Quantum Gardener - Cultivating the possibility of life

Why we like things

January 12, 2012 David C. Buchan 2 comments

I’m a couple of chapters into “Start with Why” by Simon Sinek and he’s already solved a problem I’ve been pondering. Well, not so much pondering as noting with curiosity. That is, why I love my new Macbook Pro.

For years I’ve been a user of PC’s. Until July last year I’d never used a Macintosh ‘in anger’ and the last time I sat at one was in the mid-80′s. My path ‘to the white’ as it’s called was via a product called Omnifocus and what it did for my Getting Things Done approach on the iPhone and iPad. I didn’t buy a Macbook Pro because I was an Apple convert. I bought it because it ran Omnifocus. Sometimes that’s why buying decisions are made.

Six months on and I will tell you I like the Macintosh better than a PC but I won’t say it’s because of technical superiority, speed, form factor etc. That would be like so many futile ‘us-v-them’ arguments that have gone before. I like the Macintosh better “because it works with me, not against me.” I’m still a PC user. The image management software I use runs on Windows only.

Which is better? Black or white?

[Black vs White Kitten Hosted by Imbecile Entertainment]

Back to Simon Sinek. His suggestion is I like my laptop better because it fits my idea of what a computer should be. That it could be worse than a PC is immaterial. Chrome is what I think a browser should. My iPhone is what I think a PDA should be. That red wine fits my idea of what a red wine should be. Carlsberg beer…and so on.

Keeping this attitude in mind breeds tolerance. Thanks to Simon I have some concise words to share it with.

Inspiration and motivation ambient intimacy, comparison, macbook, Macintosh, PC, Simon Sinek, Start with Why

Map of our backup configuration

January 4, 2012 David C. Buchan No comments

Are you backing up your computers regularly enough? I was discussing this with my father and father-in-law a few days ago and we realised that even if we were, somebody else needed to know what was where. You never know what can happen.

This prompted me to create a concept map of the backup configuration running in our house. At first glance it looks confusing. Start with the orange rectangles and work your way from there. People with more money and better upload speeds than us could certainly suggest other options. This structure however is the current optimal balance of need (more important information is backed up more regularly and in more places), cost of backup resources and time.

Using technology backup, data, data protection, map

Excellent resource for understanding iTunes Match

December 15, 2011 David C. Buchan No comments

Reports are coming in that iTunes Match has become available in Australia; though once signed up, nothing much is happening. For those who don’t know, iTunes Match shifts the primary storage of your iTunes music from your home computer to the cloud so that it can be available and synced across all your iTunes devices. I think it’s a good idea and a big step forward, simply for the time it will save. A great introduction to the service is found in the Mac Power Users iTunes Match podcast. Though Mac based, there is nothing here that doesn’t apply to Windows users as well.

Using technology cloud, iCloud, iTunes, iTunes match, mac, mac power users, windows

2-minute iPhone

October 7, 2011 David C. Buchan No comments

My iPhone makes it easy to live the GTD 2-minute rule because there are many things it can do quickly when I’m not at my desk — including this post.

Using technology none

Practical and secure backups

September 16, 2011 David C. Buchan No comments

There are two types of people in the world. Those who have had critical hard drive failure and those who are yet to. Backups are important. Imagine the pain of explaining to a child why there are not photos of them before they were five years old simply because you didn’t have a backup strategy in place. Or losing a client because you lost their files.

My current backup strategy balances convenience, security and duplication. It has both onsite and offsite components.

Securing access

My 13" MacBook Pro is secured using a long and secure password and an encrypted hard drive. All offsite backups are likewise secured. You can get the files but do nothing with them.

Time Machine and Carbon Copy Cloner

Time Machine runs hourly to an external USB drive connected to a Airport Extreme. This drive is not encrypted. I also clone once a day to an external USB drive connected directly to my MacBook using Carbon Copy Cloner (CCC). This provides a bootable option in case of internal hard drive failure. It’s not encrypted either because I’ve had problems with the encrypted drive being mounted and unmounted properly in Mac OS Lion. I tried SuperDuper! as an alternative to CCC but find it too hard to trust software which overstates the amount it has backed up. Reporting 330GB when I have 250GB of data is not comforting.

