In addition to this documentation, for Gmail and Facebook, I have completed the "I'm dead, do this with my account" sections of my account profiles. Gmail, after 90 days of inactivity, my brother gets an email and gains access to the Gmail account.
As for passwords, keys and so on, you can put all that into a single archive. (eg. regularly export your password manager, put any private keys you want to pass on, instructions for how to use them, etc)
Encrypt the tarball/zip file with a symmetric key.
Then you can use Shamir's Secret Sharing Scheme to split up the key so that a certain threshold of key holders is required to access the data (eg. Any 2 of 4): http://point-at-infinity.org/ssss/
Distribute the parts of the key to your heirs.
Leave instructions in your will so your heirs can locate the encrypted file when the time comes.
 - https://en.wikipedia.org/wiki/Bus_factor
So, there's the technical route, whoever has the passwords wins.
But if it matters, and you don't want your technical heirs to be fighting each other, you should probably establish ownership and succession with a lawyer.
Concentrate on living a healthier/safer life and keep it going longer.
- Is it better to use a different passphrase on each key, or does using the same one not matter much? - How much less secure is it to not use a passphrase on a key? - Should you use a different key per user account, per server, or per use-case (i.e. personal or work)?
- Does increasing the amount of bits in a key really have an effect on the security of the key, or does it not make much difference in a real-world use?
My favoured solution is to use a yubikey via gpg: with this method you use your gpg subkey as an ssh key.The yubikey 4 supports RSA 4096 bit keys, if you need NFC then the Yubikey Neo supports max RSA 2048 bit keys.
From that, we get:
- you're not sharing passphrases between keys, you're sharing them between devices, and whether that's safe depends how likely it is that a compromised passphrase on one device can be transferred by an attacker to another. - Similarly, whether a blank passphrase is a good idea or not depends on what other measures are protecting access to that private key. - If a private key ever turns up on the wrong machine, you *know* the key and both source and destination machines have been compromised.
I have setup a VPS, disabled passwords, and setup a key with a passphrase to gain access. At this point my greatest worry is losing this private key, as that means I can't access the server.
What is a reasonable way to backup my private key?
Encode it as something similar to a QR-code, print it, and store it in a hole in the wall? Copy it to an USB-stick and hide that somewhere safe?
Alternatively, I have access to more than one computer, so I could also authorize a couple of other keys to access the server. So I would transfer the public key to the authorized machine, and add them to the authorizedkeys from there?
How to deal with the possibility of death? Do I trust someone with my keys and passphrases?
Host myhost IdentityFile ~/.ssh/myhost
This is a question of layers. If you don't have a passphrase on your key, what stops someone from gaining access to it? Just your account password? If they steal your device, is there some form of storage encryption involved?
> - Should you use a different key per user account, per server, or per use-case (i.e. personal or work)?
I have different keys for different purposes per client device. This is mostly because sometimes I need to login to places that are ancient enough I need to use a weaker key than I would like to use in other places or vice-versa, there's places I can only login with ed25519 keys.
Though having different keys per purpose isn't necessary it allows me to keep certain identities separate. I have a different one for GitHub for example, mainly because GitHub exposes my public key and therefor allows for clever tricks like tying the key to an established identity should I use that key to authenticate in other places.
I would also recommend configuring SSH so that it doesn't send over any/all keys by default. Take a look at the IdentitiesOnly option in ssh_config.
Yep in an ideal world, though I suspect in practice it doesn't matter much.
- How much less secure is it to not use a passphrase on a key?
You are relying completely on the security of your disk, against either physical or cyber. Use a passphrase, use an agent to manage it.
- Should you use a different key per user account, per server, or per use-case (i.e. personal or work)?
Per client device. This is the device that can be compromised and cause invalidation to be required, so this is the one which should be seperate. For convenience you can maintain all your devices public keys concatenated together and hand them out like that - comment each with hostname and date created for ease of identification.
- Does increasing the amount of bits in a key really have an effect on the security of the key, or does it not make much difference in a real-world use?
Up to a point. RSA in 8 bits is trivial. Go for a highish key length, different key types have different recommended lengths. Note some machines dont support higher lengths.
- How/Where should private keys be stored on a device using them?
Permissions should be set for only you to read with no writing. Even better if your home drive is encrypted as it is only vulnerable whilst you are logged in.
- What are some of the pros and cons from a security standpoint, and how may doing different things affect the usability of a key?
If you hop machines a lot key per client can be problematic. In this case a portable secure drive is useful. Of course one leak can be fatal here.
Try not to fall back on passwords, they have nothing like the same security.
Most usability issues are caused by the people running the servers not reacting in a timely fashion to key updates.
Two questions came up, how many iterations to use via "-a ", and should I add the private key to my home folder repo in version control? I don't want to lose it in a disk crash, but don't want to give it to bithub either.
It is better to use a different passphrase for each key but it is also less convenient unless you're using a password manager (personally, I'm using KeePass)
> - How much less secure is it to not use a passphrase on a key?
That depends on the security of the computer where the keys are. I remember a Firefox vulnerability where one site exploiting it was looking for ssh keys on the local file system. So I'd say that a passphrase is very important.
Personally I'm using a key per account per host.
> - Does increasing the amount of bits in a key really have an effect on the security of the key, or does it not make much difference in a real-world use?
Yes up until 2048 where the returns of increasing the amount of bits will start diminishing.
- Is it better to use a different passphrase on each key, or does using the same one not matter much?
If they are being used on different device then different passphrases makes sense otherwise no.
10? Not sure you can really quantify an answer. I'd recommend a passphrase if you aren't already using disk encryption with that it's probably less of a concern however with agents there's not much issue with not having one.
Use a different key per client device but you don't need a different key for logging into different servers unless you care about people correlating those users.
Use more than 2048bit for RSA/DSA beyond that it doesn't matter.
~/.ssh on some local filesystem.
1) Disable passwords and only allow keys even for root with PermitRootLogin without-password
2) public-key authentication has somewhat unexpected side effect of preventing MITM per this security consulting firm http://www.gremwell.com/ssh-mitm-public-key-authentication
It's better to think about specific attack scenarios. If your keys get exfiltrated because of some local exploit (like a browser vulnerability, a malware download or physical access) then the attacker has access to your servers.
Regarding key types:
- DSA keys (ssh-dss) suffer from several issues (fewer bits, bad RNGs in Debian, other issues), and modern versions of OpenSSH deprecate it.
- RSA is pretty standard, and generally speaking is fairly secure for key lengths >=2048. RSA-2048 is the default for ssh-keygen, and is compatible with just about everything.
