Make a map from your spreadsheet

Looking for an easy way to work with location data or make a map from a spreadsheet? My latest project, GeoSheets is a free Google Spreadsheets add-on that I built with a couple friends.

Geosheets lets you quickly and easily work with location data in a spreadsheet and do things like:

  • Geocode addresses
  • Look up metadata for an address (like the neighborhood or region)
  • Normalize location-based data (convert “California” to “CA”, etc)
  • Plot a bunch of addresses on a map
  • Customize and share the map with your friends!

We spent a lot of time making sure it was simple to use and creating your first map is as easy as:

=GEO_MAP(A1:A5, “map”)

Check out some examples or documentation and try it out for yourself.


Exporting Robinhood investments to CSV

I recently discovered Robinhood. It’s a mobile trading platform that let’s you invest in the stock market without paying any trading fees. I can’t shake the feeling that 0-fee trading is going to be one of those game-changes that creates a whole range of new applications that weren’t possible before. Quantopian is an early example, but I bet there will be more.

Robinhood is currently only available on mobile and it doesn’t have any of the charts and graphs you would find on any other trading platform. Here’s a little python script I cooked up that will let you export your Robinhood trades to a .csv file you can import into Google Finance or whatever tool you use to track your investments.

Before running this code, make sure you have git, python & pip installed on your computer.

View the code on Github or if you trust me, open your terminal and run the following commands:

git clone
cd robinhood-to-csv
pip install -r requirements.txt

The script will request your credentials then prompt you for a filename like this:

Robinhood username:
1 queued trade and 11 executed trades found in your account.
Choose a filename or press enter to save to `robinhood.csv`:

Can’t remember which social login method you used?

Once upon a time we used usernames and passwords to sign into websites. Unless you used multiple email addresses, your password was the single piece of information you had to remember. With password services like LastPass and 1Password, you didn’t have to remember anything.

But then sites started offering social login via Facebook, Twitter, Google, LinkedIn, Amazon, Github, Yahoo, Instagram and a whole host of other authentication options. Oops, you have accounts on all of those services. You can’t remember which one you used to sign up. Maybe you guess wrong and end up with two separate accounts that you can’t figure out how to merge. Ever been there? You’re not alone.

I dug into some real data from a company I worked with that offers multiple login options. For each 1,000 legitimate login attempts, there were 531 successful logins and 112 password resets. In other words, people were having a far harder time signing in than I would have imagined. If you run your own site, I recommend you look at your own data. My guess is you’ll be as surprised as I was at how few login attempts are successful.

If your site offers multiple login options, there’s an easy way you can remove this pain and increase your site usage. Set a cookie that remembers which authentication method was used to create their account along with any services that have been linked. Then use that data to highlight the options that can actually be used to sign in and hide everything else.


Fresh paint

I just pushed a new design for this site. Despite my infrequent posting, I’m still getting decent traffic every day from Google. The makeover was long overdue as the previous design from 2007 was starting to feel quite dated.

My goal was to design something that felt more modern and works better on mobile. Clean and simple. Focus on the content. I’m still running on WordPress, but I hacked up a new theme that uses Twitter Bootstrap to make it responsive and the Lato font to make it pretty.

I’ve switched the comments over to Facebook. Requiring commenters to use their real identity is the best way I know to deal with spam. I can’t import old comments into Facebook, so I’ll be using Disqus for historical posts.



Want to be more disciplined?

I love this quote from the founder of Dropbox, Drew Houston:

The hardest-working people don’t work hard because they’re disciplined. They work hard because working on an exciting problem is fun.

Want to be more disciplined? How about finding something you truly care about instead?



I’ve written before about the injustice of our prison system in the United States. I continue to be horrified by the racism and unfairness shown in the enforcement of our laws. The deprivation of anyone’s liberty is not something that should be taken lightly, and certainly never for the sake of financial gain. It should go without saying, but neither should rape ever be the punchline of a joke.