Sparsebundles

Mac OS allows you to create a special type of file called a sparsebundle. It is a single file on the hard drive which can be mounted to behave like an additional drive. An advantage of sparsebundles is the ability to encrypt them. To mount the drive and access its contents you need a password. All critically secure files can be placed in the sparsebundle.

After a month I decided this wasn’t the solution for me. There were two reasons.

Time Machine is not guaranteed to back up a mounted sparsebundle with integrity. In other words, although the backup would appear to work it may not have. It’s not practical to unmount the sparsebundle for each hourly Time Machine backup.
To restore a file from Time Machine that exists in the sparsebundle you need to restore the whole sparsebundle. 15GB for a 250mb file is a waste of time.

What to do? Not fully practical for day-to-day usage, but perfect for security.

Sparsebundles when needed

I have encrypted the main internal drive of my laptop and move all critcal files out of the sparsebundle. Now they get picked up by Time Machine and CCC as needed. Access to backups is quick.

Then, every day or so I run a shell script to:

Mount an encrypted sparsebundle called Lockbox.
Copy all necessary files to it i.e., those which are critical and I can’t afford to lose in any circumstances.
Unmount the encrypted sparsebundle.
Copy Lockbox to a 32GB USB drive. This is an encrypted file. You can’t do anything with it.
Copy Lockbox to the PC in the house. The advantage here is it now gets incorporated into the PC’s backup as well.

Staging backups

To have all this run smoothly I’ve made some changes to the default storage on my system. The majority of my files are stored and organsied within PersonalBrain. Almost nothing, outside of application support files and a few temporary use files exists outside of my PersonaBrain database. With 11,000+ thoughts in it, you can only imagine how critical this is to my operations.

PersonalBrain is stored in the root of my home directory. That is ~/PersonalBrain.

The other application I use is Bento. It has likewise been moved to the root of my home directory. To do this I had to create a symbolic link (see Bento Data on Multiple Machines for instructions).

I have also created a directory called Transient Backups. It’s used for the temporary backup files created by applications. I need a backup but not forever. 1Password, Omnifocus and TextExpander have all had their Preferences modified to move their default backup locations to this directory. Hazel runs on the Omnifocus files to keep them no more than two weeks old.

Transient Backups also stores PersonalBrain BrainZips, Bento exports, Address Book exports and my mail archive as created by Mail Steward App (I copy to this database, keeping all mail in Mail.app and gmail).

With this configuration Time Machine pick up all application data, plus transient backups made from time to time.

To the vault

The Lockbox file is kept in ~/Vaults. This directory is excluded from Time Machine’s backup.

A shell script (included below and based on Encrypted Remote Backups with Sparse Bundles) uses rsync to copy PersonalBrain, Bento and the Transient Backup directory into the Lockbox. After the first copy, rsync only copies what is changed and this speeds up the process.

To the USB and network

The same script then copies the Lockbox sparsebundle to a USB stick and network location. Again rsync is used. The internal structure of a sparsebundle consists of many 8mb files. rsync copies only those which have changed.

The script

I have saved this script in ~/Documents. To run it I open a Terminal window and kick it off with the backup option.

#!/bin/sh
# 
# sparse_backup.sh
# 
# Encrypted remote backup using Mac OS X Sparsebundle Disk Images
# bubbaATbubba.org
# 
 
VOLUMENAME="Lockbox"
BASEPATH="/Users/DCB/";
IMAGEFILE="${BASEPATH}/Vaults/Lockbox.sparsebundle";
LOCALHOST="Lancelot"
REMOTEHOST="Guinevere"
REMOTEUSER="David Buchan"
REMOTEDIR="/home/backupuser/backup/remote"
LOGFILE="/tmp/backup.log"
EXCLUDEFILE="/Users/DCB/rsync.excludes"
USB="DeathStar"
 
RET=0;
 
