From F To A+

Not all HTTPS sites are created equal. Make HTTPS great again.

Welcome to the Internet of broken protocols and pardon my reuse of a political phrase. When I set up this site long ago, it was running on VPCs with many components which with today’s standards, were considered vulnerable: OpenSSL 1.1.0g, PHP5.4, Apache2.1 on Debian 7. You named it.

That’s why it was quite embarrassing, yeah no surprises, to see ssllabs.com rated my site as F:

file

Enough is enough

Since I had some time and always wanted to dig deeper into these important configuration, I decided to take some steps to improve this score.

First thing first: bye-bye to outdated OpenSSL

The previous version of openssl on Debian was suffering from these 2 critical vulnerabilities: SSL Pulse (CVE-2014-0224) & Padding Oracle (CVE-2016-2107). That’s the reason why SSLLab report an F.

The fix was fairly simple: upgrading OpenSSL.

sudo apt update && sudo apt upgrade openssl libssl-dev

After that, check the version:

openssl version
OpenSSL 1.1.1d  10 Sep 2019

And then, no more outdated cipher

SSLLabs also reported another two issues which cap the grade at B:

  • “This server accepts RC4 cipher, but only with older protocols. Grade capped to B”
  • “This server does not support Forward Secrecy with the reference browsers. Grade capped to B.”

Ok, onto finding Apache2 config files:

# assuming Apache2 is at /etc/apache2 
grep -i -r "SSLEngine" /etc/apache2
/etc/apache2/sites-available/default-ssl.conf:   SSLEngine on
/etc/apache2/sites-available/diophung.com.conf:  SSLEngine on

Here we go, the config files are default-ssl.conf and diophung.com.conf. From there, I decided to remove RC4 due to its flaws, and then enable Forward Secrecy in the config files:

SSLProtocol all -SSLv2 -SSLv3
SSLHonorCipherOrder on
SSLCipherSuite "EECDH+ECDSA+AESGCM EECDH+aRSA+AESGCM EECDH+ECDSA+SHA384 EECDH+ECDSA+SHA256 EECDH+aRSA+SHA384 EECDH+aRSA+SHA256 EECDH+aRSA+RC4 EECDH EDH+aRSA RC4 !aNULL !eNULL !LOW !3DES !MD5 !EXP !PSK !SRP !DSS !RC4"

After that, restart Apache2 and recheck

apachectl -k restart

Why stop at A when you can get A+?

At this step, ssllabs rated the site as A, which is pretty good result. But I figured I can get to even better result A+ and being me, I wouldn’t stop. So the next step, is to enable HSTS:

I opened up the Apache2 config files and add this HSTS header:

<VirtualHost diophung.com:443>
Header always set Strict-Transport-Security "max-age=63072000; includeSubdomains; preload"
</VirtualHost>

Feel free to read up about HSTS if you’re curious.

Voila!

After everything, the site is now rated as an A+ result. I’m pretty happy about it and a bonus is that the site also loads 45% faster. So, strongly recommend you give it a try: https://ssllabs.com and let me know what score do you have?

file

  •  
  •  
  •  
  •  
  •  

Stanford LEAD, an amazing journey

Stanford GSB, 2021

Over, but not done

Yes, it is here: this week I received my Stanford LEAD graduation certificate in my mailbox after a year-long journey.

After 1 year, 9 courses, 10 teams, 83 submissions, and hundreds of self-research hours, I can proudly wrap up another chapter in my life-long learning journey.

How it started

It was in August 2020, the COVID-19 pandemic has been going on for over a year, I decided to turn this challenging time into a memorable time. At work, I was leading my teams with a net new initiative, a critical mission to help my company grow 5X over the next 3 years. At home, I was expecting a new baby and at the same time, my 2-year-old son was ready to go to preschool. We’re also moving to a new home.

One might say there was never a busier time.

But I did it. I chose to go to Stanford. One month after submitting my essays, references, and video presentation, I received the Stanford welcome letter.

Reflection on the course

Throughout the year, I had the opportunity to meet Stanford GSB’s world-class faculty. From renowned professors, inspiring course facilitators to amazing fellow LEADers – leaders of their own organizations, all have been very welcoming. It’s been an absolute pleasure to have the opportunity to learn, share, and practice all aspects of leadership.

The contents were excellent, with each course being designed to be very interactive. The case studies were fantastic with relevant industry examples and many were from Harvard (yes, HBR articles are weekly must-read). I must say I loved the readings and case study, but not so much for written submissions 🙂

The course structure was pretty flexible with offline readings and 1-hour Zoom call every week with professors and course facilitators (CF). Our CFs were wonderful partners and many of them were in fact LEAD alumni. I was truly humbled to have my coaching sessions with many of them.

Fun fact: each Stanford LEAD cohort is given a unique name representing the GSB spirit. In the past, we have had names such as Vanguards, Explorers, Pathfinders – mine is Navigators. It meant so much when the whole world was navigating uncharted water with the COVID-19 pandemic.

Final thoughts

Being a life-long learner, I’d wholeheartedly recommend Stanford LEAD to anyone who aspires to be a leader in your organization and considering. To help with the course selection, I will share the courses I took, together with my experience in another blog post.

