great resources for improve yourself

The Playlists that were shared:

  1. A great TED playlist on working smarter.
  2. A video playlist on how we make choices
  3. Stories of inspiration
  4. Art of Story Telling
  5. How to kickstart creativity

The list of books that were shared:

Best books on Business, Management and Entrepreneurship
Start with the basics: 10 Must Reads: The Essentials

Innovation & Entrepreneurship

  1. Blue Ocean Strategy – This is a classic when it comes to creating completely new markets. Amazing.
  2. The Innovator’s Dilemma – A great book on innovation.
  3. Rich Dad Poor Dad – A simple to read book on the importance of entrepreneurship
  4. Who Moved My Cheese? – A very simple book on dealing with change as managers.
  5. The Lean Startup: How Today’s Entrepreneurs Use Continuous Innovation to Create Radically Successful Businesses – Start learning the tools to start quickly.
  6. The Four Steps to the Epiphany – This book works well with the Lean Startup idea


  1. Thinking, Fast and Slow – A Nobel winning classic on mind and behavior
  2. Predictably Irrational – Another classic on how irrational our human mind is when it comes to our choices
  3. The Power of Thinking Without Thinking – Blink is a great book on how people make decisons.
  4. Irrational Exuberance – Robert’s Shiller’s classic on the dotcom bubble


  1. A Random Walk Down Wall Street: The Time-Tested Strategy for Successful Investing – A great book to emphasize the importance of prudent usage of index funds as your main method for investing.
  2. Fooled by Randomness: The Hidden Role of Chance in Life and in the Markets – A Taleb’s classic on the importance of luck.
  3. The Black Swan – Taleb’s landmark work
  4. The Intelligent Investor – A hard to read investment classic that inspired guys like Warren Buffett.
  5. When Genius Failed: The Rise and Fall of Long-Term Capital Management – A story of what happens when you let quants run the funds.
  6. Barbarians at the Gate: The Fall of RJR Nabisco – On Mergers and Acqusitions


  1. Made to Stick – A marketing/branding classic on how to make ideas stick
  2. Presentation Zen: Simple Ideas on Presentation Design and Delivery - if you are a powerpoint presenter, read this.
  3. Influence
  4. Good to Great: Why Some Companies Make the Leap…And Others Don’t- What makes great companies stand out from good companies?


  1. Getting Things Done – A classic that has spawned a whole movement.
  2. The 7 Habits of Highly Effective People: Powerful Lessons in Personal Change - A king of self-help books
  3. The Power of Habit: Why We Do What We Do in Life and Business -
  4. Nudge: Improving Decisions About Health, Wealth, and Happiness -


  1. Freakonomics – A classic on popular economics.
  2. SuperFreakonomics
  3. The Undercover Economist,
  4. The Tipping Point: How Little Things Can Make a Big Difference - Malcolm Gladwell has a way of explaining even the most drab concepts in a very interesting way
  5. The Great Crash of 1929 – Understand the Great Depression.

11 Skills You Need To Master

Google is the most desirable employer on Earth.

Engineers are the rock stars there — and they’re paid accordingly.

Interns start at $70,000 to $90,000 salaries, while software engineers pull in $118,000 and senior software engineers make an average of $152,985.

But one does not simply walk into the Googleplex.

The company receives upwards of 2.5 million job applications a year, but only hires about 4,000 people.

Thankfully for would-be Googlers, the Google in Education team has released a list of skills that they want to see in potential engineers.

“Having a solid foundation in Computer Science is important in being a successful Software Engineer,” the company says. “This guide is a suggested path for University students to develop their technical skills academically and non-academically through self-paced, hands-on learning.”

Here are the skills Google wants its tech talent to master, complete with online resources to get you started:

1. Mastering the foundation. You have to be able to get through an introduction to CS course, like the ones from Udacity or Coursera 

2. Learn to code in at least one object-oriented programming language. Like C++, Java, or Python. Consult MIT or Udacity.

3. Learn other programming languages. Add Java Script, CSS, Ruby, and HTML to your skillset. W3school and CodeAcademy are there to help.

4. Test your code. Because Google wants you to be able to “catch bugs, create tests, and break your software.” Udacity, once again.

5. Have some background in abstract math. Like logical reasoning and discrete math, which lots of computer science draws on. MIT can help you with mathematics for computer science.