# local rsync commands to sync local mac files w/ mounted sparsebundle
# 
backup_local()
{
        DATE=`date`
        echo "Local rsync starting: ${DATE}" 2>&1 >> ${LOGFILE}
        echo "Local rsync starting: ${DATE}" 2>&1
        #### CHANGE EVERYTHING BELOW HERE ####
        echo "..PersonalBrain" 2>&1
        rsync -avE --delete ${BASEPATH}/PersonalBrain /Volumes/Lockbox/ 2>&1 >> ${LOGFILE}
        echo "..Bento" 2>&1
        rsync -avE --delete ${BASEPATH}/Bento /Volumes/Lockbox/ 2>&1 >> ${LOGFILE}
        echo "..Transient Backups" 2>&1
        rsync -avE --delete ${BASEPATH}/Transient\ Backups /Volumes/Lockbox/ 2>&1 >> ${LOGFILE}
        ##mkdir -p /Volumes/${VOLUMENAME}/${HOSTNAME} 2>&1 >> ${LOGFILE}
        # v to q to make quiet
        ##rsync -var --exclude-from=${EXCLUDEFILE} --delete /Users/user /Volumes/${VOLUMENAME}/${HOSTNAME} 2>&1 >> ${LOGFILE}
        #### STOP WITH YOUR CHANGES ####
        DATE=`date`
        echo "Local rsync ending: ${DATE}" 2>&1 >> ${LOGFILE}
        echo "Local rsync ending: ${DATE}" 2>&1
}
 
# rsync the sparsebundle to usb
backup_usb()
{
        # Uncomment this if you're using the alternative method mentioned in the documentation.  
        # return 1
        if [ -d "/Volumes/${USB}" ]; then
                DATE=`date`
                echo "USB rsync starting: ${DATE}" 2>&1 >> ${LOGFILE}
                echo "USB rsync starting: ${DATE}" 2>&1
                rsync -avE --delete ${BASEPATH}/Vaults/Lockbox.sparsebundle /Volumes/${USB}/ 2>&1 >> ${LOGFILE}
                #rsync -e ssh -var --delete ${IMAGEFILE} ${REMOTEUSER}@${REMOTEHOST}:"${REMOTEDIR}" 2>&1 >> ${LOGFILE}
                DATE=`date`
                echo "USB rsync ending: ${DATE}" 2>&1 >> ${LOGFILE}
                echo "USB rsync ending: ${DATE}" 2>&1
        else
                echo "/Volumes/${USB} not found...skipping"
                RET-1;
        fi
}
 
 
 
# rsync the sparsebundle offsite
backup_offsite()
{
        # Uncomment this if you're using the alternative method mentioned in the documentation.  
        # return 1
        if [ -d "/Volumes/Vaults" ]; then
                DATE=`date`
                echo "Offsite rsync starting: ${DATE}" 2>&1 >> ${LOGFILE}
                echo "Offsite rsync starting: ${DATE}" 2>&1
                rsync -avO --exclude '.DS_Store' --delete ~/Vaults/ /Volumes/Vaults/ 2>&1 >> ${LOGFILE}
                #rsync -e ssh -var --delete ${IMAGEFILE} ${REMOTEUSER}@${REMOTEHOST}:"${REMOTEDIR}" 2>&1 >> ${LOGFILE}
                DATE=`date`
                echo "Offsite rsync ending: ${DATE}" 2>&1 >> ${LOGFILE}
                echo "Offsite rsync ending: ${DATE}" 2>&1
        else
                RET=1;
        fi
}
 
# function to umount sparseimage
unmount_sparse()
{
 
        echo "Attempting to dismount ${IMAGEFILE}" 2>&1
        if [ ! -d "/Volumes/${VOLUMENAME}" ]; then
                #echo "Volume /Volumes/${VOLUMENAME} not mounted"
                RET=1;
        else
                sleep 10
                /usr/bin/hdiutil unmount "/Volumes/${VOLUMENAME}" 2>&1 >> ${LOGFILE}
                if [ -d "/Volumes/${VOLUMENAME}" ]; then
                         echo "Unable to unmount volume /Volumes/${VOLUMENAME}"
                         RET=1;
                fi
        fi
}
 
# function to mount sparseimage
mount_sparse()
{
        echo "Attempting to mount ${IMAGEFILE}" 2>&1
        if [ ! -d "/Volumes/${VOLUMENAME}" ]; then
                open -W ${IMAGEFILE} 2>&1 >> ${LOGFILE}
                if [ ! -d "/Volumes/${VOLUMENAME}" ]; then
                        echo "Unable to attach ${IMAGEFILE} / unable to mount /Volumes/${VOLUMENAME}."
                        RET=1;
                fi
        fi
}
 
getpid()
{
        PID=`ps -axwww | grep rsync | grep ${IMAGEFILE} | grep -v grep | awk '{print $1}'`
        if [ ${PID}0 -ne 0 ]; then
                echo "$0 already running (PID ${PID}); Exiting."
                exit 1;
        fi
}
 
