NoShut.com

New Site

Wed, 25 May 2011 11:59:17 +0100

Howdy All, I've migrated to new blogging software. You can find the new site at noshut.com.

Pathfinder � A great game system with one major exception

Mon, 14 Mar 2011 13:43:13 +0100

Last night we played our first few hours of Pathfinder. Overall I really enjoyed it and it looks like a great system. Very similar to Dungeons and Dragons 3.5 but expanded and refined. I�m hoping Paizo continues on it�s current path with revision as necessary to keep the system balanced and entertaining and avoids the major-revision treadmill that so many manufacturers get on to generate new core rulebook money every five years. I haven�t spent enough time with it to develop more than one critique but it was a fairly major one, which I will elaborate on below.

The one major flaw we experienced was generating characters. It was not as accessible or bullet proof as it should be for a new player. I can see some players running for D&D 4.0 or some other streamlined system if they don�t have other people encouraging them to stick with it.

The core rulebook provides all the data you need, it�s just spread to and fro and there are so many options that character generation becomes crippled rather than empowering for a new player. Paizo provided a section stating that you should perform steps A, B and C in a particular order but once you dig in a bit deeper you find that when they say �Select your feats� that is about as much guidance as you are going to get in selecting them from the long list. I�m only using Feats as a example, this goes for everything from figuring out how much starting gold you get to selecting your equipment. You find yourself flipping from one end of the book to the other digesting large chunks of text in order to identify exactly what you should do or select.

Under D&D 3.5 in the Players Handbook if you looked at a character class it provided a starter build; something that gave you guidance as to how to quickly arm a new character, what skills and feats you needed and what basic supplies to purchase. With Pathfinder it�s green field � you know you have 6 skill points, 2 feats and light armor proficiency � go and pick out your stuff. The problem with that approach is it is daunting when presented with a massive list of options.

Accessibility is a huge part of success in a gaming system. In my opinion D&D 4.0 took it too far in that I think they removed much of the creativity and put people into a World of Warcraft �punch the button� mentality. In the opposite corner Pathfinder needs to include a jumpstart method in the next revision of the core rulebook or issue a intro supplement so that folks who don�t want to use software and are new have a guided path to entering the game. That one change would have dramatically changed our first experience (and probably shortened our first character generation time from 2.5 hours to 1 hour).

The good news is Pathfinder is clearly a loved system and there are various computer-based tools of different types available for those who want assistance.

Based around my Googling and experimenting today here are some of your options�

Full Character Management � Will give you guidance on what to do next while building or leveling a character:

PCGen � Free (Donate!) - Supports the Core Rulebook and Alpha versions of the Advanced Players Guide are available as of this writing.

Hero Lab - $30-$100 depending on modules - Supports a wide assortment of the Pathfinder modules and is pretty intuitive.

Character Sheet Generation � This assumes you already know how to build your character:

Venture Captain Online Generator � Core Rulebook based generation at this time.

Trove Tokens Character Sheet Generator - Includes the Advanced Players Guide characters.

Hero Forge Based Spreadsheets - A different way of approaching it through a Excel spreadsheet.

The Only Sheet - A second spreadsheet character generation spreadsheet.

I should include the disclaimer for the spreadsheet based solutions that I only took a quick look. After opening the files I decided that a 8 and 15MB spreadsheet wasn�t the way I wanted to manage characters.

Reference Guides:

Pathfinder System Reference Document Online.

Pathfinder Reference Documentation at Paizo�s website.

Paizo - The group who makes Pathfinder.

The one follow-on statement I will make is this: If you are new, stick with it. It�s appears to be a great system and my first impressions are very positive. If you are generating your first characters get the correct tools (PCGen and Hero Lab above both will do the job) or work with someone who understands how the classes work to guide you through the process.

Getting and Staying Organized

Sun, 16 Jan 2011 06:24:54 +0100

Over the last several years of corporate life I�ve worked in multiple groups where tracking time and managing tasks were critical in order to succeed. Someone asked me what my principles for time management were so I have outlined them below.

Alan's Key Concepts of a Organized Life:
1. Maintain one to-do list. Only one. If you must have more than one have a personal and work one, but no more.

