SuperBetter

“When we play a game, we tackle tough challenges with more creativity, more determination, more optimism, and we’re more likely to reach out to others for help.”
Jane McGonigal

Jane McGonical, a game designer, suffered from a concussion. It did not heal properly so she had symptoms of headaches, vertigo and mental fog. In order to heal she could not read, write, play video games, run, have alcohol or caffeine. In her words, “I had no reason to live.” She fell into a depression. On day thirty-four, she said, “I am either going to kill myself, or I’m going to turn this into a game.” So she made a game out of her struggles.

She adapted a secret identity. She had bad guys, things that kept her from getting better. She had power ups, things that made her happy. And she had allies, people who helped her as she played the game. She almost immediately started feeling better. In in less than a month her depressive fog had lifted. She still had a year long journey in front of her to recover from her concussion but the game play seemingly made it bearable for her.

She shared her experiences on her blog and people all around the world started playing her game. Some people played it for simple, mundane things, others faced terminal illnesses. The common theme she soon discovered is people felt better about their battles. They could better handle the challenges they faced.

Jane felt intrigued and did some further research. She found something similar to the all to familiar Post Traumatic Stress, but opposite, Post Traumatic Growth, PTG. People experiencing PTG, came through their trauma, even stronger than before. They all had common outcomes:

  • Their priorities had changed, They were not afraid to do what made them happy.
  • They felt closer to their friends and family.
  • They understood themselves better; they knew who they really were.
  • They had a sense of meaning and purpose.
  • They were better able to focus on their goals and dreams.

But how did PTG relate to her game? Jane did further research. She found 4 strengths or resiliences that contributed to the growth found in PTG:

  1. Physical resilience- Your body can handle more stress and heal itself faster.
  2. Mental resilience- You have more mental focus more discipline, determination, and will power.
  3. Emotion resilience You have the power to invoke powerful positive emotions like curiosity and love when you need them most.
  4. Social resilience- You get more strength from your friends, neighbors, family and community.

Her game just happened to use scientifically validated exercises that worked on building these four strengths. The game helped to build these four strengths and were helping people experience the positive aspects of PTG.

Even better, a person does not have to be recovering from a trauma to receive benefits from these exercises and in the process gain resiliences. Anyone cam benefit.

So, my question to you, do you want a better life? Not only that but a SuperBetter life? I challenge you to go to superbetter.com and start playing today. This game is easy to play and not a time sink. If you want the benefits of PTG without the trauma, head there know.

This is a link to the Ted video that inspired this post.

You is Kind…

“You is Kind. You is Smart. You is Important.”

These kind words are spoken to Mae Mobley by Aibileen Clark in the movie The Help. Aibileen, using these words, always made it a point to remind Mae of the value of the young child.

Too often, people loose sight of simple things, me included. And when we do, life tends to go off the rails; it becomes a train wreck. And in the train wreck, with carnage everywhere it is easy to forget, You is Kind. You is Smart. You is Important. It is only when these simple lemmas can be brought back to focus that life begins a return to normalcy.

So, as a reminder to myself, always remember, You is Kind. You is Smart. You is Important.

Stephen Magladry, your iTechieGuy

God Moment

Betty Munsell, the mother of Mary, my wife, passed away on May 22. We have experienced God moments since then. My favorite occurred at the Rosary.

The Rosary Service took about 30 minutes. A women sat behind and to the right of us for the entire service. After The Rosary, people took some time on personal reflections about Betty.

During that time, The women’s GPS sounded off, “You have arrived at your destination.” It reminded me of the oh so timely call out of Deborah’s cell phone during TwD, “Message received.” I thought about the perfect timing of the GPS. It had sat in her purse for over 30 minutes in udder silence. It seemed as if God waited for just the right time to let us know that Betty had arrived at her destination.

I commented on the perfect and timely call out from the GPS, “You have arrived at your destination.” as if it were meant to be. The women apologized profusely for her seeming faux pax. I let her know that it was not necessary, that had been a God Moment. God had meant it to be; otherwise, her GPS would have sounded off on her arrival at the church.

Here absence is felt by all those she touched. Below is a memorial I put together for her.

Stephen Magladry, your iTechieGuy

Limiting Logins on a WordPress Site

This post explores one easy way to hardened a WordPress site from possible exploitation.

In order to make changes to a WordPress site, a user must first be able to log into the site. Without the ability to login, no changes can be made to the site.

