John Mavrick's Weekly Wonderings

Share this post

John Mavrick's Weekly Wonderings
🌌 Weekly Wondering 2023-W18
Copy link
Facebook
Email
Notes
More

🌌 Weekly Wondering 2023-W18

AI note-taking, ULTIMATE digital security, overcoming laziness

John Mavrick
May 08, 2023
2

Share this post

John Mavrick's Weekly Wonderings
🌌 Weekly Wondering 2023-W18
Copy link
Facebook
Email
Notes
More
Share

Welcome to another edition of Weekly Wondering, a sacred time where I share the resonating links, reflections and learnings from my past week to influence your next one ;)

This newsletter is my version of learning and thinking in public, giving me time to expand on ideas that may turn into more refined content in the future.

✨ In My Life

Integrating AI into learning and note taking
Using AI integrations like ChatGPT and Obsidian's Text Generator Plugin take learning and note-taking to a whole new level, and I feel energized by the possibilities associated with the above.

Tiago Forte's BASB methodology with PARA and the CODE method already help substantially with information overwhelm, but just imagine how much better it could be if AI was also integrated alongside it.

Even if your organization isn't the best, you can let AI do all the hard work and resurface relevant things to you in a chat-like manner.

It would greatly reduce the friction of processing notes (but at the same time that is how you learn so it's a double-edged sword), making super old information resurface-able beyond what a manual Zettelkasten could.

And so, this week I'll be experimenting with using AI in my learning and note-taking, finding the most useful practices and implementing them in my Ultimate Starter Vault.

I'm also in the ideation process for an AI-integrated note-taking app that will hopefully have the essential features of Obsidian but with a fraction of onboarding complexity and overwhelm.

The goal is to create something so mainstream and accessible that it could rival Google Docs and Evernote.

If you're interested, you can be notified of any updates by signing up for the email list here: https://free.johnmavrick.com/betatest-ai-notes

Continuing new versions for my Ultimate Starter Vault
For the past 5 months, I've been complacent and satisfied with my current setup (on top of other priorities), so I haven't had the need to set up anything new.

But recently, I was talking to a friend and he mentioned how the biggest pain point of Obsidian is the learning curve and complexity required to set up your own vault.

Thanks to the combination of this new fascination with AI-infused personal knowledge management with the personal mission to make the onboarding setup better, I'm going to be working on some new things on the vault, which you can see on the notion roadmap if you have purchased it. Future plans include:

  • Enhancing existing workflows with AI

  • More kinds of notes (meeting, people notes)

  • An updated use case of different plugins (implementing make.md)

  • Adding actionability to the vault by repurposing kanban boards

  • Better onboarding and teaching through more content (note explanations)

  • More USV philosophy on how to use the workflows (more example videos, principles, etc)

  • Revamping the exclusive discord channel so I can easily share how I use the vault on a day-to-day basis

The plan is to make the vault less open-ended and to be more opinionated on how to do things.

🔗 Links to Thinks

A powerful way to overcome laziness

Lately, I've been getting lazy.

I've been self-indulging more than I used to, and it's been reinforcing a tendency to favor dopamine over long-term effort.

In fact, today's workout was a perfect illustration of it 😭

I work out my upper body 4 times a week (2x push and 2x pull) and am happy to do it each time, but when I have to show up for my weekly leg day, I can't help but complain and feel agony.

And one specific workout pains me the most: Bulgarian split squats.

I already have normal barbell squats in my workout routine, but on TOP of that, at the end of every workout, I also have to do one-leg squats.

I feel bad for my cousin that I work out with, as I don't think I went 20 seconds without complaining about the exercise 😅

So, how did I manage to overcome my laziness when both my body and my mind wanted me to do otherwise?

I'll let this Reddit story explain it:

I’ve tried different ways of dealing with the urge. And for the past year one simple reminder has been a game-changer for me: I’ve never regretted doing good work.

I’ve never prepared for an exam and said, “shit I wish I didn’t study for this.”
I’ve never left the gym after a workout and said, “man what a waste of time.”

So any time I’m staring at a blank page, or I’m scared to crack open my textbook I tell myself, “you’ve never regretted this before.”

It’s always hard to start, but it’s always worth finishing.

🚀 Actionable Tingz

Tightening security on your online life

Current two-factor authentication practices like SMS and even your authenticator app aren't enough to protect your digital life.

They work on a TOTP (Time-based One-Time Password) authentication method that uses a time-based code generated by an algorithm to authenticate a user through unique codes that either expire or refresh.

And as a creator who has the majority of their life's work stored online, knowing how easy it is for someone to steal it all away from me feels scary.

I'll let ChatGPT explain how these systems are vulnerable:

SMS:

  1. SIM swapping: An attacker can contact the user's mobile phone service provider and request that the user's phone number be transferred to a new SIM card in the attacker's possession. If successful, the attacker can receive the SMS authentication code and gain access to the user's account.

  2. Intercepting SMS: SMS messages can be intercepted and read by attackers using various techniques, such as SMS spoofing or man-in-the-middle (MITM) attacks. If an attacker intercepts the SMS authentication code, they can use it to gain access to the user's account.

As for device authentication like Google Prompts or your Authenticator App:

  1. Phishing attacks: MFA can be vulnerable to phishing attacks, where attackers trick users into entering their MFA credentials on a fake website or application. If the attacker can obtain both the user's password and the MFA code, they can bypass the MFA authentication and gain access to the user's account.

  2. Social engineering: MFA can also be vulnerable to social engineering attacks, where attackers use psychological manipulation to trick users into giving up their MFA credentials. For example, an attacker might pretend to be an IT support person and ask the user to provide their MFA credentials for "security reasons."