- ECDSA is largely considered compromised because the constants NIST chose for the cryptosystem weren't well documented how they got them, and the assumption is that the NSA chose them to provide a "backdoor" (so it would provide the same security for a general attacker, but significantly easier for them). This was confirmed as being theoretically possible, and there is of course concern that the NSA could potentially leak those constants, instantly breaking the security of this cryptosystem.
- ED25519 is more or less the same as ECDSA, but was put together by DJB. The big advantage here is speed. EC crypto is much faster to sign, slightly slower to verify, and equivalent security can be achieved with fewer key bits.
- Notes for the future: both RSA and ED25519 become insecure against quantum computing (integer factorization and discrete log are both in BQP).
Generally, use RSA if you work with older servers that only support it, or ED25519 if you like shiny things. Otherwise it's a bit of a tossup.
Regarding using separate keys:
- I follow the philosophy that a private key should never leave the host it was generated on. If you aren't sharing keys between machines, you remove the risk that you'll accidentally share it publicly.
- Beyond that, I'd recommend at a minimum having separate work/personal keys. Keeping separate keys for each user/host you want to log into is a tad excessive, but can be useful for key revocation/rotation.
Regarding passphrases on keys:
- Yes. FDE is sometimes trivial to bypass, and you want to be protected in case someone sets your ~/.ssh folder to be synced to dropbox/samba/etc. You can use an agent to keep the decrypted keys in memory, but I'd avoid using agent forwarding.
Regarding bastion hosts:
- You didn't ask about this, but it is essential for a "best practice" setup.
- Bastion hosts are small VPS hosts that basically run sshd and have a static IP. You disallow any ssh traffic except from your bastion hosts to your servers.
- You'll want to have at least 2 bastion hosts with different hosting services, in case one isn't available.
- Run sshd on your bastion host on a port other than 22. Not for security, but for reducing log volume.
- Run fail2ban on your bastion host, even if you've disabled password authn. Again, not for security, but for reducing log volume.
- Set up fail2ban to alert when a new IP successfully logs in.
- SSH can use certificates for authentication, and this can make the key distribution problem much easier to solve. I have a script that makes this easier.
- Push for everyone in your organization to use SSH keys, and only SSH keys.
- Defense in depth. All it takes is skipping one step and you expose yourself. Assume that something that was exposed has been compromised. An attacker only needs to succeed once.
tl;dr - the defaults are fine and password protect your keys.
Using a passphrase is highly recommended except for server-to-server accounts, which should be locked down (and specify the specific command that server can execute in the authorized_keys file - Userify supports this).
You should definitely use a different passphrase for keys stored on separate computers, and it's not a bad idea to use a different passphrase for separate keys stored on the same computer, especially if they have different servers they can access. However, practically speaking, if your computer was compromised (ie keylogger etc) then it's game over anyway.
> Does increasing the amount of bits in a key really have an effect on the security of the key, or does it not make much difference in a real-world use?
Yes, it does make a difference, depending on what you mean by "real-world". Anyone less than a state-level actor will probably be unable to cost-effectively attack even a 1024 bit key, but that won't be true for long. We suggest 2048 bit keys if you are using RSA, with 4096 if you prefer extra security and don't mind slight latency during a connection, or ED25519 for keys on systems that support it. Generally the defaults are pretty good. We have a HOWTO for different OS's here: https://userify.com/docs/generating-ssh-keys-on-ec2/
> How much less secure is it to not use a passphrase on a key?
From the server's perspective, it's EXACTLY the same, but from the client (your laptop's) side, it's completely different. While it's possible that your laptop could still contain your decrypted key in its key manager's RAM or suspended state (ie unencrypted swap file etc), the use of a passphrase even on (actually, ESPECIALLY on) a non-full-disk encrypted system will raise the level of effort to access your key to near-impossibility levels, especially from non-state actors, whereas a key that has NO passphrase is a piece of cake. Use a passphrase EVEN WITH full disk encryption (for example, the evil maid attack)
> Should you use a different key per user account, per server, or per use-case (i.e. personal or work)?
If you're using a different key and storing them on different computers, you should probably use a different passphrase on each key. The passphrase (or even if one exists) is not visible to remote servers (or Userify - we provide a free-text field that becomes your authorized_keys on remote servers.)
You don't need to use a different key per user account, although you can. You also should not use a different key per server.. that will turn into a management nightmare. It's perfectly ok to use one key everywhere, but you should probably use a different key on your laptop and desktop, or if the keys have different levels of access (Userify can automate that for you too).
> How/Where should private keys be stored on a device using them?
Ideally on a device using full-disk encryption, including swap and laptop suspend space, to prevent access to a decrypted key in RAM (you are using a passphrase, right?). However, FDE does not protect you from other compromises on your system (i.e., another user that gains escalation to root and installs a key logger), and does not protect against a compromise of your BIOS (i.e., Intel UEFI) or boot process (evil maid attack again).
> What are some of the pros and cons from a security standpoint, and how may doing different things affect the usability of a key?
Keys are safer than certificates because there are less moving parts and no outside requirements for your internal CA or dependency on a CA that might go down. Keys can be a management nightmare at scale, but there is software to manage them (ie Userify, ManageEngine, BeyondTrust, ssh universal key manager, keybox (free/open source), etc). If you are doing a small project with few team members, you can also do management with Chef, Puppet, etc, or just by hand.
In terms of usability, a real key solution that manages keys across entire groups of servers with a few clicks can be really helpful... you can do all of the regular SSH things like tunneling (replace stun/sslwrap, etc), proxying all of your other traffic (SOCKS5), keep SSH connection alive (autossh etc), smart ban based on failed attempts (fail2ban, deny hosts), forward encrypted X11 or VNC connections, forward SSH itself (tunnel SSH within itself), and so much more.
We're going to start blogging about all the awesome things you can do with SSH soon, since it's really an amazing and deep protocol.
1. Userify https://userify.com Free cloud and on-premises versions available; full disclosure: I work there
2. ManageEngine: https://www.manageengine.com/
3. BeyondTrust: https://www.beyondtrust.com/
4. SSH Universal Key Manager: http://www.ssh.com/ (no TLS?)
5. Keybox http://sshkeybox.com/
Passphrase is strongly advised
Is it better to use a different passphrase on each key, or does using the same one not matter much?
How much less secure is it to not use a passphrase on a key?
If you expect to be moving your SSH keys across machines (e.g. to use your same personal key on both your laptop and your desktop), then they should absolutely be passphrase-protected, even if they're only transferred via encrypted media.
Should you use a different key per user account, per server, or per use-case (i.e. personal or work)?
Meanwhile, for situations where a server needs to connect to another machine via SSH, each such server gets its own key. That way, if a server is compromised or decommissioned, I can revoke access by key.
Does increasing the amount of bits in a key really have an effect on the security of the key, or does it not make much difference in a real-world use?