I’ve been really impressed with John Oliver’s Last Week Tonight. He’s hilarious, but more importantly, he’s not scared to tackle hard but important issues head on. This episode about prison is no exception.


Introducing my latest startup, Forage

I’ve always hated going to the grocery store. It’s such a pain to figure out what to make, how to get to the store and then find everything I need. I’m sick of throwing away food that I don’t eat in time. And why do I need to buy a $8 container of cumin when I only need 1 tsp!?!

I’m stoked to finally share what I’ve been working on for the last few months. Today we’re launching Forage — delicious meals that you can cook at home in 20 mins or less. All the ingredients are pre-measured so you can explore new types of dishes without all the waste.

I’d love to have you check it out. If nothing else, sign up to take advantage of some free food!


Inalienable rights

When I visited Hiroshima and the Peace museum there, I was blown away by the forgiveness exhibited by the Japanese people. Walking around that museum was one of the most moving experiences of my life. We called it the “cry museum”. There’s something wrong with you if you can walk through that museum without shedding a tear. The museum is a memorial for the atomic bomb victims and it shows the price of war in a very up-close and uncomfortable way.

Today I stumbled on this TED talk by George Takei on Why I love a country that once betrayed me:

Once again, I found myself blown away by the unbelievable amount of forgiveness by the Japanese people.

I was also reminded of how much I appreciate the ideals on which the United States was founded — the idea that all people are created equal. The idea that all people have an inalienable right to life, liberty and the pursuit of happiness.

Today there are countless examples of inequality in our country. It’s so easy to be discouraged. Takei’s story is certainly a solemn reminder of how easily we can slip away from these founding principles. Bono likes to talk about the “blind spots of our age”. We look back on the injustice we displayed to Japanese Americans with horror and disgrace. What are the things we’re accepting today that history will judge us for?

Those inalienable right are still worth defending.


The security hole I found on

I found a security hole on Amazon last August. While looking at their HTTP headers, I happened to notice that the entire domain was susceptible to clickjacking attacks. If I could trick you into clicking anywhere on a webpage I controlled, I could get you to buy any product that’s available for sale on Amazon. By the way, that includes any fake products that I added to Amazon myself. For the hack to work, you needed to be signed into your Amazon account and have one-click purchasing turned on. I created a working proof-of-concept that looked like this:


Clicking either button caused an instant purchase of the movie Click (get it?). I resisted the temptation to use the exploit to send myself a million dollars worth of free Amazon gift cards, and instead responsibly disclosed it to the Amazon security team. It took them months to fix it, but the security hole has finally been closed using the x-frame-options header that I recommended.

This hack is classic clickjacking. I created a transparent iframe containing a product page on that had been carefully positioned so when you think you’re clicking on my page, you’re actually clicking the “Buy now” button on their site instead. Here’s the code for the no longer working proof of concept.


Habits > Willpower

In the book The Willpower Instinct, Kelly McGonigal explains how your willpower is just like any other muscle. It gets tired. If you’re relying on your willpower to make the changes you want in your life, you’re likely going to fail. In the book Foodist, Darya Rose talks about the secret to eating better and the answer is not to go on another diet. It’s to build positive eating habits into your life. Positive habits beat willpower every time.

They say it takes 21 days to build a new habit.

It’s never to late to start building new habits into your life. I’m ashamed to say this, but it wasn’t until last year that I started flossing daily. Now it’s a daily routine for me. This month, I started doing the 7-min workout every morning. Now I roll out of bed and start doing jumping jacks. 7 minutes isn’t much, but that’s kinda the point. Overcoming inertia is the hard part. If you can’t find 7 minutes a day, it’s time you loosen up your schedule.

And there are plenty of tricks to help you get started. I found I was happiest when I biked to work instead of sitting in traffic and dealing with parking tickets. So I sold my car and treated my bike to a tune-up from the Bike Doctor (highly recommended service by the way).

I’m happier than I’ve been in a long time. For me the secret has been as simple as being intentional about finding what makes me happy and then turning those things into daily habits.

 1 comment