2. Copy the to-do list manually every day to a new sheet of paper, prioritizing what needs to be accomplished today or is high priority. I carried a Franklin Covey planner for years and used it every single work day and once before each weekend I would line up my to-do items for that weekend. The idea behind this is to make sure that every single task receives some attention every day so that you can prioritize it correctly. If you do not copy the list manually your brain eventually glosses over tasks resulting in missed deadlines. This may seem minor but is, in my opinion, the most important thing to do other than creating the list in the first place.

3. Do not use a electronic to-do list for at least a year. Electronic to-do lists do not force you to manually copy the tasks each day. Use a sheet of paper or a calendar/planner book. When in a high stress period, switch back to paper even after you have gone electronic, that will assure you are paying the right attention to your tasks.

4. Form the habit. Schedule 15 minutes in your calendar every morning to get organized. Copy the list from one sheet to a new one, re-prioritize and identify what you need to focus on today. Just like any other habit, plan on sticking to it for 60+ days before it becomes second nature. Also, schedule a block of email time each day or allocate the first open 30 minutes of free time to email and catch-up. Do not let email distract you once you are in "task" mode.

5. If it is not on the list, it doesn't exist. Do not try to remember obligations. Let the to-do list be your memory of deliverables. If you obligate to something immediately write it down and re-focus on the task you were working. Your brain will eventually trust the list and your calendar, resulting in less stress and "gotcha" realization moments of things you have forgotten or need to do.

6. 5 Minute rule - if it will take less than five minutes do it now. Do not delay, you will spend more time tracking it than getting the task done.

7. Set priorities, manage to the due date of tasks. I have a short-hand tracking system I use - I use a "~" to mark any task that is in progress or in someone else's hands right now and write their name next to it. I also use upward facing arrows beside tasks to identify the ones that need attention today. I also put a cut line on my to-do list, anything below the line is very low priority and is either 1. Over a week from needing action (in many cases I just put a reminder in my calendar at this point and pull it from my to-do list) or 2. Is a nice-to-have and self-driven rather than a obligation to someone else.

8. Always notify someone if you will be late. Always. It builds trust in others that you know that their tasks are important. Everyone sometimes gets overwhelmed when they miss deadlines, if they know you hold their tasks in high regard when you forget to notify them they will give you the benefit of the doubt.

9. Do not multitask while working on a major item. Focus on one task at a time, let the list be your guide. This ties back to #5 - track tasks on the to-do list, not in your brain. This allows you to focus.

10. When busy schedule "work time" in your calendar as to assure that your time is not monopolized by meetings.

11. If something is reoccurring put it in your calendar. Do not try to remember your obligations, use your tools to track your obligations so that you can focus on the deliverables.

12. Do not use your email inbox as a task tracker. You only have one list, if there is something important in your inbox that will take more than five minutes to complete add it to your list.

13. One tip that may not work for everyone but works well for me is: Keep your inbox clear of cruft. That keeps your inbox from becoming a messy distraction. If I have big projects I create folders and sort the email into those folders. I try to keep my inbox at less than 30 messages by liberally using folders and Outlook/Mac Mail search function.

Essential Tools:
1. A calendar (outlook or iCal is fine for this - it does not need to be paper)
2. Paper and a pen for your to-do list. I used to use a planner but now I tend to use notepads when I need to switch back to manual task tracking.

The process each day:
1. Get organized. First thing each morning, copy the old list to the new list, re-prioritizing and identifying "must do today" items as you copy. Also look at your calendar so that you have a mental image as to what your day looks like, block out time as necessary to focus on "must do today" tasks. I find 15 minutes is a good amount of time for this.

2. Crisis Time. Spend a fixed amount of time dealing with email, voicemail and crisis situations. For me, during the days when I am overwhelmed with tasks it is 30 minutes. Add any items that you need to accomplish to your task list (unless they will take less than five minutes, then do them now).

3. Re-Sync your brain with the list. Look over your task list once more to make sure Crisis Time didn't get you off track.

4. Work off the list. Continue through your day using the task list as a guide to your activities.

That's it. Rinse, repeat for a few months and you should find that your life becomes quite a bit more easy to manage.