How/Where should private keys be stored on a device using them?
A reasonable balance between security and practicality is for any portable media (including portable devices, like laptops/tablets/phones) to be encrypted (in addition to the key itself being passphrase-protected). Better security would be to extend this to non-portable media and machines as well (but this is painful to enforce on servers unless you have physical access).
The directory in which keys are stored should only be accessible to the OS user actually using those keys (so, for example, `~/.ssh` should have permissions `drwx------` when viewing with `ls -la`).
Basically, server SSH keys should be treated like you'd treat your SSL/TLS keys.
What are some of the pros and cons from a security standpoint
and how may doing different things affect the usability of a key?
Upgrade your SSH keys!https://blog.g3rt.nl/upgrade-your-ssh-keys.html?_utm_source=...
It is too broad and so there is no one deciding factor. You don't even have a clear definition of success. Is http://lawcomic.net/ successful? It has a loyal following, but it doesn't update that much, or earn much money for its creator.
I first got hooked on slatestarcodex (http://slatestarcodex.com/) when the author hit a five post homerun streak and he was just too good to not check in with.
When I'm evaluating whether to follow a tumblr I can see the process unfold in real time, where I scroll down and finally think to follow after I see several really good posts at once. The moment I stopped and saw myself doing that I realized if I ever wanted to get followers on tumblr my blog would probably need to have the same kind of five-post punch to get people interested.
1. Update often.
2. Make it easy to find your new stuff, or display your archive proudly and live off the interest.
3. Keep a high quality bar. It might even be useful to take your absolute best and put it in one place so you can show people your better side.
4. Market aggressively or be prepared to wait a while.
My understanding (feel free to correct me if I'm wrong) of it in the context of good websites is
Host: You need a great host/site, something stable & something people want to use
Agent: I consider agents as internal factors like technical, sales & marketing, They help you grow & the ensure stability.
Environment: Environment is pretty much your jurisdiction, you need to make sure that your solution is legal & your environment is supporting of you growing. Another fascinating theory to study around that is the Overton window (https://en.wikipedia.org/wiki/Overton_window).
Vector: A vector, an organism which transmits infection by conveying the pathogen from one host to another, with the most powerful agent been word of mouth.
I guess if you have these 4 components structure well, then you have a pretty good chance of having a successful website according to the Epidemiologic Triad.
Now if you're question is more around business models, then heres also another good resource to look into by HBR(https://hbr.org/2016/10/the-transformative-business-model)
If you're selling something, make it something that people want at the right price and make it easy for them to buy.
If you're selling advertising (you're a decade late on that one...), give people a reason to come back to the site - make the site sticky or have network effects.
Scaling comes later (assuming your initial design isn't a complete resource hog). It literally follows the money.
You'll get some ideas.
More to the point, making sure people know about it and the site is easy to use. Beautiful design is nice but if it gets in the way people will admire it once, twice... and finally give up. Don't let content get stale.
It's also question that needs to be better defined. What sort of site? What definition of success?
For many sites, the biggest pieces are having something that people want or need, then consistently providing it. Of that pairing, having something people want is the absolute core.
Then I would do "doing and learning" along the way.
This approach works for me, but sometimes I get a feeling of missing out something.
So I got me this new Haskell book: http://haskellbook.com for further enlightenment and want to first work through the book before applying it to project XYZ.
SoI guess to get work done I rely on the "doing and learning" approach. To challenge my brain/learn a new way of thinking, I rely on reading the books without skimming.
I can then run a BIND instance with internal.example.com as a root, then map all my services to their own domain if need be.
This is a little overkill for a one man shop, but it's a nice little home development setup.
The one thing you need to configure, if you want it to work out of the box is that your DHCP server needs to send back the IP address of your local BIND service for DNS, else it won't work right and you'll need to manually configure it every time.
An example of where this worked well for me was when I was using one nginx instance to run snapshots of all my clients websites. With nginx, you can set up "virtual hosts" which map a hostname to a configuration block. You could also just edit your /etc/hosts file to accomplish the same thing I guess.
Google bought it up, and I've never seen it in the wild, so it works well for me.
Contents of /etc/hosts:
Worked quite nicely until the Mac users upgraded to a version of OS X which included Bonjour...
There days Mac OS X does a pretty nice job here all on it's own - this machine I'm typing on here happily answers as Iain.local to the internal network... (For some not-worth-my-time-to-debug reason, our Netgear NAS is a whole lot less reliable with it's Bonjour/zeroconf .local name...)
I run a vagrant box on my Windows machine - so ".vm" describes what I do very well.
And unless a new country is formed, there will never be new 2 letter TLDs.
I think I will probably go along the route of assigning a domain to my local network
Or just "localhost" if it's a personal project with no domain
ngrok.io when it needs to be public
(yeah, I know those aren't TLDs, but I rarely use any when developing TBH)
That's where I would start.
That being said. What's actually kind of good (with actual technical specifications) is Bitcoin wiki, even when it's slightly outdated; then official bitcoin website; and sometimes bitcoin stack exchange website (but that can become outdated too).
I don't think Blockchain can be disconnected from Bitcoin, and if you do, it's very general and not that specific.
And if you want a compiled list of resources for learning:https://drive.google.com/file/d/0B6CKmAqa1_nzRGVicnlHY1BaaUk...
Someone tells a joke based on a prompt. This would be your Genesis block. Then everyone else competes to tell the funniest joke based on only that and the new prompts from the audience.
Repeat until you have an ongoing, hilarious comedy routine that cannot be edited after the fact without being found out because that would ruin the whole routine. It just wouldn't be as funny.
Inserting metadata into the blockchain.https://medium.com/@bkawk/inserting-metadata-into-the-blockc...
Andreas M. Antonopoulos: "Consensus Algorithms, Blockchain Technology and Bitcoin" [UCL]https://www.youtube.com/watch?v=sE7998qfjgk
I work in the field and the most difficult thing is to separate the noise from the signal. On talks with financial institutions and the government, they say they want to use the blockchain but when you ask about how many nodes they are planning to run they came up with one, or doesn't understand the question. Also, there are a lot of use cases that are not realistic because they depend on oracles or there is no way to enforce the smart contract in the real world.
The intro to bitcoin concepts is great place to learn about blockchain.
You'll need (at present) about 80 GB of disk space to hold the blockchain. The full node client will download it for you or you can torrent a recent snapshot of the blockchain and then synchronise from there (quicker).
The software you can obtain from here:
Or you can use git to pull the source code from GitHub and compile it yourself. I've done both, and found the developers on GitHub friendly and responsive to pull requests, even helpful to a newbie submitting a first pull request.
