« July 2005 | Main | November 2005 »

August 29, 2005

Got It Done!

How did an excellent time-management tool help me climb a 14,255 foot mountain? I'll tell you...

First, the background. One of the personal development issues I've been working on professionally at Return Path is my time and task management. I've made fantastic progress, most this quarter, using the "Getting Things Done" system.

For those not in the now, Getting Things Done is a method and support system for time and task management.

The basic premise is that everything you have to do, from business related tasks, to personal items - needs to be captured somewhere. That somewhere is referred to as your "Operating System".

Capture your tasks: get them off of sticky notes, get them out of piles of paper on your desk, and most importantly GET THEM OUT OF YOUR HEAD and get them INTO your operating system. For me, this along with the basic triage concept are probably the most important fundamentals of the system.

Once you have captured everything, it can be dealt with. Everything can typically be dealt with in three ways:

1) Do it.
2) Delegate it.
3) Delete it.

There are few exceptions.

GTD has not only provided me with an effect triage method for dealing with your day-to-day tasks, but it also has enabled me with tools. I purchased the GTD Outlook Plugin and it is worth its weight in gold. (Thanks to colleague Jack Sinclair for this tip!) Specifically it allows you to manage email easily - with some custom buttons I can convert an email into a task, archive the message, set an alarm, categorize the item, set a due date, etc... with basically 2 clicks. I highly recommend it if you adopt this system - and obviously I endorse the Getting Things Done system overall.

Now, one of the things I like about GTD, is it allows me to capture everything I need to get done. Of course the broad focus are day-to-day business items, but the system intentionally captures all personal items. This includes things like, "wash the dog", or "pick up the dry cleaning", or "get flowers for wife" (that one is still open... I'll do it next honey - promise!).

Along these lines you are encouraged to have a category for long term goals. Things like "learn how to fly a plane" or "take rhumba lessons".

While I get great satisfaction from working through several or even dozens of tasks per day, as well as managing dozens and probably hundreds of emails - there is something about knocking down one of the bigger "life goals". When I first setup GTD and inventoried all my tasks, one of the items in my "Someday" category was "Climb Longs Peak". This has been "on my mental list" since 2002.

So, what can a great time management tool do for you? Not only can it get your email inbox average count down from 800 or so to under 100 (on my way to the pinnacle "empty inbox"!) - but for me, it pushed me up a 14,255 foot mountain. 15 miles of round trip hiking and climbing. 4,875 feet of elevation gain. Six hours to the summit and three and a half back.

I'll post a full gallery soon, but for now here is the proof! Special thanks to the climbing party that adopted me - friends and neighbors Jim and Stephanie Busby and their clan the "Bice Descendants"! And thanks to Joie for letting me go!

So tomorrow I may be back to the daily grind, but today I had the pleasure of marking the task"Climb Longs Peak" complete. Cool! Good thing it was on my list!

Posted by gcrgcr at 8:33 PM | Comments (0) | TrackBack

August 22, 2005

Bloglet to Feedblitz

Call me a lemming... I just read this post by Matt Blumberg and have enough faith in his "geekiness" to make the switch to Feedblitz. To quote from his concise explanation:


Many of you rely on emails from an outfit called Bloglet to receive notifications that I've posted something to my blog. However, as you no doubt know, Bloglet's service is incredibly flakey, so many times, the notices don't go out.

That same sentiment is now mine and applies to you. Matt is going to run the services in parallel, but not me. I'm just rolling the dice. Bloglet has been flakey for me. So, FYI on the new posting alerts. If anyone has problems with the new alerts, please let me kow.

Thanks!

Posted by gcrgcr at 10:26 PM | Comments (0)

Feeling Vulnerable

Every week I read my "Vulnerability Summary" from SecurityTracker. It amazes me the nubmer of major open vulnerabilities that are aggregated, summarized and presented. In a way it is a bit overwhelming and alarming.

We all hear and read stories around web security breaches and hacks. Most folks know someone who has been violated, or even is a customer of a major organization in the news for being breached, or losing data, or whatever. Hey, if it can happen to Fred Durst of Limp BizKit, it can happen to you or me.

We also hear tidbits around how quickly an uprotected machine on the Internet picks up dozens if not hundreds of viruses and spyware. Attacks commence within minutes and quickly number in the hundreds to thousands of attempts with numerous successes.

So, I guess I should not be terribly surprised, but each week as I glance through the SecurityTracker Vulnerability Summary, I'm fairly well amazed.

So, I'll close this with a sample snip from this weeks release. Additional information on each listed vulnerability is included as well as a link back to the Security Tracker site with more data.

And if you like or need this type of alert, signup is easy.



In This Week's SecurityTracker Vulnerability Summary

SecurityTracker Alerts: 49

Vendors: Adobe Systems Incorporated - Apple Computer - ATRC
- Cisco - Crossday - Druilhe, Marc - drupal.org - Easy
Software Products - ECW-Shop - EMC - ezUpload.org -
Gonafish.com - HAURI Inc. - HP (Compaq) - ivory.org - Juniper
- KDE.org - kernel.org - Microsoft - miniBB.net -
MoneyMakerGaming.com - Mutt.org - Nortel - PHP Group -
phpadsnew.com - phpfreenews.co.uk - PhpOutsourcing -
phpWebSite Development Team - phpxmlrpc.sourceforge.net -
tor.eff.org - Xerox

Products: Adobe Acrobat - AppKit - Apple Directory Services -
Apple Mail - Apple Weblog Server - ATutor - BBCaffe - Chris
Moneymakers World Poker Championship - Cisco Clean Access -
CoreFoundation - CUPS (Common UNIX Printing System) - Discuz!
- Drupal - ECW-Shop - ezUpload - HIToolbox - HP Ignite-UX -
KDE - Legato NetWorker - Linksys Router - Linux Kernel - Mac
OS X - Microsoft Internet Explorer (IE) - miniBB - Mutt -
Nortel VPN Client - PEAR XML_RPC - phpAdsNew - PHPFreeNews -
phpPgAds - phpWebSite - Ping - ...

