Oh are we talking about Sheryl Sandberg again? Well, your reminder that disabled feminists, LGBQT feminists, and feminists of color criticised her ‘lean in’ deal from day one. Don’t let anyone retcon that out of existence.

An irony of facebook's situation.

Sheryl got her MBA at Harvard. One of the most famous cases (Extra Strength Tylenol) in one of the most famous classes (Business History) she took: in 1982, someone put cyanide in Extra Strength Tylenol capsules and killed 7 people in Chicago.

What do you do when someone turns your product into a weapon? When they use the system you built to harm? James Burke, CEO of J&J, was shockingly open with the public, he pulled the product and made significant packaging changes to make product safer (but not tamper-proof).

He over-shared every step along the way re investigation, redesign, stood up as both CEO and human. The reintroduction of new Extra Strength Tylenol succeeded. Burke saved the brand.

But four years later it happened again. A killer put cyanide in the capsules, this time a woman in Yonkers died. Same CEO, Burke, pulled the product again, completely changed the form factor from capsule to caplet and relaunched *again*. It worked *again*. How'd they do that?

Burke (CEO) tapped J&Js goodwill bank account w/ the public. Two big withdrawals from that bank account in four years + 8 dead bodies! But his honesty, openness, humanity (choked up about the deaths more than once), humility kept the goodwill bank balance positive the whole time.

Most software founders, particularly in B2B, need to get radically better at sales. @Steli , who is the best person for explaining the scrappy stages in the beginning and then building out a team with scripts and processes, wrote a guide to:

For technical founders it is irrationally, obscenely hard to reverse years of programming (ba dum bum) that sales is a value-destroying activity. Sales is CLEARLY a value-creating activity, contingent on you have a value-creating product.

The world will not drop what they are doing to adopt your work. This is particularly true in B2B, where simply building a better mousetrap won't overcome the activation energy required to get people with additional non-mice problems to prioritize changing mousetraps today.

This is very non-obvious for founders because founders are not often people who *want* to be sold to. We often come from a background where trying out tools is a bit of a fun hobby. We like looking at all the options, making charts, and ripping out partially complete tests.

"This week I unsuccessfully trialed four software options for automating that thing that has been killing us. Our actual production process remains the same as last week. Don't worry; this was a great use of time." is not a thing you want to write in a progress report to manager.

Just published 15,000+ words on security keys. 🔐📱💻

With SIM attacks at their highest, now is a great time to take a closer look at your online security.

Removing SMS from your two-factor auth is a start, but authenticator apps have downsides too...

https://t.co/Dk0MPJHL2V

Just look at these headlines from recent SIM swap and port attacks.

It's all too established for attackers to find ways to socially engineer control of your phone number and start gaining control of your accounts.

I first talk about some general security tips.

Unfortunately not all websites let you remove your phone number from accounts.

You may consider migrating your phone carrier to @googlefi , which requires email account access to do anything (and can be locked down with security keys and even Advanced Protection)

Beyond SMS, I talk about issues that TOTP authenticator apps (the code generators) have as a form of two-factor auth. They're so, so much better than relying on SMS for your second factor but they still have issues like utilizing shared secrets and lacking phishing prevention.

Enter security keys!

Utilizing public key cryptography they don't have any shared secret between the client and the server. They prevent phishing by taking the website domain into account.

Even if you get tricked by a clone phishing website, your key won't.

Been reading up a lot about these jabs, esp as I know they are going to be a condition of a return to normality

Was on a zoom call last evening with a testing company that had some fascinating evidence on protection etc.

I have more reading to do.

I do not want to be coerced into something I don't want, BUT i want normal back as soon as possible.

Basically i'm at the point in my isolation and thinking that I'll take whatever just so this bullshit can end.

That is a desperate mindset, but so is 12 months of being cut off from the world.

All i have is what goes round and round in my head.

There's no one else to help balance it.

So i'm in group 6, and my surgery are doing group 6 right now. And i am at the point i want to do it to get it DONE.

And also to study what happens. Because i have that kind of mind.

I remember Pandemrix.

But we live with risk every day.

I risk my life climbing walls with only a harness around my waist to catch me as i lean back and fall off

And rational risk assessment is at the heart of everything going wrong these last 12 months