Scott Young recently profiled Ben Franklin and Van Gogh as people who used copying to learn writing and painting, respectively.

He points out that by devaluing copying in creative achievement, we also throw out its value in learning fundamental techniques.

I've seen this in action watching so many people improve their programming skills at the Recurse Center. Copying existing paradigms and software is an speedy way to quickly and thoroughly understand new architectures and techniques.

For instance, building a to-do list app can be your first mobile app. Cloning Requests teaches you about structuring an API. When I attended, I'd heard that Python was bad at concurrency, so I built a deeply unreliable chat client to probe exactly how it breaks. It was ugly!

None of these are Original Ideas—chat apps have been around for decades—but all are incredible learning experiences. This was a great reminder to keep this learning tool in my back pocket.


Context

Today I ran an informal Lunch & Learn for my coworkers on the basics of getting a password manager set up. I intended for the session to be ten minutes of light lecture and the rest of the time to get set up—many people have always meant to set it up but never gotten around to it. People had a lot of questions, which was awesome, so I ended up talking for about a half hour.

In case you want to run one of these with your family or coworkers or book club or whatever, here is the outline of what I shared. Please note that I've read a bunch about security, so I'm neither an expert nor a n00b, and I'm assuming you're roughly the same. Some advice is non-obvious so make sure you have enough background knowledge to give correct info.

My general approach was to aggressively simplify my recommendations, provide time and support for installation, and leave room for lots of questions.

Setup

A goal is to have them walk out with the software installed and set up, so don't forget to ask people to bring their phone and computer to the session.

I started the session by asking people what they wanted to get out of it. There was a range: some didn't really know what password managers were but were curious. Others already were using them but wanted reassurance they were using them in the right way.

Providing Background

Since this session was voluntary, all attendees were already more motivated than average to attend. I included brief motivation anyway for two reasons: some might need an extra push if they hit a roadbump, and to give them tools convince others!

  1. The Stick: people are trying to hack you right now and this is one of the best things you can do for your security. I have 400+ logins and you probably do too! There's just no way I could do it on my own without reusing passwords. Plus, a little prevention up front is much easier than cleaning up identity theft later. People are also very motivated by stories of epic, tragic hackings like Mat Honan's. I know that strong passwords would not have helped him, but people find this story motivating—I think because it makes the threats tangible and real—so use it.

  2. The Carrot: you're going to love using it! I haven't typed out my credit card number or address in five years! The web is faster and easier to navigate! Never try to remember a password again!

  3. Key concept: (Pun intended.) The crucial idea to convey is that you have one really secure master password, and then it remembers all your other passwords. And this is very exciting because it means that you can make them totally random, all different, very long, and therefore very hard to crack! I showed them a sample password and the Password Generator feature here.

  4. Walkthrough: I then showed them what daily life looks like. I opened 1Password, showed them Logins and Notes (the only two sections I use regularly) and showed them what it looks like on the browser and how I'd use it to buy something. This section provoked lots of great questions!

People asked about my personal practices, and many questions gave nice lead-ins to discussing threat modeling. For instance, I use a much longer master password than I recommend for them because I am worried about online mobs and doxxing. I confessed that I literally used Diceware to choose my master password. Someone brought up that she'd seen Edward Snowden enter passwords with his coat over his head, so I got to talk about the threat model of nation states coming after you.

I like the frame of "what threats are you realistically at risk for" rather than "how paranoid are you feeling" for discussing security preferences. People routinely use the word "paranoid" to dismiss realistic security concerns, so I recommend steering clear of the word entirely.

Because people were interested, I also did a very brief detour into the math of password complexity: if you have a three-character password, each character can be A-Z, a-z, or 0-9, which is 62 characters. So there are 62 * 62 * 62 = 238,328 possibilities. That may sound like a lot, but your clunky old laptop computer can try all of those possibilities in literally seconds.

If you have a three-word password, that is essentially the same number of things to remember but is much harder to guess. Because for each word, you're choosing from a longer list: there are only 62 characters, but Diceware has a list of 76,000 words, and that gives us 438,976,000,000,000 possible three-word passwords. This would take about 2 million times longer to guess than our three-letter password, but is actually easier to remember.

Getting set up

There seem to be several main reasons why people never do this on their own: they don't know how to start, they are paralyzed by the options, and it 'seems like a lot of work.' Lets cut through all three in this section.

Day One: Most people think they need to move every password in right away, and to me that sounds super tiring.

Instead, have them install the software right now and then just go about their everyday life. Each time they log into a new site, the manager will offer to remember their existing passwords. Later they can go back and change weak ones. Some managers also allow you to bulk change weak or reused passwords, which is awesome!

Then try to get them to do these four things before they leave:

  1. Install a password manager. Cut down choices to jolt them out of decision paralysis. Give just two: 1Password is nicely designed, hasn't been hacked yet, and is great if you mostly use Macs, iPhone, and Android. LastPass is a little cheaper and runs on Mac and Windows, but I find the red design a little alarming. Much, much more detailed comparisons here. If they can't decide, just start with LastPass! I also went on a little rant to not be cheap about this—the security of your identity and personal information is worth much, much more than $36 or $12 a year.

