“Please to call it… research”

Man, I love Google.  It’s fabulous to live in an era where just about any silly question I want to ask can be answered in moments.

• Who was that amazing, skinny-waisted, tap-dancing sister who played opposite Rosemary Clooney in White Christmas?
  
• How do HTML table styles work, again?
  
• What could I make for lunch with kale and tahini?
  
• Are there any new virus removal programs?
  
• Who wrote Le Grande Maunes?
  
• What good shielded outdoor lights are available?

Of course, there’s a downside.  If you’ve got the discipline to find your answer and then get off the web and move on, you’re good.   I don’t seem to have it.  So many of my Google searches turn up all sorts of interesting things that I want to explore.  Often they spawn more Google searches (I’d love to blame this all on a nefarious plot by Google).  Articles have links to other articles.  

I mostly ignore videos on the grounds that they take too long (unless I’m trying to learn something and so far the written answers aren’t helping). But that's probably a false economy.  I can get lost for big chunks of time reading stuff that, eventually, is not even related to my original question.  Is it fun? Sure.  Does it help me get my work done?  Well…

In this age of infinite information, it’s very easy to get lost in it, especially if you enjoy reading and the process of learning like I do.  How do you decide when you’ve had enough?  For me, it depends – on how black-and-white the question is, how comfortable I am that I know what I’m doing right now and don’t need much input from an expert.  And how much I’m enjoying the task at hand.  If I’d really rather not be doing what I’m doing, it’s easy to rationalize that a differently-worded search might come up with better info, or that these 4 related articles might be useful before I get back to work.  All in the name of …research, of course.  

I already set a timer for Facebook because aside from keeping in touch with friends, the thing’s a time sink.  Maybe I should do that before I type something into that search box, too.  

What do you do to keep from endlessly wandering around in all that delicious information out there?

Garden dreams in progress

Finally, finally, FINALLY there are signs of spring in ChicagoLand.  It’s been a long, tough winter.  This post is primarily to share the eye candy coming up in my yard; it's been a delight this month to watch it begin to happen.

My potted plants have managed to survive on the back porch (which long ago was turned into an extra little room off the kitchen).  It was sometimes chilly but nobody died.  I’ve also tried to keep some sort of bloom going.  I plant a few paperwhite bulbs at a time.  And I’ve bought hyacinths from Trader Joe's.  The fragrance is so intoxicating.  There’s nothing I like better in my office to lighten the gloom of winter.  

And now, finally, my yard is beginning to wake up.  First there were the crocus: 

 Then, the delicious little blue Scilla (siberica) in the back:

And then my newly planted Fritillaria (michailovskyi).  

And then, surprisingly, the tulips.  I expect daffodils first, but not this year.  At this point the daffodils are up too, but the tulips are still ahead and will probably bloom first.  Neither is quite there yet, though:

This morning my rhododendron popped into bloom.  Last year, the tulips and daffodils were blooming first.  This year, it’s the other way around.  

Coco and I watch for flowers in other yards as we walk, and there are now spring bulbs up everywhere.  My next door neighbor’s front is gorgeous, so I can enjoy that until my own blooms appear.

Half of the hyacinths, the ones I planted by the back steps, are coming up (they were a mixture; they’re not all supposed to be pink!  But I guess I don’t really care as long as they smell good).  The ones planted close to the patio have not appeared.  It’s probably colder over there.  I shall sit on the bottom step, though, and drink in that fragrance.  

It’s time – past time – to get going on the spring work of the garden.  The soil is warming up very slowly, but it might be OK to plant snow peas, spinach, lettuce, and other early vegetables.  I did not start tomatoes or peppers from seed this year, so will need to buy plants from my CSA farmer or a farmer’s market.  But at the rate we’re going, it won’t be time to put those plants outside until June.  

That’s OK.  Every day in the garden is a good one.  I will enjoy both the work and the results in my yard.  I spent 16 years in Maryland turning my lot into something beautiful.  Now I’m starting over with a new project.  It’s exciting.

Security: HeartBleed aftermath

Well, it was fun, wasn’t it?  The panic, the flying rumors, the denials.  “Massive vulnerability” in a protocol we use EVERYWHERE.  What is an ordinary person supposed to think when told your passwords could have been compromised?

As I've said before, this is the way of the world and you just have to plan to do your part to keep the bad guys at bay.  In my mind changing passwords should be easy.  It IS easy, if you have set up a data base.  See my prior post about how to create good passwords and manage them: http://lifecommaspiceof.blogspot.com/2014/02/security-password-basics.html

So, when word comes that a password might be compromised, you do the following:

1.  Log in to your password db and find the site/account’s record
2.  Open your browser and log into the site/account in question
3.  Navigate to your account preferences or find the change password link
4.  Enter your old password  (assuming you’re using your data base, this is a copy/paste operation from the db)
5. As a short-term protection from problems, copy your old password into the notes field of the record.
6. Tell the db to generate a new password.  In KeePass 2, there’s a button for this at the end of the PW repeat line.  I randomly choose one of the generation algorithm options that button gives me, on the grounds that almost anything it generates is going to be reasonably secure.    For high-stakes accounts like my bank account, I use the highest hex key.  Sometimes I look at the password and add symbols to the numbers and letters.    But I admit that probably isn’t really necessary most of the time.
   
7.  Save the db record, then copy/paste the new password into the password and repeat password fields in the account.  Save changes.
8. Log out of the account and log back in.
9.  Assuming the password change worked, open the db record again and erase the old password from the notes field.
10. Save the new version of the db.

Keepass2 entry with Generate Password Button Circled

 

All this actually takes a lot less time than it took to write up the steps.  Of course, that’s for one account.  If you have lots of accounts you need to change, the time it takes multiplies.  Do it anyway.  It would take a LOT more time to repair the damage if your passwords have been compromised anywhere.

Which accounts do you need to fix?  CNET has a list here, which they keep updating:
http://www.cnet.com/how-to/which-sites-have-patched-the-heartbleed-bug/

The list is not in alphabetical order but that’s only a minor inconvenience.  You need to scan the whole list anyway; it might trigger action on an account you haven’t thought about in a while.  

I had to create and memorize a new mail password by hand.  That always takes a few minutes of concentration and a few days until I have it fully memorized and in my fingers.  Still worth it.  And now done.  

One thought worth repeating from my prior Security post: whatever you do, use a different password for every account.  You can’t control when vulnerabilities will happen.  But you CAN control the extent of potential damage done to you.  Use a data base, which will generate a different password for every account.  

You are responsible for your own data.  Do what you need to do.