Allergy Shots - 1 Year and 3 Months In (Or: Alan's subjective view of Immunotherapy So Far)

Tue, 30 Mar 2010 08:17:07 +0100

Two years ago I took a risk and had Lasik done. The results were spectacular...
So, when Tanya (my fianc�) and I thought about moving in together there was something that had to be contemplated: I had allergies/asthma and could spend only a few hours in any environment with dogs or cats during any given week. Tanya is a major dog person. Our options could be summarized as: Figure out how to stop Alan from reacting, or get rid of the dogs. The latter was not a happy thing to contemplate, so it was time to see if I could do anything.

I started doing research and discovered a body experiment I could partake in with a couple of potential outcomes:
1. Spend months of your life sitting in doctors offices over 2-5 years with nothing to show for it other than a damaged wallet.
2. Spend months of your life in a doctors office over 2-5 years with some allergy resistance.. and still damaged wallet.
3. Spend months of your life in a doctors office over 2-5 years and be cured of your targeted allergies.. and yes, still a damaged wallet.

After having Lasik done, allergy shots and the potential of changing how your body reacts to allergens seemed like a very worthwhile experiment. My asthma has always caused issues and allergies are something I�ve always fought using antihistamines and the like. The concept of getting rid of my allergies was awesome, and like getting rid of glasses/contacts, is a quality of life improvement worth some risk (if I must rate it - in my case more worthwhile than the Lasik - since glasses didn�t limit me from doing things, but my allergies and asthma did).

If you are not familiar with allergy shots (immunotherapy) the basic concept is this (layman non-doctor explanation):
You are injected on a regular basis (twice a week, then once a week, and now every other week in my case) with the substance you are allergic to (allergen), in doses that are gradually ramped up over time. The hope is that your immune system adapts to the higher level of allergens through production of specific types of antibodies, which block the allergen from having an effect rather than the natural response of someone with allergies, which is to become hypersensitive to the allergen and cause the symptoms we all know and love. The net effect is that you are raising the bar at which your allergies are triggered, eventually to a level where no natural level of the allergen will cause you to react badly. Wikipedia has much more detail than this entry if you want a better explanation.

As for drugs, you are probably going to stay on them for quite awhile. Even allergy shots are not perfect, and the doc made it clear up front that if anything my drug dosages and types would probably increase for the first few years as they tried to control my allergies/asthma while working toward immunity, which they did.

The process is supposed to take 2-5 years although many places recommend staying on �booster� shots. Based around my reading many people quit the shots and years later are still fine from what I�ve read. Mileage may vary. I haven�t made it that far yet, so I can�t testify to the result in my case.

One mistake I made in relation to this blog entry (and wasn�t contemplating at the time) was I didn�t start documenting the Allergy shots until now, which is well after my initial impressions have worn off, so these observation are a bit late and probably a bit skewed....

Things to know about the Allergy Shot experience:
1. Getting started is not cheap - I�ve maxed out my insurance out of pocket the last two years, and will probably continue for at least a few more years. First there are doctor exams, then there are allergy tests (both scratch and blood tests in my case), then there are follow-up appointments, drugs to control your allergies/asthma and the ongoing costs of the shots, which are about $35 every other week for me at this time. My out of pocket cost so far has been at least $4,000 between all components since I showed up for my first exam. Side Note: Thanks to my employer for providing great insurance and being a awesome employer for many years.

2. Allergy shots require commitment. Commitment to see doctors every 3-6 months to grade your progress/adjust medications and 2-5 years of your life of allergy shots themselves - then there is the biggest commitment - time sitting around..

3. Time sitting around - You show up at your docs office, wait for your shot (5-20 minutes typical in my case), then after the shot (takes 5-10 minutes or so to get), you must stick around the doctor�s office for half an hour to make sure you don�t suffer any major effects or go into anaphylactic shock. This means on you are burning close to a hour of time minus travel each time you go in for shots. On a positive note, my doc office has Wifi so that you can bring along your computer and use the Internet or work while waiting.

4. Additional Notes on Time - If you miss a few shots (no two month europe trips in the first few years), they back your dose down and ramp back up, in addition if you have a major reaction, that can also delay your progress. One other schedule impacting item is when moving to new vials of allergen you must ramp-up again over a period of 3 weeks, which means every 2-3 months having to revert to a once-a-week schedule (at least on my current dosage/visit timing).