  2. Install browser plugins as these are the tools that fill forms for you as you browse.

  3. Install the mobile app (this also lead to a discussion of border security, and sharing the surprising fact that in the US law enforcement can compel you to lock with your fingerprint but not with your passcode)

  4. Create a STRONG master password. It is CRITICAL that they know how important this is! It is the key to the rest of your accounts, which contain not just your identity and your money, but personal information about you and everyone you know and love. DO NOT FORGET TO EMPHASIZE THIS! You don't need to scare people but be crystal clear.

Creating a strong master password is so important that it's worth explaining in some depth. One thing to know is that combining whole words together can provide more security than combining characters together (see complexity sidenote above), if done properly.

If you must show that famous-but-misleading XKCD comic, please emphasize you can't just string together the first words you think of and make a secure password. This would be easy to guess because humans are actually extremely predictable! To give you a sense of what happens when people don't fully understand this concept, one attendee floated the password "my password is secure". Others thought about working in their birthdates or pet names, which is risky if they ever celebrate their birthday on Facebook or post their pets on Instagram. Longer is not stronger if the words are easy to guess!

Acknowledge that doing this right is a pain, but that's part of the tradeoff with password managers—we only need to grapple with one password, but it has to be a great one.

  • 1Password has a good guide to thinking of a strong, memorable master password.
  • Another strategy is to use the Password Generator in Word mode. It will then suggest passwords that are combinations of words that are truly randomly chosen, like "trustful dross sanctify memo", and then you can memorize that. As of 2017, people should use at least six words for their passwords. The faster computers get in the future, the longer your passwords should be.
  • You can literally recommend Diceware if you have the type of audience that would actually do it, but this is very rare. Use with extreme caution as it may discourage them from getting started or worse yet, make them feel like they're not the kind of person who would use a password manager.

I grabbed this book from the library because it's been so highly recommended, and because I've been enjoying the backlash to Busy Culture the last couple of years. I've been finding that my life feels much better when it's not packed to the gills and I can focus on only a couple of things that matter. Because I started that process years ago, many of the ideas here are ones I've seen elsewhere. I think if I'd read this five years ago it would have been a life-changer.

The ideas in this book are simple to articulate but not easy to implement: some tasks will have bigger results than others, so you should spend more time on them. Don't try to do everything at once, think of it as dominoes that fall one at a time—the first one should set you up for the second one. Multitasking is a lie. You should get enough sleep if you want your brain to work. Your purpose should inform the things you choose to work on. Focus means saying "no" (with the obligatory Steve Jobs reference).

The central question they pose is this: what's the ONE thing I can do such that by doing it, everything else will be easier or unnecessary? They suggest applying it to many different areas of your life: spiritual, physical, personal, relationships, job, business, and finances. So "For my physical health, what's the ONE Thing I can do to ensure that I exercise such that by doing it everything else will be easier or unnecessary?"

I wish they'd unpacked this question more, and included even a single example. It's not obvious in my work what is most important—there are many skill areas I could focus on. It also makes it seem like learning or skill development are the most important things, and Doing The Work is an afterthought, which is a little puzzling. The devil is in the details here and the book is very short on details. (This seems like a gap that Top Performer is meant to fill, since it helps you figure out what matters most for success in your field)

I did find it useful to get some reminders of these ideas, and leave these here as notes to myself:

  • Set your goal a little higher than you think you can get.
  • Start the day on uninterrupted time on your one thing, and then spend the rest of the day on everything else.
  • Clear a path to your timeblock—see if you are getting waylaid by distractions.
  • Other things will fall by the wayside and feel chaotic, and you will probably feel guilty about it. You might just have to be ok with this. (This is related to saying 'no' to things in order to do the one thing well). I struggle with this!
  • There is a difference between trying to do the best you can do and trying to do the best that can be done.

Bottom line: it's a quick read, so pick it up if your life feels full and cluttered, or if you don't currently have a regular planning session built into your week and month. It'll take you hours to read and years to implement the ideas.


We're doing a geospatial project at work, and Voronoi diagrams came up. I hadn't heard of them, so did a Google image search. To my surprise, it was beautiful!

I mean, would you look at that:

Google image search results for "voronoi"

Just gorgeous.

Sample Voronoi diagram
From Alex Beutel's blog, more on this in a minute.

So what are these? Each of the spots is a point of interest, like a store in a city. Every colored splotch on the map has the same closest store.

State capitals are important, right? What if the states were defined by the closest state capital?

U.S. map plot

There are a few interesting things that fall out of this simple rule. For instance, every point on each line segment the exact same distance from the two nearest capitals. As you move along it, you get closer to both capitals and then farther from both capitals, but it would be exactly the same to go to one or the other.