Beware that running a full node will try to eat all your upstream bandwidth. It takes a few days for the Bitcoin network to notice the existence of your new full node, but the number of connections will grow (others asking you for pieces of the blockchain, as well as transaction verifications). You can learn a lot about the Bitcoin ecology this way.
Bear in mind that the word "blockchain" is an evolving word; almost every definition I've read differs. Some see it as barely different than a distributed database that doesn't allow deletions. Many others see it as paradigm shifting.
I have a blockchain/bitcoin tutoring service at www.blockchaintutoring.com. I did a Show HN but didn't get a single comment :(
I'm a programmer myself, but my target market is not the typical HN user. I'm looking to teach more business types and people in the law profession, for example. I'm preparing a small course plan to help people get from 0 to knowledgeable. The course will certainly be a bit technical, but I would not cover for example the pros and cons of the blocksize debate unless someone asks for that information.
I invite you to contact me, either through my website's contact form or the email address there provided. We can chat, and then if you ever choose to use the service, it's going to be at a discount for HN users. Your questions will definitely help me tailor my offering.
Although this paper does not directly address the blockchain, I believe it and the thesis below are at the root of the concept. (If you want to go down the rabbit hole, check out the references page of the above paper). Fair warning, the above paper is from 1999/2000 so obviously much has changed, but still worth reading.
Robust Composition: Towards a Unified Approach to Access Control and Concurrency Control by Mark Samuel Miller:
^ Following along with this helped me a lot. Bitcoin is a rather large onion, but, as others are saying, implementing parts of it is the only way to go.
To get stunning UX design, upstream bugfixing and excellent marketing.
Let me explain myself. I love the levels of ergonomy and polish of Mac OS X. But it's closed-source software. If I use (and pay) Ubuntu, then great patches are sent upstream, which I can use in Debian on my servers and Arduinos. It becomes useful to everyone. With Mac OS X, we're not advancing the world. But when I used Ubuntu for work, I was impaired compared to my colleagues. Blame it on a lack of seniority, but a steep learning curve for my OS is the last thing I want at work. So no Ubuntu, no elementary.io, nothing that has rough edges.
What allows Apple to hire UX designers and do bugfixing is the revenue. Which in turns gets them a good marketing team, which persuades the world of adopting their software. Linux misses advocates towards B2B, B2C and B2Gov. If we want adoption, we need a stable income, to improve UX patterns, bugfixing and marketing.
The FSF says it's ok to sell open-source software, but you just can't prevent people from redistributing. So it's possible to design a system that requires a yearly fee to access the upgrade repositories. Of course hackers will find ways around, publish a torrent, or choose not to upgrade. But the majority of people want a system that "just works" and have money to put down for this service. Businesses, programmer shops, owners of Teslas and iMacs don't want to download their OS from an unsecure source: They want the top-of-the-art, official, upgraded releases.
My own threshold is 200 per year for my work computer. We pay that much of IntelliJ. The OS is the most important service in our stack, it deserves paid workers. My parents' threshold would probably be 50/yr.
I think OSS volunteers will feel cheated at first sight, but the software should really push changes upstream and show the value in having a much bigger Linux community.
NB: For those curious, this comment has 18 points so far (10:43 GMT).
These used to exist - albeit disguised as phones - but the marketing department decided we don't need no friggin keyboards, and remove everything but the touchscreen and call it a tablet. The result is a consume-only device, on which it is all but impossible to input large amounts of text.
Nokia N900, Motorola Droid 3/4, HTC Desire-Z. These were the last of their species.
In that vein, I wish someone would build a list of things that regular, everyday folks actually would want and use. The middle manager working at BigCorp; the teenager; the stay-at-home mom; the retired; people who actually want to spend money to solve their problems.
2) A personalized learning resource. None of this AI adaptive learning nor passive MOOC lecture watching. Get people who know what I want to know (usually job-related skills) and have them sit down and teach me things 2-3x a month. I want structured, supportive, long-lasting mentorship from people who genuinely want to see me grow.
3) A doctor that proactively cares about my health. I hurt my shoulder, but aside from a 30 min physical therapy appointment once every other month, I'm on my own. My posture sucks despite having a split keyboard, standing desk, and doing exercises to fix weak muscles. I need someone to make me diligent about my own well being, day after day. I want workout buddies. I want someone who will pick up yoga just so I'd have someone to do it with. I can get more health benefits from a concerned friend than a licensed medical professional.
4) Life training. Working in tech makes me feel detached from humanity. I want to be a more loving person (I am one, but the culture distorts things and makes me think about my skills/career/startups/work/money too much and life too little). I want someone to help me take 8 weeks off a year to spend time with family and go on vacations. I want someone to help me be a better parent when I have kids (my parents aren't great role models). I want someone to remind me to appreciate all the things I have in my life.
What products I use, how I store my data, etc are just sweating the small stuff. Health, education, happiness, sense of community, etc -- fix my big, recurring problems that truly matter to me as a human. Go above and beyond to do so and pay way more attention to detail than most software products do today. Relentlessly follow up on everything. Keep it human and personal.
These are probably not the answers you wanted to hear, but these are needs that grow bigger and are usually unaddressed over time.
I'd like a process/thread to be able to have multiple current-working-directories at the same time, so that a library can change the directory without effecting the rest of the program.
Similarly, I'd like processes to be able to operate on behalf of multiple users at the same time.
I'd like stricter security policies that deny network access, file system access, etc.. unless they've been explicitly turned on (like Android or IOS).
I'd like transactional semantics for filesystem updates. No process should be able to see changes made by another process until that process does a "commit".
I'd like to have a general command-line undo. I'd like to be able to do "rm -rf /*" and then undo the operation and have everything be restored.
I'd like to have something like proc files, but for user space applications.
My full wish list is quite a bit longer, but that's good enough for now.
A curated "channel-like" experience for Netflix/YouTube shows. There's a LOT of good content out there, but it's hard to filter. And the "channel" experience of surfing and switching between programs has been kind of lost.
A different kind of smartphone, with actual buttons. Or maybe even what one manufacturer (Samsung?) tried to do, splitting the phone experience from the smart experience, with one ergonomically good device for calls, and another for messages and browsing. I also very often want to be looking at my screen while on a call (check mail, google stuff, look at maps).
I also miss the experience of the slide-to-answer on my old Nokia n86, or flip-to-answer like the Motorola Razr. I could also make calls without looking.
In a similar, Maslow's-Hierarchy-of-Needs vein, it would be great to have an app that crowdsources data about healthcare costs and other data points in your city. I'd like to know which hospital charges least for an M.R.I., which hospital has the highest rate of MRSA infections, which doctors are highest-rated by their patients, which insurance policy is the best in my location. Right now there's little-to-no transparency and, just like in Vegas, the House always wins.