case "$1" in
  mount)
        getpid
        mount_sparse
        exit $RET;
        ;;
  unmount)
        unmount_sparse
        exit $RET;
        ;;
  backup)
        getpid
        mount_sparse
        if [ "$RET" = "0" ]; then
                # do backup stuff here
                backup_local
                unmount_sparse
                if [ "$RET" = "0" ]; then
                        backup_usb
                        backup_offsite
 
                else
                        exit $RET;
                fi
        else
                exit $RET;
        fi
        ;;
  offsite)
        backup_offsite
        ;;
  *)
        echo "Usage: $0 {mount|unmount|backup|offsite}"
        exit 1;
        ;;
esac

Using technology 1password, backup, bento, carbon copy cloner, ccc, macbook, PersonalBrain, sparsebundle, super duper, time machine

Secure passwords at the roll of a dice

September 13, 2011 David C. Buchan No comments

I needed a password eight characters long so I picked Snow White and the Seven Dwarves.

This was the joke that gave comedian Nick Helm the award for best joke at the 2011 Edinburgh Fringe Festival. It may also be the best advice you hear all year. The last twelve months has seen an increase in public reporting of major security breaches and identity theft. To be effective a password has to be easy to remember without being written down yet complex enough that it can’t be easily guessed or cracked by a hacker.

Common password problems

A good password should be:

Known only to you
Long enough to be secure
Hard to guess – even by someone who knows you well
Easy for you to remember
Easy for you to type accurately

I’m not even going to list all the common problems with the passwords most people use. How often have you broken the rules above? As far as I’m concerned, if a password is not 20 characters or more long, then it is too short. You can easily remember passwords this long, and longer, if you know how.

Diceware to the rescue

Any password that I need to remember is created using Diceware. It uses regular six-sided dice to generate a five-digit number which is then looked up on the Diceware wordlist. I use MotionX Dice on my iPhone to roll the dice.

Here’s a sample I’ve just generated for a six word password (or passphrase).

Roll 1: 42513
Roll 2: 64522
Roll 3: 62135
Roll 4: 42415
Roll 5: 35636
Roll 6: 62116

And by looking these numbers up in the Diceware wordlist gives:

Roll 1: 42513 moist
Roll 2: 64522 wyeth
Roll 3: 62135 tuff
Roll 4: 42415 miss
Roll 5: 35636 laity
Roll 6: 62116 tt

My new passphrase is moistwyethtuffmisslaitytt which I’m sure you will agree is complex yet memorable. There are only six words to remember and for most people that should be a piece of cake. It’s 25 characters long and meets criteria 2–4 above. Keeping it secret is up to you. A good typist will get this out in less than 5 seconds.

The excellent Diceware FAQ will provide all the detail you need for an in-depth understanding should you want to read further.

A password for all seasons

I only use Diceware for the four passwords I have to remember. They are:

Laptop login
Laptop administrator user login
Password storage application login (more on this below)
Encrypted file access

In all other cases I have no idea what my passwords are, conveniently avoiding the “1. Known only to you” criteria. The trick is to use a password storage application such as 1Password or eWallet. I use 1Password now because it integrates across the Mac, Windows and iPhone platforms. Before owning a Mac I used eWallet.

These applications (and others like them) store my passwords in a 256-bit AES encrypted file. That’s strong enough to defeat anyone at this point in time. The content of the file is accessed via a master password which is generated using diceware for length and memorability.

Then, the sofware is used to generate completely random passwords for all the websites I access. 1Password will even enter my username and password on login screens. I never see them.

Back to Snow White

Nick Helm’s password of Snow White and the Seven Dwarfs is plenty long enough for our purposes at snowwhitebashfuldocdopeygrumpyhappysleepysneezy. Likewise Santa’s reindeer with prancerdancerdonnerblitzendashervixencommetcupidrudolph. I would recommend against using them as passwords because they are common. Use them instead to help you understand why diceware passwords are a much better solution than anything you’re using now. Then, get yourself some software to help.

One more thing

This year, when we move into daylight savings I’ll be implementing a new idea for the first time. In addition to changing clocks and smoke alarm batteries I’ll also be changing my four major passwords. You should too.

Using technology diceware, password, security

Review of The Invisible Gorilla

September 6, 2011 David C. Buchan No comments

I’ve just posted a review of The Invisible Gorilla titled Gorilla Delegation over on The Buchan Institute site.