You also start seeing this pattern emerge in nature. Like when you put bubbles together, they settle down into a 3D Voronoi diagram, their membranes farthest from the "center" of each bubble:

Soap bubbles

You can also use all kinds of distance measurements. No need to stick to "crow flies" distances. Here's a Voronoi diagram using "Manhattan distance," which is basically how far you'd have to walk if you were a pedestrian in a city:

Want to see diagrams of points in motion? Check out the videos on Alex Beutel's website.

If you think this stuff is cool, check out all the examples and uses of it on Wikipedia!

UPDATE: Carlos Rey pointed me to this Voronoi Reese's cup!

from Reddit


WAIT! Come back! Hear me out. I found this great app that solves many of my money-managing problems like a DREAM, and I'm even finding that it's changing the way I think about how I spend my time. Check it out.

Money is hard

I'm pretty OK with money. I've read a couple books about it. I track things, I look at graphs, I spend less than I earn, I have a non-fancy apartment so that my biggest recurring cost is low. I even made a budget in a spreadsheet, and used actual average spending numbers and everything.

But I found that two things kept tripping me up. First, although I had great reports I could run at the end of the month, I never knew if I was ahead or behind at any given day.

So when I had a purchasing decision—buy that rad shirt in the window? Buy a round for my friends? Take the train late at night, including the 20-minute transfer, or spring for a cab?—I never knew which way to lean in the moment. It didn't help that my rent money sat around all month until the 25th, inflating my bank balance. It made me feel both power (look at that money) and looming dread (most of that money will go away soon).

The second problem is that my spending tends to be spiky, which I think is pretty normal. Christmas gifts. Surprising tax bills. Buying plane tickets and hotels for a vacation. So even if the graphs in a spendy month look pretty bad, did I save up enough in the boring months to cover it? Those months were confusing—I always felt like I'd probably be fine, but I could never really prove it.

One day I sat down and subtracted a year's spending from a year's earnings, and I was embarrassed to find that my savings rate[1] was much lower than I'd thought—and much lower than was in my spreadsheet plan.

I was in the middle of working out an elaborate system to solve these two problems—something involving recurring transfers for the month's discretionary money onto a debit card whose remaining balance would be a really simple pacing bar—when I flipped through the XOXO Slack #money channel, and ten people in a row had strongly recommended YNAB. I Googled around a little more, and person after person said it had changed their financial life. I cracked it open.

Y U Use YNAB?

It's a little hard to tell from the judgey name and salesy website, so here's the gist: it's a system for thinking about what's most important in your life and getting really clear on your priorities.

Oh, and by the way, it's also a money app. They're very clear that they're an education company first, which is awesome, as most of money managing is emotional, not logistical. They get it.

Once you get set up with your accounts connected and whatnot, the basic workflow is this: take your previous month's earnings and decide what categories you're going to spend them on. When you spend money, it gets taken out of that category. If you overspent in that category, no problem, just reassign unused dollars from another category. There's a mobile app you can use to check on the fly how much you have left in each category for the month.

So much awesome

I know that sounds dry and utterly expected. Here is why it feels so different from every other system I've tried:

  1. Money is a zero-sum game. If you spend more in one area it makes you actively pick where to spend less. No more willy-nilly "I don't usually spend a lot so this will probably even out, right?" jibber jabber.
  2. Dollars feel more precious, because I see what else I could be doing with them.
  3. You have to think about what's most important. Last month I couldn't fund every category I wanted to, so I had to make some hard decisions about what was most important and what could wait.
  4. I know exactly where I stand at any point in the month! No more wondering. Decisions get simpler (not easier, though).
  5. Planned spending doesn't look like reckless spending any more. Instead of a Net Income line in the red, I see my dollars safely waiting there to do their jobs until I need them.

It's all about making the abstract squishy things about money tangible and easier to reason about.

After a few weeks of using this, I'm actually excited to try spend less so that I can roll more into savings. I've literally never felt that way before.

Hours are basically dollars

I totally wasn't expecting this to change the way I see my calendar.

But think about it: time seems infinite, but it's not. Wait But Why lays this out really clearly when he draws every single day in a 90-year-old person's entire life on a single sheet of paper. He goes on:

Not counting Wait But Why research, I read about five books a year, so even though it feels like I’ll read an endless number of books in the future, I actually have to choose only 300 of all the books out there to read and accept that I’ll sign off for eternity without knowing what goes on in all the rest.

Yep.

So what about hours? After using YNAB for a bit, hours suddenly seem less squishy. We get exactly 24 of them every day. I can give them jobs, just like I give my dollars jobs, deciding to spend this one on family, that one on learning.

And if I fart around on the Internet, not only can I not spend that hour on the important things, but then it is gone forever. [2]

Check out YNAB and see what you think. I strongly recommend plugging in your actual numbers and trying it for a few weeks—most of this didn't hit me right away.


  1. I'm not paycheck-to-paycheck, but if you are, never fear—the app is mostly designed with you in mind. There's a big focus on building a cushion and getting out of credit card debt. ↩︎

  2. The furious writing of this post tonight is brought to you by that realization. ↩︎