So how are the shots?
Due to my allergy set (shrubs, trees, grasses, mice, dogs and cats if I remember correctly), they give me two shots each time. One in the back of each arm. The shots are using pediatric needles, so it�s a VERY small prick, most of the time no bleeding, or if so only one or two drops. During the initial ramp-up I had much arm soreness. At a certain point the soreness and swelling reduced, but now that I�m at maximum dosage every shot is followed by arm swelling and minor pain for a few days. It is nothing major, but is a bit of a distraction.

What are the results like after a year+?
A Drug Disclaimer: The antihistamines I�m on haven�t changed much - I�m on the same basic stuff I have been since a few years before the shots, which is a Claritin or Zyrtec generic. In addition I�m on some other drugs/steroids to keep my allergies under control. The asthma meds I�m on have changed dramatically. I�m now on two types of inhaled medicine to control my asthma, one being a emergency inhaler, which I�ve been on for many years and the other being a daily use control inhaler. In October 2009 I started exercising every other day, which I�m happy to say is still occurring. When I started exercising my asthma stepped up so they had to adjust my dosage of my daily inhaler, but my asthma is now is a very good place. Feel free to contact me for additional gory details :^).

So Really - what is it like after a year now that there has been a mega disclaimer?
Huge Improvement. Probably best indicated by example (keep in mind, this is shots + medicine modification):

Before Shots - Emergency Asthma Inhaler + Daily Antihistamine: 2 Hours around dogs and I would have 3-5 days of asthma flare-ups and congestion for at least 8-10 hours, if not a full day. Petting the dogs would result in itchy skin in only a few minutes, heaven forbid I rub my eyes without washing my hands, they will be irritated all day. Visiting anyone�s house with pets and less than perfect house maintenance (LTPHM from here out) or significant airflow would cause reactions in 15-30 minutes, which depending on the situation could cause me to have issues for several days. Inhaler sometimes needed before exercise and before bed.

6ish months - Emergency/Long Term Asthma Meds + Increased Allergy Med Regiment + Shots: I could sit in a room with the dogs for 1-2 hours a few nights in a row, but then had to spend very limited time around them for a few days to let my asthma/allergies calm down. Petting the dogs still resulted in a fairly quick reaction. Most of the time I don�t need my emergency inhaler unless I�ve pushed my luck too much recently with the dogs. LTPHM environments would cause reactions in a few hours, followed by minor annoyance over the next several days such as needing a inhaler that night, and a OTC decongestant to help clean out my system. Not as bad as before. Inhaler still needed sometimes before bed, and often during exercise.

1 Year - Increased Exercise for a few months, no other adjustments: Asthma started kicking up significantly at night, during the day and during exercise. During a doc visit they doubled my daily inhaler dosage. Within a week or two my asthma issues dramatically reduced. On the allergy front I was able to sit in a room with the dogs almost every night without any major issues sharing the same airspace, although close contact, or sitting with the dogs on the same chair still caused problems.

1 Year 3 Months - No additional adjustments: I can spend significant time around the dogs without reaction as long as there is no direct contact. If I sit with them (dog on lap) for more than 5-10 minutes at a time I can still force a allergic reaction, or if I touch on them and don�t wash my hands within 5-10 minutes. I can inhabit the same airspace (same room) with them daily for several hours without any issues. Exercise doesn�t normally require a emergency inhaler, and the vast majority of the time I don�t need to utilize additional decongestants or inhaler before bed.

Summary: Over the last Year my allergies and asthma have improved dramatically. We are not only keeping our two small dogs, we are eyeballing a puppy to be a partner for our younger dog, which a year ago was not even a option. I can still force allergic reactions, but they are no where near as severe as they were, and now living with the dogs is mostly pleasure rather than mostly avoidance and coping. Even better, now I don�t have to think before I visit a new place, such as homes with large dogs or LTPHM - which ever since I was a little kid was always a major consideration. Big quality of life boost. At this time I�m thinking the results are 50% drug adjustments and 50% shots, but I�m already feeling MUCH better about my ability to manage my allergies and asthma. We�ll see how the future develops.