Here are some excerpts for a preview:

  • Principled and Purposeful Leadership
    Rank: A
    Leadership lessons through self-reflection, looking inward, looking outward, defining your own values, mission, then defining an execution plan for your mission within the organization. Executive coaching sessions available.
  • Critical Analytical Thinking
    Rank: A+

    Frameworks for thinking logically, realizing biases and deriving reasonable conclusions, plenty of practicing with team and debates, excellent reading materials & examples on how some legendary leaders in the industry made their decisions.
  • Financing Innovation: The Creation of Value
    Rank: A-
    Corporate finance, financial statements (P & L, cash flow, annual reports), method to calculate WACC (Weighted Average Cost of Capital), understanding startup funding series (pre-money, post-money value).
  • Strategic Leadership
    Rank: B+
    General leadership strategies, defining a firm’s core strengths and advantages.
  • Communicating with Impact
    Rank: A+
    Solid techniques and strategies, applicable frameworks for effective communication.
  • Decision Making
    Rank: A
    Frameworks and tools for well-rounded, sound decision making process with imperative and data-driven approaches.
  • Customer Experience Design – A Neuroscience Perspective
    Rank: A-
    Put customers first, see through their lens, leverage the X framework to convert customers from low → high-energy engagement.
  • Persuasion: Principles and Practice
    Rank: A+
    Superb psychological insights & comm strategies. Simple yet effective examples through leadership stories.
  • The Innovation Playbook
    Rank: A
    Imagine you’re a startup founder with a problem & an idea: these are the steps to take your product from concept to POC to launch.
  •  
  •  
  •  
  •  
  •  

Support for Keyboard Shortcut to Close Chrome tabs

A quick guide to fix issue with my “Keyboard shortcuts to close Chrome tabs” extension

Symptom

Unable to use the shortcuts anymore, or unable to open the Options page:

error message

Solution

Right click on Chrome menu bar > Manage extensions. Look for the name “Keyboard shortcut to close Chrome tabs” (yes, I could choose a shorter name), make sure it is not corrupted. Here is an example of a corrupted extension:

file

If it is corrupted, click the Repair button. Expected to see:
file

Now reload Chrome and retry.


Root cause

An error while Chrome was trying to restore your profile settings, or a corrupted file system might cause this issue. In my case, it was when I switched from my Mac to my Windows machines, Chrome failed to restore all the installed extensions.

  •  
  •  
  •  
  •  
  •  

Speed of trust

OK, let’s try this game in 1 minute:

“Can you think of three people whom you trust deeply?”

OK, good. In the next 2 minutes, can you tell me the common qualities and characteristics? Why are they trustworthy and reliable to you?

Done? Great, let’s see do we have anything in common – to me, here are some common traits of trustable people:


1. Talk straight, no hidden agenda.

They are honest, they tell the truth. They demonstrate integrity and tell the facts, mean what they say and say what they mean.


2. Be loyal

They stay with you in hardship as well as in prosperity. Nothing can change the value of their friendship. They have friends whom they know they can call at 2 AM.


3. Be positive – right the wrongs

They don’t hide mistakes. They acknowledge, accept their mistakes and offer correction asap. They do the same to others’ mistakes.


4. Respect others

They genuinely care for others. Material value means little to them – they respond to other people by characters and core values, not on appearances, wealthiness, or social status. They don’t judge quickly.


5. Deliver results

They can be high-achievers and mountain movers, or just someone who keeps their promises. You know when they say they’ll make it, they’ll make it despise circumstances.


6. Strive to be better

They never sleep on their laurels. They never stop to be a better version of themselves tomorrow, and they encourage others to be the same with their infectious energy.


7. Challenge status quo

They have little respect for status quo. Not so much for dogma and social norms either. They always have a healthy dosage of curiosity. They are the square peg in the round hole.


8. Crystal clear expectation

They state exactly what their expectations are. They discuss, renegotiate, and validate these expectations. They don’t assume.


9. Hold themselves and other accountable

They practice strong accountability and they expect the same from you. They will not forgive themselves easily for irresponsibity.


10. Listen first

A lot of us listen with the intention to respond. They listen with the intention to understand.


11. Open-mindedness

Enough said, with all of the strong characters – they are great listeners. They extend their trust network, they welcome you to the circle, they accept differences knowing these are essentials for the greater of good.

This is by no mean a complete list, what do you have in mind?

  •  
  •  
  •  
  •  
  •  

Building stronger connection

Fast Friends exercise

Today at Stanford GSB, I did an interesting exercise developed by Arthur Aaron at Harvard University almost 30 years ago.

In this exercise, you work with a chosen partner, each of you takes turns to ask and answer questions. Each person must answer each question before proceeding to the next. Try to get as many as you can within 15 minutes.

After the exercise, in just less than half an hour, suddenly complete strangers can build closeness toward the other, a connection that we didn’t have before.

10 questions to ask

  1. Given the choice of anyone in the world, whom would you want as a dinner guest
  2. Would you like to be famous? In what way?
  3. What would constitute a “perfect” day for you?
  4. If a crystal ball could tell you the truth about yourself, your life, the future, or anything else, what would you want to know?
  5. What do you value most in friendship?
  6. What is your most treasured memory?
  7. When did you last sing to yourself? To someone else?
  8. If you could wake up tomorrow having gained any one quality or ability, what would it be?
  9. If you knew that in one year you would die suddenly, would you change anything about the way you are now living? Why?
  10. Your house, containing everything you own, catches fire. After saving your loved ones and pets, you have time to safely make a final dash to save any one item. What would it be? Why?

The exercise left me to wonder: how could it happen? How did complete strangers get together and build up a rapport so effectively? What do you think?

  •  
  •  
  •  
  •  
  •