Self improvement 50-book-challenge, book review

The MailChimp Unsubscribe Double-Bluff

September 6, 2011 David C. Buchan 2 comments

Or, how to create your own site-hosted unsubscribe form using the Gravity Forms MailChimp Add-in.

A technical post today, showing how I implemented this on The Buchan Institute’s website.

MailChimp’s basic visual editor forms can be nicely formatted to look like most of your site, and have custom redirects for success pages. If however, like me, you have a single instance where you want to customise the emails based on a subscriber’s source (offer a freebie download), then you have to use the advanced forms. Sadly these are basic, ugly forms that won’t look anything like your site without a lot of work. Even then they will be mostly static.

In most cases, you can get away with a simple HTML redirect to your own page such as the one on my signup thank-you page.

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<html>
<head>
<title>Thank You Redirect</title>
<meta http-equiv="REFRESH" content="0;url=http://buchaninstitute.com.au/thank-you-for-signing-up/"></HEAD>
<BODY style="background:#ede9e4 url(http://buchaninstitute.com.au/wp/wp-content/arjuna-x/images/bg/gradient_khaki.png) repeat-x 0 0;">
</BODY>
</HTML>

When the subscribe confirmation link in an email is clicked, it goes to this page which immediately redirects back to a prettier version on my site.

But if you need some interaction, such as with the unsubscribe form, it’s trickier. Here’s my solution. I hope it helps others, or even better still, prompts a superior solution. It assumes you are creating forms in advanced mode within MailChimp.

Step 1: Get a a sample unsubscribe link for your list.

I got mine from a test campaign email for one of my test users. Take a copy when the email arrives. It looks like this.

http://buchaninstitute.us2.list-manage.com/unsubscribe?u=XXXXXXXXXXXXXXXXXXX&id=YYYYYYYYYYYYYY&e=&c=ZZZZZZZZZZZZZZZ

The XXXXXX…, YYYYYY… and ZZZZZZ… strings have been stripped out so you don’t have access to my list. The first two are constant for a list and we’ll take advantage of that later. The last (ZZZZZZ…) is unique to a subscriber and this is why you can’t just call an unsubscribe link on MailChimp. You need this number matched to its email.

Step 2. Replace the unsubscribe form with a javascript redirect to a page on your site.

This time you need javascript to capture the query parameters needed to identify the user to unsubscribe. When a user clicks unsubscribe in their email, they are directed to MailChimp. We want to redirect back to our site, passing through the query parameters containing the ‘c’ identifier.

This code has been inserted on my MailChimp unsubscribe form.

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<html>
<head><script type="text/javascript">
<!--
window.location = "http://buchaninstitute.com.au/unsubscribe/?" + window.location.search.substring(1);
//-->
</script>
</head>
<BODY></BODY>
</html>

Point the first part of the window.location string to your unsubscribe page (to be created). Here it is the http://buchaninstitute.com.au/unsubscribe.

Step 3: Create your unsubscribe form

This is my basic form layout.

‘Email address’ is obviously a required field. ‘MailChimp-c’ is a hidden field set to take the ‘c’ parameter from the unsubscribe redirect above.

With this in place, we now finish the form. When submitted, it needs to go back to mail chimp.

Again, I’ve hidden my codes. You will need to insert them for your list. You may also find it’s {MailChimp-2} in your case. I had an earlier field in there during testing which bumped the number up. Importantly, ensure you have the trailing ‘/post’ in the URL or you will loop back to your own unsubscribe page (experience talking).

Step 4: Attach your form to your unsubscribe page

This is basic Gravity Forms stuff so I’m going to assume you can do this.

Step 5: Picking up the pieces

The unsubscribe confirmation email will link back to the MailChimp form. All you need to do here is edit it to point to your unsubscribe form instead.

Closing comments

MailChimp is ever evolving and hopefully it will improve this in the future. Until then, this is the solution I’m going with. It should also be transferable to the ‘Update Profile Form’. Here I want to do the same but hide the field I use to track a subscriber’s source.

Using technology add-in, form, forms, gravity forms, mailchimp, plug-in, subscriber

How I Use Thought Types in PersonalBrain

August 12, 2011 David C. Buchan No comments

Have just added the first in a series of articles on my use of PersonalBrain. Here is the first on Thought Types.