Intent

Wed, 17 Mar 2010 06:51:25 +0100

In both my personal and work life over the years I�ve had a theory about communication - that theory has been that you need to deliver on the intent of the person asking for something, not the specific thing they are asking for.

Example: When your mom said �Clean the floor in your room� when you were a kid - did that really mean clean stuff off the floor, or clean the room? Would she be happy if you piled everything on the bed, or perhaps shoved it into the closet (guilty :^))? No. That is because the intent of her message is different from what she asked for. What she really wanted was for you to clean your room, and taking her literally could backfire.

This same concept applies in business and personal communications. How many times have you asked for something, or been asked for something, then when you deliver the goods the other person isn�t satisfied? It was the concept, the goal, the intent they were seeking, along with all things that go with it - a certain amount of comprehensiveness, ownership, and quality that was not directly spoken to, but was very important to the end product and their satisfaction level with the result. Sometimes it takes effort, and if you are overworked or stressed sometimes delivering anything more than the specific request seems like a pain, but will result in a better product.

So that�s my thought of the day. Understanding and communicating intent and goal, not just the specific deliverables requested when generating, or requesting something will make both parties much more satisfied in the end, even if it means doing a bit more work.

Three+ Things I learned at SANS 2010 - Info Recon - Sunday Edition

Tue, 16 Mar 2010 06:54:48 +0100

On Sunday I attended SEC550, Information Reconnaissance: Competitive Intelligence & Online Privacy. It is a one day class taught by Bryce Galbraith. He was clear that it�s early in it�s development, but it�s already packed full of great information and tools - much more than I will cover here. If you took the time to do a deep-dive on info recon it could easily be a multi-day class.

Here are a few items I took away from the class:
1. The explosion of social networks and personal/corporate information being moved online in the last ten years has taken the hunt for information about people and companies to a completely different place. It�s no longer about finding out where a website is hosted, what OS it runs, where someone lives or what a company is using for their accounting software - You can now gather large amounts of real information about people or organizations, dig deep through legal, public sources and correlate information people share freely with deep web and other resources to infer a complete picture.

2. Take copious notes when doing information recon. A tidbit of data you didn�t think was worth much could correlate with other data later to finish the puzzle.

3. The Deep Web is now a ocean of information. There are great gateway sites you can use to find different resources, including (the class had MANY sites and tools, here are a few highlighted): Black Book Online, Pipl, Searchsystems.net, EInvestigator

4. Google is still the premier search tool to find out tidbits of information about people, companies, etc. but there are many other search tools, which may locate other info. A reference for Google Hacking: Google Guide, A list of Search Engines over on Wikipedia: List of Search Engines

5. It�s important to keep your ethics/legal brain engaged when doing recon; you can slip into a zone of gray easily, and perhaps threaten the validity of your findings or risk breaking the law.

6. Ex or Current Employee Resumes on the Internet can provide a wealth of freely available information on corporations.

7. If you are interested in all those data breaches you don�t hear about, there is a maintained database on the web with the highlights: DatalossDB.

8. Social engineering is still in heavy use and cannot be discounted, either by it�s use as a tool, or it�s threat to your organization.

This course is packed with info, there is so much that it would be a big challenge to cover all the topics, if you are really interested it�s definitely a course worth attending.

Link to my 3+ Things Learned List series for the Legal class taught by Ben Wright.
Main Blog

Three+ Things I learned at SANS 2010 - Friday Edition (a bit late :^))

Sun, 14 Mar 2010 20:15:36 +0100

1. Case law may act as a example, but should not be used as a guarantee of result - each case is judged separately and often by different courts with different focus and understanding of the material, and although prior case law is a influence, it�s not a guarantee of result.

2. By looking at cases between similar nations (e.g. english speaking, 1st world nations with similar government structures) you might be able to derive information about how another nation�s courts might interpret a new situation.

3. Information gathered from questionable sources might be admitted in court - such as information gathered through activities that may themselves be illegal, such information gathered by a vigilante.

4. Scienter and Self-Help are important concepts in our legal system - acting with scienter is to act knowing that you are committing a wrongdoing. Wikipedia has a bit on this topic. Self-Help is acting on your own behalf without engaging law enforcement, Wikipedia also has a blurb on this concept.