In general, I would love to see tech take on disruption and increased affordability in the areas of true life needs -- affordable education, housing, medical care, healthy food -- and focus less on gaining tiny efficiencies in tools and workflows.
TL;DR -- I need an affordable home, not a refrigerator that sends text messages to my blender.
CrowdFlower has a de facto monopoly on the outside of the US supply and charges an enormous premium for it - enough to turn off most of them. I certainly don't want to pay several thousand a month for the right to submit jobs, although I was ok with the 25% premium in the old days.
If it's an alternative marketplace, it has to have excellent automation via API. I'm not going to use this for questionnaires, I'll be submitting thousands of jobs automatically.
If you have built this already, please email me.
This is what I want (I know there are alternatives, but this is what I want):
A device that I buy, and can plug at least one hard drive in to. I give it some sort of passphrase. I then place it in a friend's house and connect it to their internet connection.
I can then access it remotely from my house. I can easily backup my stuff to it. My backups are encrypted, both over the wire and on the drive.
When my house burns down, I can drive over there and get all my photos and records and stuff, instantly.
I don't pay a monthly fee. I buy the device and then it is mine.
I know I can build this myself. I don't have time. If I could buy this I would.
It would be nice if it was easy to use the other way around, e.g. buy one for your parents and keep it at your house and automate their backups somehow.
I want someone, probably Google since they own both a major browser and some of the most popular web applications, to re-invent the entire stack. Steal ideas from GUI-focused languages and toolkits, like QML, Swift, AppKit, etc. Lets pull in a superior scripting language like Lua and widget-layout framework like Qt, and support it natively and securely in the browser, building on everything we've learned in the last 20 years of creating web applications.
Fastmail specifically is deficient in several ways:
* gmail conversations. it is threads done correctly. Fastmail half-does this but the seams peek through all over the place. Eg you don't have labels, you have actual folders and those two aren't the same at all.
* fastmail search is still mediocre, and is clearly intended to be used via their graphical menu rather than typing folder/label restrictions or other modifiers in the search box.
* A gmail style iphone + android app that works offline
* better polish throughout the app (eg: if something is incorrectly assigned as spam, when you say not spam, message routing rules don't apply to it. If you create a filter, you have no option to apply to existing messages. I could go on and on.)
* spam detection that works way better
Fastmail may eventually be what I want however. They've definitely improved over the last 2 years. Eg they used to use 2fa as a monetization source (10c or so per text message!) and have recently made gmail style 2fa free. They've also turned their settings UI from appallingly bad (it looked and felt like a very junior developer's first js project) to pretty good. Similarly with their rules routing engine.
I do read though, mostly offline. Books, newspapers and articles. My focus is better offline.
Combining data mining and my offline focus, it would be great if you could make a tool that categorizes my instapaper articles and converts it to theme numbers (big data, health care, artificial intelligence, food, etc) that can be downloaded in pdf.
Would be so cool! Thanks for asking the question.
Pretty much all email clients are message/thread based.
I'd rather have them people-based: A sidebar that shows a list of people who I have recently interacted with; and clicking on them shows all messages I've exchanged with them.
I don't really care about threads, because people just don't know how to use them. But even if they do, it often isn't clear when to start a new thread vs. continue an old thread.
Basically I want email to work more like an instant messenger app.
I want to set up rules like "take 19 percent of every incoming transaction and save it to virtual account 'taxes'. Use this, account to pay invoices by $financialAgency"
Banking hasn't produced any innovation since online banking, it seems
Not a fridge with an UHD screen, not a washer with Bluetooth support, not a toaster that talks to the cloud.
Just functional appliances with a level of efficiency that existed 25-30 years ago and can be repaired, rather than thrown away because subcomponents are sealed black boxes with little regard to durability.
And after that, the really hard work: doing the same with printers.
- A version of this watch (maybe even a smart watch) that didn't cost $25,000: https://ressencewatches.com/watches/type-3
To show that this kind of setup can be cheaper than what they are running on today.
This of course would violate ToS agreements and various services would try to block it. But if it ran as a local app instead of in the cloud, and it was regularly updated, it would be very difficult to block with either technical or legal means.
AFAIK the reason web apps have become so popular is because they load quickly and don't require the user to manage installation and updating. IPFS would achieve the speed through caching and the installing/updating process with its namespaces feature.
slashdot seemed like it was on the right track, then the simplicity of the like/upvote threw complex out the window. buzzfeed came back with wtf/lol, but its not the same.
Accounting like Gnucash but multi-user
Issue tracker (maybe just port Bugzilla or something)
Spaced repetition like Anki but for lecture/class room use
Meeting management (prepare Agenda, live minute writing)
Hosting roleplaying sessions like roll20.net
Virtual money prediction market
Q&A Hosting like Stackoverflow
Somewhat meta for Sandstorm: Sell hosting in Europe, so european privacy laws apply.
A VR app or game that lets me explore (or live in) fictional cities and places from popular works or standalone art. Like Hobbiton, Coruscant, the torus-city of Sigil from Planescape, or the Venice-on-Mars from the Aria manga/anime.
Obscenely large, replaceable battery.
small screen (1080p or 720p at 10~13in) that i can actually slide up when open so i don't have to look down and kill my neck/back.
decent mechanical keyboard at least 90% size (like the eeepc1000)
it can be low on CPU but should have the most connectivity it can. It can weight a little more than a 15" gaming laptop weights today.
Not sure if this is a VC scale business, but I think it should exist and I'd love to be a user if someone built it.
It doesn't need NetBSD compatibility nor anything from Windows.
2. A platform where scientists can discuss publications. It should be a "home" for every paper. Of course, also open, run by a nonprofit organization, or perhaps even federated.
3. A good open (xkcd-927-defying) standard for chat that everybody will use. (Why can we have this for email, but not for chat?)
Almost all government software are essentially workflow engines. This would instantaneously solve loads of problems.
Perhaps interesting would be to find these themes that make good idea-builders.
Currently, THE website to find childcare is care.com . But when hiring families sign on, usually they auto-generate a profile using check boxes such as "We like arts and crafts!" or "Playing outdoors". So there is absolutely nothing to distinguish one family from another. (Hint: All parents say their kids like crafts and playing outdoors)
On the childcare provider side, since there is no good way to find the best match, the safe route is to also be generic. Maybe I could teach your kids to code and spin wool (true), but unless I'm willing to wait a long time for the right family to find me then I have to downplay (or just hide) many of the interesting things about me that very specific families would love.
Some families don't allow their kids to watch hardly any TV. Some allow them to play hours of video games. Some families want you to refer to dinosaurs as "dragons" because they are Young Earth Creationists. Some families want you to sing Mormon songs. Some families are fine with an LGBTQ+ nanny. Some would fire you if they knew.