Headlines:

1. HAURI ViRobot Input Validation Hole in Processing
Compressed Archive Contents Lets Remote Users Write
Arbitrary Files

2. Tor May Use Weak Diffie Hellman Keys

3. Chris Moneymaker's World Poker Championship Buffer
Overflow Lets Remote Users Execute Arbitrary Code

4. W-Agora Input Validation Flaw in 'site' Parameter
Discloses Files to Remote Users

5. phpPgAds Multiple Bugs Permit SQL Injection and
Local File Inclusion and XML-RPC Bug Lets Remote Users
Execute Arbitrary Code

6. phpAdsNew Multiple Bugs Permit SQL Injection and
Local File Inclusion and XML-RPC Bug Lets Remote Users
Execute Arbitrary Code

7. ECW-Shop Bugs Permit SQL Injection, Cross-Site
Scripting, and Price Modification

8. BBCaffe Input Validation Hole in E-mail Field
Permits Cross-Site Scripting Attacks

9. Nortel VPN Client Entrust Certificate Profile
Implementation Lets Local Users Gain Elevated Privileges

10. ATutor Input Validation Bugs in 'login.php' and
'search.php' Permit Cross-Site Scripting Attacks

11. Whisper 32 Discloses Password to Local Users

12. Mutt Buffer Overflow in 'handler.c' May Let
Remote Users Execute Arbitrary Code

13. Juniper NetScreen ScreenOS Lets Remote Users
Determine Valid VPN Usernames

14. Microsoft 'msdds.dll' COM Object Lets Remote
Users Execute Arbitrary Code

15. PHPFreeNews Input Validation Bugs in
'SearchResults.php' Permits SQL Injection and Cross-Site
Scripting Attacks

16. Zorum Input Validation Hole in 'gorum/prod.php'
Lets Remote Users Include and Execute Arbitrary Code

17. ezUpload 'path' Parameter Include File Bug Lets
Remote Users Execute Arbitrary Code

18. Linux Kernel Memory Leak in
syscall32_setup_pages() May Let Local Users Deny Service

19. Linksys WRT54GS Lets Remote Users Bypass WPA
Wireless Encryption

20. Xerox Document Centre MicroServer Web Server Bugs
Let Remote Users Bypass Authentication, View Files, and Deny
Service

21. Cisco Clean Access API Does Not Use Authentication

22. Linux Kernel ptrace find_target() Lets Local
Users Deny Service

23. phpWebSite Input Validation Hole in 'Module'
Parameter Permits SQL Injection

24. MiniBB Include File Bug in 'includeFooter' Lets
Remote Users Execute Arbitrary Commands

25. Legato NetWorker AUTH_UNIX, Database, and
Portmapper Authentication Can Be Bypassed By Remote Users

26. Adobe Acrobat and Adobe Reader Buffer Overflow in
Core Plug-in Lets Remote Users Execute Arbitrary Code

27. HP-UX Ignite-UX File Permission Flaw May Let
Remote Users Access and Modify Ignite-UX Client Data

28. Apple Safari PDF Link Bug May Let Remote Users
Execute Arbitrary Code

29. Apple Mac OS X Buffer Overflow in servermgrd Lets
Remote Users Execute Arbitrary Code

30. Apple Mac OS X Bug in servermgr_ipfilter May
Prevent Certain Firewall Rules From Being Enforced

31. Apple Mac OS X SecurityInterface May Disclose
Passwords to Authenticated Administrators

32. Apple Safari RTF Link Bug May Let Remote Users
Execute Arbitrary Code and XSL Form Bug May Disclose Data to
the Wrong Site

33. Apple QuartzComposerScreenSaver Lets Physically
Local Users Bypass the Password Mechanism

34. Apple Mac OS X loginwindow Fast User Switching
Lets Certain Local Users Access Accounts on the System

35. Apple Mail Does Not Fully Enforce Remote Image
Access Blocking

36. Apple Mac OS X Buffer Overflow in Traceroute
Yields Elevated Privileges to Local Users

37. Apple Mac OS X Buffer Overflow in Ping Yields
Elevated Privileges to Local Users

38. Apple Directory Services Lets Remote or Local
Users Execute Arbitrary Code and Local Users Create Accounts

39. HItoolbox May Disclose Secure Information via the
VoiceOver Interface

40. CUPS on Mac OS X Lets Remote Users Deny Service
By Submitting Multipe Print Jobs or Partial IPP Requests

41. Apple Mac OS X CoreFoundation Command Line Buffer
Overflow and Date Parsing Error Lets Local Users Execute
Arbitrary Code and Deny Service

42. Apple AppKit Login Window Lets Local Users Create
Additional Accounts

43. Apple AppKit Buffer Overflow in Processing RTF
and Word Documents Lets Remote Users Execute Arbitrary Code

44. Apple Weblog Server Input Validation Hole Permit
Cross-Site Scripting Attacks

45. XML-RPC for PHP Nested Tag Parsing Flaw Lets
Remote Users Execute Arbitrary Code

46. PEAR XML_RPC Nested Tag Parsing Flaw Lets Remote
Users Execute Arbitrary Code

47. KDE langen2kvtml Temporary File Flaw May Let
Local Users Gain Elevated Privileges

48. Drupal XML-RPC Library Bug Lets Remote Users
Execute Arbitrary Code

49. Discuz! Board Input Validation Flaw Lets Remote
Users Upload Scripting Code

Posted by gcrgcr at 11:09 AM | Comments (0)