Open Source North 2015

Looking forward to presenting today at Open Source North!

SPS Recruiters at Open Source North looking for talented technologists with a bias to open source! Go #TeamSPS!

Jeff Urban kicking off Open Source North.

Enjoying Joel Crabb’s session on becoming an engineering manager. Great perspective. Agree 100%!

I ask every engineer pursuing management this. Doing personally and doing organizationally are different!

Presenting next at Open Source North on Transforming Your Organization with Open Source!

I wasn’t able to stay for the entire day but the event was very well run, good lineup of speakers and very good attendance as well.

I’m hoping they plan to organize this again next year, I can definitely see this growing into a substantial event.

Journaling Habit

For years I’ve thought it would be great to keep a daily journal. I bought Day One for iOS and my Mac. But I’ve never been consistent. About a month ago I changed tacts. Hit 13 days in a row so far.

S’mores Selfie. 🔥🍫

As someone that just could never get cozy with Evernote I’m really digging the new Notes app in iOS 9 and El Cap.

Millions of Facebook Users Have No Idea They’re Using the Internet ← Oh my. 😫👎🏻

Amazing that @Snowden has almost 700,000 followers just a few hours after joining Twitter.

Neat new Keybase Key Model on the way. Curious to see what this enables!

Namecheap Leaks Password in Security Notification

Please make sure to see UPDATE section at end of this post.

This isn’t good at all. I have security notification alerts enabled in Namecheap because I want to know when something is changed related to my domains, just to make sure I’m always the one that initiated it. Today I changed my password and got this:

Notification For     : PASSWORD
Date                 : 9/27/2015 4:15:28 PM  
IP Address           : 66.41.226.251
Username             : my-username
Domain (if relevant) : N/A

Old Details
-----------
my-old-password-in-plaintext

New Details
-----------
my-new-password-in-plaintext

Additional Information
----------------------
N/A

I’ve replaced the passwords that were in the email because they were my passwords, sent in plaintext, in email. This is pretty much terrible.

  1. Of course email isn’t encrypted so now anyone that has sniffed that email knows my password, and my username is handily referenced as well (I changed it as well in this copy).
  2. This is evidence that Namecheap is storing my password in plaintext somewhere. They should only be storing the hash of it using something smart to protect it. Double bad!

The only good news is I have the optional two-factor authentication enabled that uses an SMS message to my phone so I at least have that to fall back on but this is a terrible security practice that I’m shocked Namecheap is doing.

Please fix this immediately!

PS: After fixing this, can we get a real two-factor solution instead of SMS?

UPDATE (Sept 28)

Within minutes of sharing this post on Twitter I got a response from @Namecheap, and 17 minutes after that they confirmed that they fixed this.

Given how fast they fixed it I have to assume that what they fixed was issue #1, that they are suppressing the email notification for “PASSWORD” events. That is good and will keep the password from leaking into email, however I would really like to know if they are storing passwords in plaintext somewhere. It should be impossible for a service to tell you what your password is, they should only know some form of a hash derived from your password.

Lunar Eclipse 2015

We had a fun night in our neighborhood tonight watching the lunar eclipse with a number of our neighbors. I got out the 70-200/f2.8L and put the 2x doubler on it to see what I could capture on my camera. Really brings the red out.

If you block web activity when you surf, make sure none of the sites you personally run track your users. Don’t practice asymmetric privacy.

Using Tunnel Bear along with Block Bear is a super easy way to get a very protected web experience on iOS.

Saturday morning Fuller Soccer league. Kids chasing balls!

Just completed a task that was added to OmniFocus in June 2011. 😬

Thumbtack for Pinboard ← Nice to have a Pinboard menubar app for Mac OS X that is good!

Truth.

Liking this app for reinforcing habits.

Fun that Ryan Adams did a full cover of Taylor Swift’s 1989. More my speed. 🙂

Introduced the kids to Billy Idol. Too funny.

Love the smell of fresh bits.

Fun listen for users of OmniFocus particularly.