I have worked for all of those families.
If that information could be gathered, and you could get a list of the best matches for your family (or vice versa), then the huge Russian Roulette risk of getting a new nanny/babysitter or finding a new job could be ameliorated.
That's what I'd like to see, though I get most of what I need with webmail a cross-platform, portable email app would be really nice, where I control the data, not stored on someone else's platform, or from a party that doesn't control the platform. Though I do think if dropbox made such an app that used my dropbox for storage space I'd consider it.
For that matter hosted/paid web apps... You buy an account on the platform with X compute and Y storage for $Z/month, could be built as a shim over DigitalOcean or the like... that just loads whatever apps you pay for, and/or free apps on the platform... you login, use your apps and they stay there, for you to access at-will.
It drives me cray that I can have a phone with a 4G antenna, a laptop with wireless, and a kindle all three speaking bluetooth, and yet they don't transparently for my 'personal lan'.
Removing watermarks or finding better resolutions if possible.
Edit: or PDF files!
If only I had enought time I would try doing that myself :(
It should integrate with stripe and let you configure behavior like adjusting payout percentages after a certain amount of time has passed.
Ideally it would have an admin panel for each referrer so they can see their performance.
It also needs to have pricing that scales from nothing so pre-revenue companies can set it up and only pay when they are making money. Ambassador wants an upfront fee of 5 - 20k plus they have mandatory "success coaching" that is like $200/mo extra. Not a lot if you are already in a successful business but rules them out for me while Im pre-revenue.
* multiplatform editor
* portable output in HTML/CSS/JS
* zooming and rotating la Prezi (in addition to silly classic frame transitions that I never use)
* native support for SVG
don't make me export to a bitmap
no need for a native editor (SmartArt) when it can't beat Inkscape
* clipart, image and template library (drag&drop)
both a free one like openclipart.org
and a subscription-based professional one
Some official service that the label can update when it decides to change it's "official streaming partner" would be great.
Perhaps it can be done without the cooperating of the artists/label. There are only some 100 million songs out there.
Bookmarks feels like the live in the 90s still! Please tell me there is something decent out there.
I mean something like Ring (1) plus MasterLock 5400D (2) plus embedded 4G mobile connectivity. It must not be a permanent installation (like Ring) and it should not require visitors to be pre-registered (like Supra Keys (3)) in order to access the property (for example contractors, repair staff, delivery personnel, etc)
If something like this already exists, please let me know.
(1) http://www.ring.com (2) http://www.masterlock.com/personal-use/product/5400D(3) http://www.supraekey.com/Products/Pages/Products.aspx
* edits: fixed typos
There's a quiet FOSS revolution happening in machine tool motion control: several usable CAD packages (FreeCAD, LibreCAD, SolveSpace, to name a few), a powerful motion controller (LinuxCNC), even a few open embedded servo drives. But flexible, powerful CAM to glue these parts together seems to be the type of tough niche problem, requiring a lot of domain knowledge, where anybody capable of taking it on wants to get paid for their work. A lot like the EDA field before KiCad gathered some momentum.
Not to ignore the work put into PyCAM and other small efforts in this space. It's definitely a start.
MobileOrg is abandoned and was super clunky for editing. Currently I use IFTTT do note to append to a txt file in Dropbox which is re-filed later using a python script, but it's hacky..
Right now, ETFs and their various taxes can be a pain in the ass.
If every urban commuter biker had this w/ phone+gps app, the dataset over time would become very interesting on many levels. Think local governments, real estate, state tranpo authorities etc.
Even greater would be if battles had to be waged in real-life like sports events.
When an address such as firstname.lastname@example.org is used to demonstrate the sign-up process on a website, it directs the user to enter an actual email address at which they receive mail. Example.com is used in a generic and vendor-neutral manner.
Anyway, my advice is because everyone is caught up in stigmatizing "ideas", it's likely you will not find an adequate market available to sell your idea or get paid enough for it. You're better off discussing it with people you know. Frame it like "There is an opportunity in market X that is not being pursued, likely because of reason Y. I understand this market/problem very well and could explain it to you in great detail. If you decide to pursue it, I'd like modest [advisor shares/dividends/etc.] in return" or something to that effect.
If you do want to validate the idea, you have to put something together. If you can write code, build a working prototype. Show it a few people.
I will tell you a secret. Ideas are worthless but a working prototype can be worth something. I know a close friend who built a tool and had no clue how to market it BUT he was able to find a buyer for a good amount. Not an actual business yet but he has offered 6 figures for that tool.
If you can't justify to yourself, how can you hope selling such an idea to someone? oh, maybe you are a commercial actor :D
Few ideas are easily patent protected, plus it's easier to improve execution than the quality of one's ideas - so you're always advised to do what's easier. (First off, at least.)
Note too that "Execution" is often a way of saying "patentable ideas that you can hide instead of patenting them" - which is to say, trade secrets (always more valuable than patents, not least because they don't expire.) Intel was built on just such an invisible trade secret (akin to annealing) that made their memory (this is pre-cpu days) far more reliable than competitor's. So a lot of those who expound about "execution" actually mean "ideas", just non-public ideas.
The other thing that prioritizing execution says, is that people tend to have part of an idea, and not realize how much more thinking (and further patentable ideas) are necessary to make it work. Having a necessary-but-not-sufficient patent (such as Wang's 2D iron-core memory patent, back in the day) is not as valuable as a necessary-and-sufficient series of patents, or far more complex patent.
Also the system (laws for sale) is tilted so that corporations can appropriate the ideas of individuals, in many ways. They are put in a position to patent-and-execute; and individuals are short-sheeted.
If it's not worth this amount of effort, then I don't expect someone will pay you money for an unproven idea that doesn't have enough value to spend your own time on.
There is a great scene in The Hudsucker Proxy where he shows a circle and then a line as his diagram of his idea. This turns out to be the hula hoop and is wildly successful. The scene basically repeats -- drawing of a circle for top view, line for side view -- but the idea is now the frisbee.
Effectively communicating ideas in any kind of meaningful, meaty way is incredibly hard. This is part of why demos are so useful.
To sell an idea you must effectively communicate it. People sell ideas all the time, though perhaps not in the sense you mean. For example, people trying to get funding for a movie routinely have to sell the idea. This is where you get expressions like "it's Uber for X." This is an attempt at getting across a density of information succinctly.
Effectively conveying a dense amount of information in a small package is an art form in its own right. People often pay to have that done or to get help with it. It's a very separate skill from seeing a solution in context because of having done work that exposed you to certain experiences.
But if the project solve a problem away from you, try to think the best channel through which sponsor your project. You study your competitor and find which channel they use because it's better choose a different channel.