  3. Device theft: If an attacker steals the device used for MFA authentication (such as a phone or security key), they can use it to authenticate themselves and gain access to the user's account.

  4. Weaknesses in the MFA system: MFA systems can have vulnerabilities that can be exploited by attackers. For example, if the MFA code is generated using an algorithm that can be predicted, an attacker might be able to guess the code and gain access to the user's account.

So, to tighten up my security, my mentor at work suggested I use Yubikeys to store my data, which are physical keys you can plug into your devices to authenticate logins.

This type of authentication falls under the FIDO2 security protocol.

FIDO2 provides a more secure authentication method than TOTP because it is based on public key cryptography.

With FIDO2, a private-public key pair is generated unique to the user, and the private key is stored securely on the user's device. This makes it difficult for attackers to steal the private key and impersonate the user (unless they can magically transport the key from your hands into theirs).

And so, I ended up getting the Yubikey 5C NFC which lets me use the key via USB-C and close-range wireless means. For my computer, I purchased a usb-c to usb-a adapter so I can also use it there.

If you're interested, you can find out which key works best for you here.

Once I got mine, I set it up with my primary Google account, as well as my password manager Bitwarden (it does require a $10/year subscription to use the physical key though).

Using Bitwarden as my password manager lets me easily create and store randomly generated passwords, as well as store TOTP methods for accounts where my Yubikey isn't supported, which replaces the need for Google Authenticator (GA sucks anyways since if you lose your device you lose access to the codes...)

Now for some additional notes about the key:

  • Since these keys are required for signing in, people highly recommend you get a backup key in case you lose the first.

  • The key can only store a limited amount of FIDO2 and TOTP, but having a password manager kind of ensures that the master key requires your Yubikey.

Now, insert objections:

  • $50 for a key is too expensive!

    • I treat it like insurance: I would much rather purchase this initial investment (the $10/year is optional) then to lose my entire digital identity

  • What if someone just steals my key?

    • They would still need to know what your login information is (username/email, password). This mostly prevents digital attacks.

    • If they do end up stealing your key and knowing your details, it's going to be in the case of a targetted attack by someone local to you, which means there are much bigger areas of concern 😭

🤔 Food For Thought

Since I took a lot of time obsessing over security, I'll just leave these Reddit discussions and my notes:

People against the idea of banning fun and an extreme dopamine detox

I quit everything "fun" for 2 months to see if it would make me happy like they say... here's what happened.

Just a friendly reminder to not obsess over work, to find a healthy moderation in between.

Comments included concerns for burnout based on personal stories, including things like:

This is one of the more depressing things I've read today. Thanks.

I practice balance and moderation now because I realized that it's not sustainable long-term. I was actually super miserable and it didn't produce any tangible results for it to even be worth it.

Seriously, I hate hustle culture and I hate how much it brainwashes us in our youth. I had a similar drive in my 20s - focused on working hard, said no to "frivolous" spending and lived a goal oriented life. I fell into toxic positivity/good vibes only. It's easy while things are good, but as soon as life hits you (and it will, hard - deaths, loss, health issues, financial troubles, whatever it is) you kind of crumble and think to yourself why did I focus on all this, this can't be what life is about. I'm a decent earner, debt free, solid investments and assets, very much ahead of the curve compared to the average 30 yo, and I honestly wanna relive my 20s and focus on connection and experiences and fun. At the end of the day, balance is what matters. Things that bring you joy. Life in moderation - if your habits are somewhere in the middle (regular physical activity, eat a diverse and nutritious diet with occasional splurges, limit screen time, socialize and connect with people, financial literacy, practice hobbies you like), you'll do great. Throw in some therapy and you're golden. A militant lifestyle doesn't make you better than everyone else, nor does a hedonistic/instant gratification lifestyle.

Congratulations, you've managed to train yourself into a lab rat and like it

This made me remember that such extreme levels of hyper-focus should be deeply rooted in intrinsic motivation. Upholding this work ethic as a consistent expectation is unhealthy and inhumane. You could even argue that any form of hyper fixation is unhealthy in the first place.

What life is like post-FIRE (financial independence, retiring early)

https://www.reddit.com/r/leanfire/comments/135c64p/post_retirement_life_whats_it_like/

  • Interesting how people are still willing to work despite being retired

    • Part-time, volunteering

    • one went back to their own job after 6 years, was difficult with a big gap but I was actually a better employee because I wanted to be there so I got promoted.

  • You now have lots of time to determine how you want to spend your time

Makes me realize that the goal is to work on finding long-term passions or missions I am able to pursue once I do retire before I actually do, or else I'll end up wasting my life and overworking my previous self for no reason.

My Tools for Learning and Growth

I write and collect my newsletter content all inside Obsidian, my favorite note-taking and productivity app.

If you want to aggregate the valuable gems from your week like this, or need a place to store your ideas and highlights, you can set up your own second brain.

If you want the most densely packed and actionable book summaries, try out Shortform for free here.

If you want to make reading and highlighting easier, check out Readwise (affiliate link) and sign up for their Reader app!

2

Share this post

John Mavrick's Weekly Wonderings
🌌 Weekly Wondering 2023-W18
Copy link
Facebook
Email
Notes
More
Share

Discussion about this post

No posts

Ready for more?

© 2024 John Mavrick
Privacy ∙ Terms ∙ Collection notice
Start WritingGet the app
Substack is the home for great culture

Share

Copy link
Facebook
Email
Notes
More