Why there is a vulnerability

Currently, out of the box, WordPress has no limitations on the number of password attempts allowed to login to a site. You may think, “big whoopee, who is going to take the time to type in all those different password attempts?”

Well, the answer is no one in their right mind would do that. Hackers/crackers are, fortunately, in the right mind. Unfortunately, not to be political or anything, they are in their far right mind.

If they are trying to get into your site, they are not going to type in a bunch of passwords and hope one matches, they are going to automate the process. They are going to run a program that will likely be able to try 10’s to 100’s of attempts a second. If they find a password that works, Bingo! they’re in. They can now make changes to your site.

Theory to beat this vulnerability

What if there would be a way to limit the number of attempts? After so many attempts from a certain computer, that computer would be locked out from making more attempts. This would foil automated attacks on your site.

From Theory to Practice-Limit Login Attempts Plugin

The WordPress Plugin, Limit Login Attempts, http://wordpress.org/extend/plugins/limit-login-attempts/, will carry out such limitations. Limit Login Attempts does among the following:

  • Locks out an IP address after a set number of failures.
  • Keeps them locked out for a set period of time.
  • After 4 login failure cycles, that IP address is locked out for a longer set period of time.
  • Tracks the total number of login failures.
  • Make allowances for direct connections or from behind a reserve proxy. I discuss this further in the Settings section.
  • Will also block login attempts using cookies. I discuss this further in the Settings section.
  • In the login window, will notify the user the number of login attempts left.
  • Notify user if they have been locked out.
  • The option to log failed IP addresses and email for locked out Ip addresses.

A Look at Settings for Limit Login Attempts Plugin

This is setting screen for the Limit Login Attempts Plugin. Its can be found in Settings Tool in the Dashboard when logged in as an administrator. Here is what it looks like.

limit-logins-2012-05-9-10-02.png

I am going to run down the different options and offer my suggestions.

Total Lockouts- This keeps a watch on the total number of lockout since the last refresh. Clear this at any time.

Lockout

Allowed retries- This is the most important and least important field at the same time. As long as there is a value here, this site will no longer be easy to hack/crack. For that reason, automated attacks will stop. They will move onto easier targets. I would suggest a value less than five. I am a horrible keyboarder and still I can make my fingers crawl on the keyboard well enough to get my password by the third time. Additionally, on the first lock, the user will only be locked out for a short period of time.

Minutes Lockout- This is the length of time for a lockout if the allow retries are exceed for the first time. The default here is great enough to frustrate crackers but not great enough to frustrate a user in the rare cases where a they did not type in there password correctly.

___ lockouts increase lockout time to ____ hours- This is the teeth of the plugin. This is what will stop hackers/crackers. When a hacker/cracker is locked out for the long period of time, They know their automated attack is a waste of time. They will be off to easier targets. The default values here are good values.

Hours until retries are reset- Again, this field as little significance. It is the count of the lockout failures. In this example it is four. The important thing is a hacker/cracker isn’t going to try three times, wait x hours and try again. They will be long gone finding easier targets. I would make this as large as the hours lockout in the previous line.

Site Connection- If you do not know what a reverse proxy is, select the Direct connection radio button. If you know what a reverse proxy is and your site is behind a reverse proxy, select the From behind a Reserve Proxy radio button. This would be a relatively geeky setting.

Handle Cookie Logins- Many times, a user, who has recently visited their site, re-enters without needing to re-enter their password. This is because there is a cookie, a small bit of text on the users machine that is put there by the website. When the user returns, the website uses this cookie as a form of validation and the user can re-enter the site without a password.

Make sure to select the Yes Radio button here. Otherwise a hacker/cracker could automate the process of trying different cookies, hoping to get lucky. They have about a one in 4 billion chance. :^)

Notify on Lockout

Log IP-This will keep a log of failed login attempts. It is informational and not to important. I’m a geek, so I would have this on.

Email to admin after ____ lockouts- The default value of 4 is fine, here. Again, being a geek, I would want to have this option checked so I could snicker at people who tried to hack/crack my site.

If you made changes to any of the settings, don’t forget to click the Change Options Button. This will save the changes.

Finally, there is the Clear Log Button. Sometimes log files can get big and unwieldy. For this plugin, this would only be the case if you had thousands and thousands of failed attempts. Still it would be worth while to clear this log as part of a quarterly cleaning

In closing, out of the box, a WordPress site is open to the potential of automated attacks to try and figure out passwords on a WordPress site. The Limit Login Attempts Plugin will close down this vulnerability. Using this plugin, is one step a WordPress site admin can take to further harden their site.