I also wrote a post about my experience launching Indie Hackers itself: https://www.indiehackers.com/blog/launching-to-300000-pagevi...
To answer your question more directly, I think it really depends on what you're building! If your project does a good job appealing to a niche and, ideally, solving a prickly pain point of theres, that makes it easier. The next step is to find places where those people hang out online, and then learn the rules of those communities so you can respectfully introduce what you've built.
Also it depends on which kind of project is that, are you targeting specific people? Can you tell a bit more about it?
Depends. Since the whole point of these systems seems to be precisely to filter your needs through those silos, so they can feed you 'content' and stuff, there'd have to be some compelling use case for an open-source alternative.
There are a number of sites dedicated to aggregating making data openly available on github (https://github.com/caesar0301/awesome-public-datasets), but projects such as Academic Torrents (http://academictorrents.com/) and Dat (http://dat-data.com/) are also making strides in openly sharing data.
Scaling is probably the biggest issue that you've pointed out, but efforts like BIONIC (http://boinc.berkeley.edu/) allow community members to donate their computing power to projects that they wish to support. Ethereum (https://www.ethereum.org/) also has potential in this area, but given that the network is mostly centered around distributed consensus, it would be more efficient to use a normal computer in this area.
One case I thought Riak can be a good choice for is for quick prototyping / interacting directly from web clients (as it has neat http API).
6:00 am - wakeup 6:10 am - jog 6:30 am - nutritious breakfast including fruit, carbs, protein and water 7:00 am - shower 7:30 am - coffee (limited) and classical music 8:00 am - review learning list and choose focus 8:30 am - focus and learn 10:00 am - stretching, situps, pushups followed by water 10:15 am - focus and learn 11:45 am - evaluate learning, update learning list noon - nutritious lunch (limited) with water 12:30 pm - bike ride 1:00 pm - review learning list and choose focus 1:30 pm - focus and learn 3:00 pm - weightlifting followed by water 3:30 pm - focus and learn 5:00 pm - evaluate learning, update learning list 5:30 pm - dinner (limited) 6:00 pm - your time 9:00 pm - bedtime
Wake up with the Sun.
Internet 1 hour, or other activity that will warm up your brain. (~8:30 am in the summer)
Learn, 2-3 hours for real, maximum 4 hours for the whole activity.
Gym 1 hour.
Eat, before 18:00 ideally, before 19:00 in practice. Food will keep you awake during the night and you won't be able to wake up with the Sun!
Sleep (~23:00, ~8 hours). You have to choose your bed time depending on when the Sun rises.
Source: 5 years of searching for this + 2 years of doing this, without being paid :|
1. meta learning
2. learning from multi perspectives
Ask yourself, "why are you learning this?", "what pre-knowledge I need to learn this material?", "Is there anyway to learn this faster?", "Why am I getting stuck on this?", "Do i need to update a previous assumption?". Metacognition, or the awareness of own thinking, is a very powerful method to improve thinking skill on any domain.
Use The Feynman Technique. The idea is any jargon used in particular domain can expressed with more common day to day words. This not the same as using analogy, avoid analogies. In feynman technique you are thinking below the word, using more simpler word to describe things. Once you have understood an idea, then subscribe to the jargon for that idea.Another way is to build a semantic tree of the things you learn, essentially build a huge graph where ideas are connected. Dont make disconnected clusters of ideas.
You can learn as much as you want but there is no point if you remember nothing.Use a mind map, reorganize according to your work. Just because a book has its own index, doesnt mean you can't reorganize the information according to your thoughts.Bookmark high quality links and resource, ditch meager resouces/links.Write code, practice what you have learned!Teach others! Teaching is the most effective retention method, because it challenges your own understanding.
Edit:Your prove of learning can be shown using everything you use to retain the knowledge.
I would try the following:
- 8-9 hours of sleep per day;
- 1 hour of some physical activity everyday;
- 7/8 meals through out the day (3-to-3 hours interval);
- 8 pomodoro sprints per day.Each pomodoro sprint as a 45 minutes focus session. While studying focus on the process not the result. This reduces anxiety;
- at the end of every day: make a brief self-assessment session, writing a paragraph about what you have accomplished. Now the focus is on the result.
- use Rescue Time to track what you do, be aware of the distractions and try to limit them;
- do not work on Sundays. Work on Saturdays as a regular day.
Find what techniques work for you - keep on trying different methods.GTD by Pomodoro or Task TrackingLearn by reading, videos, doing, instructing othersVary intensity: some days are 10 hours of studying, while some are dreaming days
I would LOVE to be able to spend more time learning - I have a website about NoSQL that I want to train on BigData, but I am always too busy working
- find good resources to work with, or at least to give regular input so I don't end up wandering off into the weeds
- try to take it as far as I can, until its obviously going to fail
- start with another
Josh Waitzkin has some good coverage in his book The Art of Learning.
How to Solve it by Polya has some good strategies on how to solve math problems that are applicable to broader problems and learning.
Thinking as a Science by Henry Hazlitt covers a broad approach to learning anything.
I would probably read these books and try to find a few others to really get my mind in a state where it needs to be to learn.
So probably: Plagiarize a bunch of stuff, sign up with a bunch of names/get unemployed crusty friends to make class presentations, and milk it for money as long as possible.
I would try to have 1:1 (paid) consulting sessions with established experts in the field. Huge insights and breakthroughs come from individual conversations.
Of course, you should document things when appropriate, and your code should be good, clean, and maintainable. It's what they're paying you for.
I like to document anything the client will have at some point to touch.Deployment and configuration must be documented.
There are two different things to consider: - Your client beeing able to deploy or use what you give them. - Your client beeing able to modify or add features to the existing code.
Always do the first one. I always discuss this kind of things before starting a project with the client. And everything discussed is mentioned inside the contract.
He goes into great detail about how the Proto-Germanic languages evolved via sound changes (e.g. Grimm's law).
Also see https://en.wikipedia.org/wiki/Grimm%27s_law
e.g.: "Haemorrhage" vs. "Hemorrhage" etc
In 2003, the first parts were added, bpf write filters and descriptor locking, this considerably limits the scope of access to bpf writers and byte packet parsers.
By 2004, initial privilege separation support was already committed to tcpdump(1) by Can E. Acar and Otto Moerbeek.
With the introduction of pledge in 2015; the privilege separation work had been further refined, with the packet parser limited to now just stdio operations, unable to read/write files or open network connections.
So, tcpdump is a fine network security analysis tool.. on OpenBSD today.
As an alternative, just open a raw socket directly (or use any of the ringbuffer-ish alternatives - look at what tcpdump=libpcap does for your OS). Working directly with raw sockets can make perfect sense, but you may still want to use libpcap to compile your BPF (i.e. traffic filters).