6. Understand algorithms and data structures. Google wants you to learn about fundamental data types like stacks, queues, and bags, as well as grasp sorting algorithms like quicksort, mergesort, and heapsort. MIT provides the recommended online resources, and the book “The Algorithm Design Manual” is super helpful, too.

7. Get to know operating systems. Because they’ll be where you do much of your work. The University of California, Berkeley, provides a primer.

8. Become familiar with artificial intelligence. Google loves robots. Stanford has the knowledge.

9. Learn how to build compilers. Stanford says that when you do that, “you will learn how a program written in a high-level language designed for humans is systematically translated into a program written in low-level assembly more suited to machines.” Head to Coursera for the learning.

10. Learn cryptography. Because cybersecurity is crucial. Coursera and Udacity provide courses.

11. Learn parallel programming. Because being able to carry out tons of computations at the same time is super powerful. The University of Illinois can help you out.

But Google doesn’t just look at skills in its select candidates — the search giant seeks specific personality qualities, too.


Great online tools for startups

My list is not exhaustive but it should capture a good chunk of the tools needed to build your own (software or web) startup. It’s really remarkable how much of the process is modularized and commoditized these days. The old programmer’s adage “don’t reinvent the wheel” has been applied on a mass-scale to the entire startup ecosystem and this list is a testament to that.

Before you continue, check out Leanstack, a service that helps developers find and stay up to date with new developer services. It lets you view services by what other startups use (“cloudstacks”) or through categories (“clusters”).


balsamiq (wireframing mockups):

MockFlow (design UI workflows):

Software/Web Development

Meteor (web dev tool): (cloud development platform):

Foundation (frontend frameworks):

Coderbuddy (Google App Engine dev made easy):

DivShot (web app interface builder):

Rescue.js (web app bug-finder): (in-browser web dev tool):

Yottaa (web performance as a service):

Mobile Development (A/B testing for mobile apps made easy):

Urban Airship (push notifications):

Parse (mobile dev made easy):

Back-end / Cloud Infrastructure

Backlift (back-ends made easy):

Fastly (CDN’s made easy):

RightScale (cloud management):

Scalr (cloud management):

Eucalyptus (cloud inf.):

Firebase (scalable back-end for web apps):

TightDB (databases made easy):

MemSQL (performance databases made easy): MemSQL

MongoHQ (database hosting made easy): Run your Hosted Database with Us (file system as a service): – Dead Simple Uploads for Web and Mobile

Non-Startup Cloud Platforms (The Big Boys):

Amazon Web Services:

Google App Engine:…

Google Compute Engine:…


Microsoft Windows Azure:

Rackspace (cloud everything):

Heroku (cloud everything):

Web App Modules

Unbounce (landing page management):

LaunchRock (landing pages made easy):

GoInstant (co-browsing module):

Kera (in-app tutorials made easy): (avatars made easy):

DailyCred (social authentication module made easy):

Janrain (social authentication, user management):

Stormpath (user management):

Searchify (search-as-a-service):

Swiftype (search-as-a-service):

Elasticsearch (search-as-a-service):

Mashape (Cloud API marketplace):

Authy (two-factor authentication module):

DuoSecuity (two-factor competitor):


Stripe (payments for devs):

Dwolla (transactions made easy):

Braintree (payments for debs made easy, another Stripe):

Analytics / DataViz

Chartbeat (analytics/data made easy):

KISSmetrics (analytics made easy):

Leftronic (analytics dashboard):

Reportgrid (dataviz made easy):…

HeatData (website heat maps):

GoSquared (analytics):

Customer Communication (Email, support, etc)

SendGrid (mass-email in the cloud):

MailChimp (email marketing made easy):

CampaignMonitor (email newsletters made easy):

Get Satisfaction (customer support made easy):

ZenDesk (customer support made easy):

Big Data

Factual (data-as-a-service):

Platfora (Hadoop-as-a-service):

Datameer (data-as-a-service):

Infochimps (Big Data analytics for enterprise):

BrightContext (data as a service):

Running the Office

Resumator (make hiring easy):

Expensify (expense reports made easy):

PagerDuty (IT management made easy):

Twilio (telephone in the cloud):

42Floors (office space made easy):

Competitive Intelligence


TechCrunch CrunchBase:

VentureBeat Profiles:


EasyPost (postage for developers):

Keynotopia (presentations and pitches made easy):

Lastly, for more business-to-developer solutions, see this Quora board:Startups for Startups – Services to Use. Also, Ashley‘s suggested list is really comprehensive–though you won’t find some of these links on there:startuptools

UPDATE: This Hacker News page features some great lists: Ask HN: Tools of the trade, 2013 edition

UPDATE 2: Credit to Nathan Ketsdever for his suggestions:


PMP vs Agile which certification is best

Opm-certificationsn my post about the pros and cons of PMP certification, project managers (and wannabe project managers) often ask me: Which certification is best, PMP, or ScrumMaster (Agile) Certification?