Baseline Checkup for Integrity of your WordPress Site

It’s 11:45 AM. Do you know how many administrators are on your WordPress site?

Unfortunately, WordPress, at its base is a piece of software. Any piece of software has the potential for exploits. With WordPress exploits, nefarious people could be using your site to inflict evil on other people. A major case and point happened recently. The largest piece of malware to ever effect the Mac has happened in the last few months. This piece of malware got spread through WordPress sites that had been exploited.

If you ask me, exploits and keeping your site minimally exposed to hackers are the number one reasons to keep WordPress, Plugins, and Themes updated. Often these updated fix exploits. With these fixed exploits, this lowers the potential of a WordPress site getting hacked.

WordPress exploits are well known. Have any doubts? Check out this list. By not having the most up to date version of WordPress, a WordPress site is open to any exploit on this list targeted at that version of WordPress.

One of the most valuable hacks, at least as far as the bad guys are concerned, are exploits that allow them to add an administrative user. This exploit allows for a hackers to do just that thing. Notice, the version of WordPress effected by this exploit is 3.3.1, the second most recent version. Anyone not updated to the most recent version, 3.3.2 is potentially vulnerable to this exploit.

Step back and think about it a second. What would be the problem if someone unknown suddenly could administer another WordPress site, potentially yours? As an administrator, they could make what ever changes they wanted to the exploited site. They could add code, users, posts, comments, all at their free will. If they so desired they could even delete the exploited site! That wouldn’t buy them much, but it is a possibility. They would much rather have a site up and infected. Then they can continue to use the exploited site for whatever purpose they wanted.

Beyond the direct affect on the exploited site, there is an even larger potential problem, the site’s SEO. One thing web search engines do while crawling sites is look out for malware. I have and maybe you have too, clicked on a link in Google only to be warned that you are going to a site that may be infected with malware. That alone, would be a scary enough for potential customers.

Google’s search engine will also keep a watch on an infected site. The longer the infection lingers, the lower the rank the infected site will receive. Any ranking the infected site had built up with Google could soon be lost without a timely fix.

So, what can be done to protect a WordPress site? One of the easiest things that can be done is to keep a watch on the number of administrators on your site. If there are more administrators on your site than you expect, you could have been hit by an exploit. Thankfully, when logged on as an administrator, The User Panel will show the number of administrators. This panel shows three administrators; the expect amount, by the way.

PastedGraphic2-2012-05-4-11-42.tiff

If the Administrator count is larger than expected, click on the administrator link to show who the administrators are for the site. If the numbers of administrators are less than the count of administrators, that is a problem. There are obscure problems that can allow the count of administrators to not be reflected in the list. More likely than not, the rogue administrator has been hidden, A very easy thing to do. If you find yourself in this predicament, you will either (1) have to get your hands dirty with SQL or (2) find someone who will.

Unfortunately, WordPress sites are vulnerable to exploits. These exploits can be used to cause harm to people who unknowingly visit they exploited site and also damage the sites reputation. One basic way WordPress site owners can keep an eye on the integrity of their site, is to make sure there is not a sudden increase in the number of administrators. This is an obvious sign that a site has been hacked.

In closing,

It’s 1:45 PM. Do you know how many administrators are on your WordPress site?

Wotd (Word of the day)-Proprioceptive

Proprioceptive, the Free Dictionary defines it as, A sensory receptor, found chiefly in muscles, tendons, joints, and the inner ear, that detects the motion or position of the body or a limb by responding to stimuli arising within the organism.

Wikipedia states, from Latin proprius, meaning “one’s own” and perception, is the sense of the relative position of neighboring parts of the body and strength of effort being employed in movement.

Proprioception is the reason why we able the ability to put on finger on the back of our head or in our ear.

In our discussion we discussed how a drunk person had less proprioceptive abilities; they can not even put their finger to their nose.

Today, I discovered that not only is there a physical proprioception, but there is also a emotional proprioception. Let me explain.

Recently, I have been emotionally un-proprioceptive. I had become emotionally drunk, I couldn’t even find my nose on my own emotional face.

In our sharing, I put my finger on an event that I thought I had put behind me. It has become a dam, a barrier, a block to handling my emotional life on life’s terms. And life never stays compartmentalized. This event had become a dam, a barrier, a block to handling my life on life’s terms.