5. Computer forensics work often requires licenses so it is important to understand the requirements in your state if you are to perform forensics work as a professional.

6. Being aware of international and state law boundaries/compliance is important when gathering evidence and attempting to pursue a situation, especially on the Internet since it crosses so many legal jurisdictions and there might be multiple overlapping law enforcement agencies.

Monday Edition
Main Blog

Things I learned at SANS 2010 - Thursday Edition

Fri, 12 Mar 2010 12:43:46 +0100

1. Every reaction to a situation can influence others to think of your organization as �good� or �bad�. Being open, transparent and taking responsibility quickly comes off much better than shutting down, seeming closed and acting slowly. Your organization needs to assure that at the end of the day people have a positive view of you, even if it means fessing up to major mistakes or wrongdoing.

2. Don�t tamper with a pre-existing records, especially logs and the like - rather than edit a pre-existing record, create a new one referencing the old one and the corrections you have. By doing it that way if the records are ever questioned it will not appear that they were tampered with.

3. Many civil actions and investigations (read: no jail time) can become criminal easily (read: jail time) if there is any evidence of fraud, tampering or misrepresentation.

4. Modern Auditors have a responsibility not only to validate things are correct and in order, but to also look for suspicious activity and ask questions which will help them locate fraud.

Plus over the last few days I�ve added a couple of new books to my to-read list: The Naked Corporation and Geekonomics.

One other thing I should mention is our class is taught by Ben Wright, who is a awesome instructor. It�s rare that you get a instructor who is as energetic and communicating as well on day four as he is on day one.

Friday Edition
Main Blog

Three Things I learned at SANS 2010 - Wednesday Edition

Thu, 11 Mar 2010 18:46:45 +0100

1. Breaching a contract in America is a economic situation, not a ethical or criminal one. The goal is to make the vendor or customer whole. It can have fall-out, and damage company reputation, but it is not a �go directly to jail� situation.

2. Force Majeure clauses are not a 100% protection. If you have a primary system and it fails with no backup you may still be liable if the system that failed was critical, and it was well within your control to have a backup. In the same situation, if you have a backup system, and both the primary and backup system fail, that may fall under Force Majeure since you made reasonable effort to make sure the system didn�t go offline. In other words when something falls under Force Majeure you can�t just throw up your hands and wait for it to fix itself.

3. The definition of Best Effort between the Legal and IT Realm are two different things - in Legal definition it is more than just �reasonable effort�, whereas in IT it is often �the minimum effort necessary�.

Thursday Edition
Main Blog

Lasik - 1 Year and 4ish Months In

Wed, 10 Mar 2010 11:44:57 +0100

After going through the vast majority of this winter there are only a few additional thoughts I have on the lasik experience:

1. When my eyes get tired, they are tired. It�s time to shut them for a bit, otherwise I�m blinking for the rest of the evening and they feel slightly irritated.

2. I still get dry eye occasionally, which rarely (never?) happened before Lasik, but it�s a pretty minor experience. A bit of rest, or hanging out in a slightly humid environment fixes them up pretty quick. One other trick I can use in emergencies is to put a eye drop or two in each eye and close them for five minutes or so, that usually gets them back on track. The one time when the dryness of my eyes is more apparent than others is when driving with the A/C on - airflow on my face without enough humidity will suck the moisture right out of them. It�s quickly remedied by turning off the A/C for a few moments in most cases.

That�s about it. The vast majority of the time I don�t think about my vision or have any issues with it. Still have 20/20 or better and am very satisfied with the experience.

In interest of full disclosure I�ll state that my near-sight vision is a bit worse than it was a few years back, but I started to notice that a bit before the Lasik. That particular issue is a side effect of age, not eye surgery :^). I just need to stop opting for the highest resolution possible in the smallest screen size when buying computer monitors, for day to day reading and non-monitor activities my vision is still great.

Rating of Lasik so far: Absolutely worth it.

For those of you who want a second opinion, there was a article on Lasik in Consumer Reports at some point in the last several months. Here is a link to a tidbit about it: Consumer Reports