I myself am both PMP and ScrumMaster Certified, and the short answer that I give is that I believe they are both worth getting. If you’re going to be managing projects for a wide variety of companies and clients, it’s in your best interest to know and understand a wide variety of project management frameworks that you can apply in different situations. I’ve worked on projects suited to Agile methodologies, projects suited to waterfall methodologies, and projects that have benefited from a combination of different approaches. The deeper your knowledge of different approaches, the better you and your team will be suited to tackle a wide range of problems.

That said, it can’t hurt for me to explain a little bit about the differences between the two approaches, and take a closer look at some of the trends in the popularity of each framework.

Waterfall vs Agile methodologies

PMI’s framework is based on a waterfall methodology, while the ScrumMaster Certification is based on Agile. Both of these methodologies comprise very different approaches to software development.

Here’s a short summary of some key differences between waterfall and Agile methodologies:

Waterfall methodologies

  • Waterfall methodologies feature distinct planning, development, and testing phases
  • Software development projects are heavily planned during the planning stage, where little to no code is completed
  • During the build (development, or execution) phase, the product of the project is built
  • Any changes to product design are normally handled by change requests to the original project plan
  • After the build phase is completed, products are tested during a comprehensive testing phase. Clients (or customers) do not normally receive the finished product until all work on the project has been completed and delivered

Agile methodologies

  • Agile methodologies feature iterative development phases
  • Product features are gathered and prioritized in a backlog of features
  • Scrum teams take on development of product features during sprints, where they are designed, constructed, and tested – normally during a two-week period
  • After the sprint, features emerge as deliverable product
  • Clients are presented completed features from an individual sprint during a sprint demo
  • Product changes may not take place during sprints, but they are accepted at any other time, so products are constructed organically

the tale of trends

So which framework is more popular, and which one should you consider getting certified in?

Let’s take a look at the tale of the trends, thanks to Google Trends. This is not the most scientific approach to be sure, but looking at Google Trends is an easy way to see what people are interested in over time.

PMP vs Agile

First, let’s compare the general search terms “PMP” and “Agile”.



Click to enlarge the graphic. Here you can see that searches for PMP appear to have peaked at some point in 2008, and have recently declined. Meanwhile, searches for Agile, while spiking in late 2009, are generally trending upwards.

Note that this does comparison not take into account that people might be searching for PMP or Agile for reasons other than interest in project management methodologies – but I still found this chart quite interesting.

PMP Certification vs ScrumMaster


Click to enlarge the graphic. You can see here that while ScrumMaster searches are trending upward, there are many more searches for PMP Certification. And I wouldn’t say that searches for ScrumMaster are skyrocketing – they appear to be relatively level. One interesting search that you might try yourself is a search comparing “ScrumMaster” and “PMI-ACP”, PMI’s own, and relatively new, Agile certification. I’d be glad to hear your opinions on that comparison in the comments section of this post.

Which project management certification is the best

It does seem to me that interest in PMP certification is level, or perhaps even waning, while interest in Agile methodologies is growing – though interest in the most popular Agile certification, Certified ScrumMaster, does not appear to be “taking off” as much as I had originally thought it might be. Remember, this is a very simple analysis using Google Trends, so I may be way off the mark here – please be sure to tell me if I am! I’d be interested in seeing any data or opinions contrary to what I’ve explored here. I should note that I have noticed that PMP certification appears to be growing in popularity in India… I get a lot of questions from Indian professionals, especially software engineers and test engineers, who are interested in becoming project managers and getting PMP certified.

I still haven’t answered the question “which certification is best”… a lot of factors go into making this decision, and it turns out that one certification may be best for some, while the other certification may be better for others. It seems to me that PMP certification is more powerful if you’re interested in applying for a job as a project manager – many recruitersrequire PMP certification of their project managers – while Agile certification is important if you’re working for an iterative software development shop, or want to learn about a methodology that is slowly but steadily gaining in popularity. In my opinion, Agile methodologies will see even more recognition in the future while interest in waterfall methodologies will continue to wane.