When I used Solaris, I used "snoop" which is now open source through illumos.
I misread the question as implying that it was not open source.
If you really want diversity in the startup ecosystem, simply fund and hire minorities...and stop merely talking about it. Seriously, stop moving your lips and just hire some people. We're everywhere. And we're very good.
Find a way to help funnel some of that Silicon Valley investment money over to other countries. Whether that is your own money or other funds. Also politically - make other countries create a good startup environment. One thing that springs to mind is the tax treatment of startups should be special.
Good luck to you!
Although this is more or less the only way, it might not be practical. I'm not security expect and do not have the resources to do the above, but I take various precautions when traveling:
* Make use of a Cellular Data Plan.
* Make use of VPN (Roll your own, or have a look at the VPN Comparison Chart https://news.ycombinator.com/item?id=11294064)
* Do not keep devices unattended. Especially not in a hotel room.
* Use 2FA and other standard security practices (firewall, identify phishing, have most recent updates installed).
My company is B2B SaaS and will be applying despite this caution that other's have raised. While we're always iterating & investigating to find distribution channels for our marketing & product, I wouldn't say we've found anything truly innovative. Just grinding on execution.
I certainly do find myself "skimming" code in larger code bases but then I'm also not speed-reading but simply looking at the visual structure (which is where consistent formatting matters) and looking at words in fixed locations (e.g. names in function definitions).
When you actually have to read code (rather than just skim it by looking at structure and words in fixed locations) that usually means you need to focus and carefully follow each expression -- the bottleneck in this case is comprehension, not reading speed (unless you have to keep track of each character, such as when dealing with short and confusing variable names or intentionally obfuscated code).
I was subvocalizing things to remember to do before learning to use task tracking software for that.
You might want to benchmark yourself e.g. with http://www.readingsoft.com/ (I ranked 398 wpm and I know my bottleneck is eye movements)
Also I think code reading speed is only a part of a larger process (e.g. code review or making a fix). For both of these external tools are available making reading speed not as important (iterative development / unit tests for fixing + static code analysis tools for reviews)
If he was concerned about that he should have moved his car to a place on his property where this could not occur.
If he did not tell you that was a concern before you started, and especially if he parked the car there and told you to clean it there, I don't see how he has a case.
I would check to see if he's done this kind of thing before (and I'd be surprised if he hasn't) because that is evidence that he purposely set you up. If he has bring those records to court with you there's a good chance a judge would toss his case.
Work to turn an instance of conflict, into a collaboration. Take the emotion out of the conversation. But do try to talk this out first.
On this subject, Stuart Diamond is brilliant > https://vimeo.com/43817099
And now, in the future, you know to put down a tarp or whatever to keep this from happening.
One can of white spray paint.
Unnecessary death, disease, and war are also at a low point for human history.
Just because there are existential threats doesn't mean the systems are failing.
If you're an Emacs user, org-mode is very powerful and quite useful as well. It's what I would be using, if I actually had a computer with me everywhere I go that could run it. http://orgmode.org/
If you aren't an emacs user, or are looking for an alternative, Taskwarrior is a quite popular CLI todo list management app, which has a similar (although not as extensive: org is frankly massive) featureset. It has a companion, Timewarrior, which is designed for tracking time and displaying reports. IIRC, this is an org feature as well. Both have significantly better mobile support than Org, so take that as you will. Either way, if you are going to support mobile, you have need to host the files yourself, or use dropbox. https://taskwarrior.org/
Pomodoro and GTD are both popular methodologies, which you can look into if you're interested in that sort of thing (I'm not, but I've heard good things about them both from people who are). They are applicable to just about any tool, including any of the above (yes, that means pencil and paper).
But ultimately, the only wrong way to organize yourself is one that doesn't work for you. So if anything I've listed works, and you want to use it, do. If it doesn't work, throw it away.
It doesn't matter what tools you use, just so long as they help you Get Shit Done (TM).
Zim is quite flexible as in it can be used as a wiki or a to-do list. Bonus points for allowing nesting of tasks. I sync between laptops using Dropbox. I doubt it has a mobile option. This is the option closest to a notebook.
Zim or physical notebook, The most difficult thing is that we have to use the tool diligently to reap the benefits. One can often let the practice slide due to time/work pressure. If done properly, you realize how much of your cognitive processes are actually devoted to just remembering the list of things to do
* Putting todo list items on the same system.
* Making it a habit. Discipline and consistency are areas I'm always trying to work on personally (these will cause my end). The few times I was consistent, I just demolished whatever I was trying to do and felt like a 20GW laser pulverizing a problem.
Outlook has my calendar (very MS heavy corporate environment) so it displays every task, meeting, appointment easily. Mails that come in get put away (ok, not great with the zero-inbox thing, but I try).
In emacs I have a "daily activity log", it's the second thing I open each day. I create an entry for the day, tagging it with the project(s) I'm working on (these get added through the day as things come up, or at the start if I know it's on my agenda). I usually know what I'll work on that day so I'll create an entry for it, and open the linked org file for the project itself. So an entry might look like:
** <<2016-09-23>> :foo: *** TODO [[file:foo.org][foo]] [0/2] - [ ] Deal with PR-128 - [ ] Build and install image
Those bulleted tasks are what I intend to work on that day. If they don't get checked off, I can't mark the project's work as DONE, and I'll refile them later. I should probably automate this somehow, perhaps collect all incomplete tasks at the top of the log file for easier refiling. Presently `C-c / t` does the trick for finding them. foo.org will have a more detailed description of what I'm doing, possibly linking to other things. The bullets vary in detail by the end of the day, and may have several sub-bullets and links. Sometimes project boundaries are fuzzy, I just pick something or create more levels:
*** TODO Related projects **** TODO foo **** TODO bar
For higher level "management" of longer-term and recurring tasks I also use taskwarrior.
You can tag and add contexts arbitrarily.
Some Project.todo - my task #foo @due(2017-01-01) @blocked - another
here's productivity forum on setups people use (it's in Russian so you'll have to pipe it through google translate but instrument names are in english + screenshots kinda self-explanatory)http://forum.mnogosdelal.ru/viewforum.php?f=7&sid=28fdcb21c9...
If you have Jira or other task/bug system you can also use that.
I personally think a TODO.txt file is easier than both.
A nice paper sketch book is also good, but if you lose it, your out of luck.
I don't feel like I fully understand what's going to happen. So I'd definitely feel more assured if we went for a probationary period as suggested here https://www.lawfareblog.com/icann-and-iana-transition-procee...
 is it?
Do I trust somebody like the UN? Absolutely not. Do I trust a "Global Multistakeholder Community" to not become the UN? No.
So the US running ICANN seems to me to be likely to end up less badly than having somebody multinational run it.