Now recognizing the situation, I immediately feel some relief. Furthermore, I can more completely deal with the problem and work to get it behind me. And through the process I hope, once again, to find my emotional nose. I have discovered the importance of  working toward maintaining my emotional proprioception.

Stephen Magladry, your iTechieGuy

A Time To Celebrate

The new Stephen is a year old now. Let’s back up a few years.

Since about the year 2000 I have beens struggling with some form of depression. It started out as SAD. Almost like clockwork, I would fall into a depressive state about the time of coming off of Daylight Savings. My life would start picking back up about the same time as light returned to our world, about the beginning of Daylight Savings Time.

One year, I missed the cycle. By the time January came around, The depressive cycle had cleared. I felt “cured”! I celebrated!

Unfortunately, the celebration turned out to be short lived. By the time August rolled around, I found myself right smack dap in the beginning of another depressive cycle. So much for the short term freedom That I had felt. With that, my depressions had gone from seasonly related to episodic, meaning my depressive cycles now came from time to time.

Through the years, I had tried almost everything. I started out with OTC’s like St. John’s and Sam-e, switched to prescriptive concoctions, some not working, other some what, still others working turning to not working, years of talking about my problems with licensed counselors. I felt like being on a full on roller coaster ride.

As you can probably imagine, years and years of this became tiring. I had to try something new.

In the fall of 2010, I started to see a psychologist. After some initial getting to know each other sessions, he introduced me to David D. Burns, a world renowned author/doctor on Cognitive Behavior Therapy, or CBT. David’s work with CBT predates the work on the new age of anti-depressants. Additionally, his studies have shown that CBT is a more effective treatment than antidepressants, both in the short term and long term in regards to depression.

The idea behind CBT is that the thought process is broken. Too often people like me are ruled by our negative thought processes. In encountering a positive thought about myself, it would take me seconds to countered that positive thought in multiple ways before I ever had a chance to get comfortable with that thought.

I started working the program “around the edges” and immediately started to see results. It seemed too easy and too good to be true. I crashed a couple a months later after the basic method began to fail me.

Little did I know i had only began to scratch the surface of CBT. In the book, When Panic Attacks, Dr. Burns outlines forty different methods to counter the wrong thinking that many of us encounter in our lives. (Side note: in researching the book, I found a succinct review,”Great book. Bad Title.” I whole heartedly agree with that review. )

The book explores how methods work great for some people and may not work at all for another person. Also, no method is to work for every situation. Good thing there are forty methods to try. One is bound to work. Dr. Burns gives methodologies of what methods work for what situations. His studies show a directed use of 5 methods are usually enough to counter most broken thought processes.

By the time May rolled around, I had done enough work with CBT to handle life on my own, without the assistance of my psychologist. For the first time in a very long time, I felt hope about life in general.

Okay, I admit, I’m a crazy scientist at heart. Things have got to be measured to have a better understanding of them. That’s why I have a weather station at my house, to better track my little neck of the woods. Additionally from 2009, I have been doing a daily track on how I thought my day went.

Since employing CBT, the results have been astounding for me. What use to be my highs reached a handful of times throughout the years of my tracking are now how I feel on an average day!

Dr.  Burns talks about getting better versus being better. Getting better is the point where the negative thoughts no longer rule the mind. Reaching the point of being better is when one feels capable to handle whatever comes their way. I am so thankful that I have reached the point of not only getting better, but also the point of being better.

Do, I follow perfectly using CBT? Not even close. Though, my slips are shorter because I am better able to calm the broken voices in my head. And if need be, I can fall back to the forty methods that Dr. David D. Burns has outlined in his book.

So, In closing, do you feel negative thoughts rule your mind? Tried everything and nothing seems to help? Take a look at Cognitive Behavior Therapy. It has made a world of difference for me.

Good Luck-F*ceBo*k new Statement of Rights and Responsibilities

I find this kind of funny. F*ceBo*ok is asserting the rights to its trademarked words in there Statement of Rights and Responsibilities, http://arstechnica.com/tech-policy/news/2012/03/facebook-asserts-trademark-on-word-book-in-new-user-agreement.ars. That means people of F*ceBo*k will me asked to not to used F*cebo*k’s Trademarked words. That means F*cebo*k uses will be asked to not use some of the following words: f*ce, bo*k, p*ke (that’s and O), w*ll (that’s an A), and l*ke (that’s an i).

 

Gotta say, Good luck!