As I mentioned above, I personally recommend getting both credentials. In fact, I make it my own mission to continue to improve myself both personally and professionally however I can, whenever I can, and education is one of the surest ways of doing this. Whichever path you choose to pursue, best of luck to you!


Grails Authentication With Shiro

Shiro is a security framework that is meant to make life easier. The goal of it is to allow the developer to performauthentication, authorization, cryptography and session management. After reading over the 10 minute tutorial, I trust that it is an excellent option to use in my Grails application. It should be also noted that the website also uses Shiro for all authentication.


compile ":shiro:1.2.1"



it will create


package shiro

 * Generated by the Shiro plugin. This filters class protects all URLs
 * via access control by convention.
class securitySecurityFilters {
    def filters = {
        all(uri: "/**") {
            before = {
                // Ignore direct views (e.g. the default main index page).
                if (!controllerName) return true

                // Access control by convention.

you could edit it to

class securitySecurityFilters {

     * Array of controller/action combinations which will be skipped from authentication
     * if the controller and action names match. The action value can also be '*' if it
     * encompasses all actions within the controller.
    static nonAuthenticatedActions = [
            [controller: 'home', action: 'index']

     * Array of controller/action combinations that will be authenticated against the user's
     * role. The map also includes the roles which the controller/action pair will match
     * against.
    static authenticatedActions = [
            [controller: 'home', action: 'secured', roles: ['ROLE_ADMIN', 'ROLE_USER']],
            [controller: 'home', action: 'admin', roles: ['ROLE_ADMIN']]

    def filters = {

        all(controller: '*', action: '*') {
            before = {

                // Determine if the controller/action belongs is not to be authenticated
                def needsAuth = !nonAuthenticatedActions.find {
                    (it.controller == controllerName) &&
                            ((it.action == '*') || (it.action == actionName))

                if (needsAuth) {

                    // Get the map within the authenticated actions which pertain to the current
                    // controller and view.
                    def authRoles = authenticatedActions.find {
                        (it.controller == controllerName) &&
                                ((it.action == '*') || (it.action == actionName))

                    if (authRoles) {

                        // Perform the access control for each of the roles provided in the authRoles
                        accessControl {
                            authRoles.roles.each { roleName ->

                    // Skip authentication if the authRoles was not found
                    else {
                        return true

                // Skip authentication if no auth is needed
                else {
                    return true


Update your Config.groovy

security {
    shiro {
        filter.config = """\
                        shiro.loginUrl = /auth/login
                        rg = AnyOfRolesAuthorizationFilter

                        ROLE_ADMIN = *

                        /admin/** = authc, rg["ADMIN,USER"]
                        /guest/ = anon
                        /guest/sec = authc, rg["USER"]

update your resources.groovy

import org.apache.shiro.authc.credential.Sha512CredentialsMatcher

// Place your Spring DSL code here
beans = {
    credentialMatcher(Sha512CredentialsMatcher) {
        storedCredentialsHexEncoded = true

initialize Bootstrap

import org.apache.shiro.crypto.hash.Sha512Hash

class BootStrap {

    def init = { servletContext ->
        def roleUser = new ShiroRole(name:'USER')
//        roleUser.addToPermissions('auth:*')
//        roleUser.addToPermissions('home:sec'), failOnError: true)

        def roleAdmin = new ShiroRole(name:'ADMIN')
//        roleAdmin.addToPermissions('auth:*')
//        roleAdmin.addToPermissions('admin:*'), failOnError: true)

        def user = new ShiroUser(username: "user", passwordHash: new Sha512Hash("123").toHex())
        user.addToRoles(roleUser), failOnError: true)

        def admin = new ShiroUser(username: "admin", passwordHash: new Sha512Hash("123").toHex())
        admin.addToRoles(roleAdmin), failOnError: true)
    def destroy = {

Add AnyOfRolesAuthorizationFilter Class

public class AnyOfRolesAuthorizationFilter extends RolesAuthorizationFilter {

    public boolean isAccessAllowed(ServletRequest request, ServletResponse response,
                                   Object mappedValue) throws IOException {

        final Subject subject = getSubject(request, response);
        final String[] rolesArray = (String[]) mappedValue;

        if (rolesArray == null || rolesArray.length == 0) {
            //no roles specified, so nothing to check - allow access.
            return true;

        for (String roleName : rolesArray) {
            if (subject.hasRole(roleName)) {
                return true;

        return false;