to do. What’s important isn’t necessarily something you’ll know how to approach without hard research and effort.

🧘🏻‍♂️ Why I’m Into Meditation

I’ve been giving Headspace a try to get into a meditation routine over the last couple months. So many people I respect speak highly of building a meditation practice, and it’s pretty easy to do. Focusing for 10 minutes on a single mundane thing (your breathing) is shockingly hard to do. About 40 or 50 10-minute sessions in, I’m finally getting more comfortable with it. I always feel reenergized after.

🚂 Reagan Ray’s Railway Logos

These are all fantastic. I even see my favorite hat represented in there.

A Couple Years with Todoist

December 7, 2018 • #

For all of the todo list apps out there, I’ve only seriously tried a couple of them. After using OmniFocus since its first version, I switched over to Todoist a couple years ago. There are many I haven’t even tried, but I’ve always tried to stay focused on doing the tasks rather than fiddling with my system. It’s especially ironic with productivity apps to be constantly messing with the workflow in search of some kind of optimization. As Tom eloquently put it a few years ago: “todo lists don’t make you productive.”

While I’m fully aware of that fact, the main value of a todo system for me is to have a container for ubiquitous capture, in GTD parlance. All of the knobs and switches with various tools — projects, contexts, due dates, start dates, priorities — don’t help with the core initial problem of getting the things in a single place. The second need (again, a simple one), is a straightforward interface that simplifies continued review.

So it needs to be as easy as possible to:

  1. Capture new things
  2. Review said things regularly to slot them into my plan

It turns out that most apps are at least passable at item two; it’s the first that can cause problems depending on preferences, work style, and day-to-day activity. I love having a notepad and pen for writing and sketching as often as I can, but I just don’t reliably have it with me enough to use for collecting things that need doing.

The number one advantage I quickly discovered with Todoist over other options is its cross-platform simplicity. Because of it’s web-centric architecture, it has a wide array of integrations with other services. It also has native mobile apps for any platform, a web app, and a desktop client (wrapper around the web app). This kind of “available everywhere” foundation forms the first basis of a good productivity tool. As the saying goes about photography: “the best camera is the one you have.” I treat productivity apps the same.

I don’t have too fancy of a setup with projects or contexts. The main way I use the app is to get things into the inbox as quickly as possible, then review and sort things into their proper places as often as I can. Usually once per day I’ll run through the inbox and file things off where they belong, or delete them if I’m actually not going to commit to them.

On the capture side, items get into the inbox one of three ways:

  • Cmd-Shift-A quick add shortcut on the Mac
  • The Today widget on my iPhone
  • A Today workflow from the Shortcuts app I called “Dictate to Inbox

The dictation flow is one of my favorites. I’m not a fan of the full Siri integration since I have too much trouble invoking Siri and getting the initial command to go from speech-to-text correctly. The Shortcut method makes it one swipe and one tap to invoke, and still leverages the Siri dictation piece. The problem with the full integration is it misunderstands the initial directive that I’m trying to make a new todo for the inbox, and will mistakenly call someone or look something up on the web (the ultimate useless cop-out from Siri that no one ever wants).

Todoist has a “karma” gamification component that I wish I didn’t enjoy as much as I do. Being motivated by artificial points rather than the importance of the work itself isn’t really what you’re going for with a productivity tool. But it adds a psychological gratification element to checking things off the list. I’m an advocate of keeping the end in mind, so if the means (ticking boxes for points) keep me actually doing the work written down on the list, then it works.

I’d like to try the sharing elements, so far I’ve only used it solo. Todoist isn’t great for general list-making (though it can do it if needed). Colette and I still use Wunderlist for groceries and shopping. There’s still not a better simple replacement we’ve found yet. It’s possible that a shared project in Todoist could do the job and is something I’d like to try.

Dave Attell & Jeff Ross

December 6, 2018 • #

I loved this recent podcast with Dave Attell and Jeff Ross, promoting their new Netflix special Bumping Mics. This is a great freeform conversation (like most of Rogan’s shows) with three veteran comedians with a lot of banter about the industry, reminiscing about other comic legends. We watched their new special last night. Hilarious stuff.