Signal v. Noise

People tend to look for mentors who are too far afield. A mentor who’s 20 or 30 years on in their career. I think this is misguided.

I think most are far better off seeking mentorship from someone who’s just a little bit ahead of them. Someone who’s a year or so in front. Someone who just went through what you’re going through, not someone who went through it a decade ago.

So if you’re starting a brand new business, talk to someone who started theirs a year ago. Or if you’re about to sign your first office lease, talk to someone who just signed theirs. Or if you’re about to hire your first employee, get advice from someone with a two-person company, not 200. I think there’s a good chance the advice will be more helpful.

That’s not to say you can’t learn from an expert in their field, or that you shouldn’t trust anyone who’s been there done that years ago, but that I believe most of your advice should be relevant advice. And relevancy benefits from recency. Memories fade and myths form over time – the closer someone is to the actual events you’re asking them about, the more relevant the advice has a chance to be.

Yes, history has much to teach us, but history also has much to trick us. Last week is a better predictor of this week than last decade would be.

Becoming a new manager isn’t merely a change in what you do — it’s a change in how you think.

Becoming a manager for the first time is deceptively difficult.

No matter how many leadership books you’ve read or conversations you’ve had with mentors — the transition to becoming a manager is precarious.

Talk to any leader, and they’ll affirm this. “I was a terrible manager when I first started,” most will say. Myself included!

Keep reading “The mindset shift of a manager”

Yesterday, February 5th, was Basecamp‘s 15th birthday. As a company we’ve been around for 20 years (we used to be called 37signals), but one random Thursday back in 2004 marked the beginning of Basecamp, the product.

And we launched it right here in this post on this very blog, Signal vs. Noise. The blog looked a lot different then, but the spirit’s the same. And here’s a link to the original home page, as well.

The comments are especially interesting to read after all these years. They give you insight into what a launch is like – uncertainty, “I needs” and immediate feature requests, doubt, praise, questions, etc. Every launch is a mixed bag of emotions and opinions. Ours, potential customers, lovers, haters, etc. But that’s what makes it exciting! No one really knows what’s going to happen. Launch day is the easiest day you’ll ever have – it only gets harder from there on out.

There are so many people to thank. Our 100,000 paying customers, our incredible crew who’ve put in over a million collective hours developing the product, supporting our customers, and keeping the machine humming. It’s truly a continued honor to get to work with such bright, interesting, talented, thoughtful, and kind human beings.

But let’s also recognize that we have luck and fortuitous timing to thank. They are a large part of our success. I didn’t used to think luck played a part. I didn’t believe in timing. It’s easy for your ego to dismiss those things as something you didn’t need because you’re so fucking good. Probably not. Of course I was younger and dumber back then. I’ve since learned that luck and timing play an outsized role in anyone’s success. No need to hide from that. It doesn’t make you less of a person, or less of an entrepreneur, to admit you rode the wave of luck.

So, here’s to continued luck! Let’s make it another 15, 20, 25! Thank you everyone.

Psst: We’re hoping luck and timing come together again later this year.

A great thing about the Home screen in Basecamp 3 is that your drafts, bookmarks, and assignments are all easily accessible. Load up Home, click a link, and see all of your assignments or your drafts in one place.

There’s just one problem with this approach: You have to leave whatever you’re doing to get to these links. We wanted to make it easier to find and access these “My…” links, and now you can!

Always available

Inspired by our mobile apps, we’ve removed these links from Home and added a dedicated menu called “My Stuff.” Now, no matter where you are, you can access your important links:

Open the menu and you’ll see your links up top plus a small collection of pages you’ve recently visited inside Basecamp:

Keyboard navigation

While we were building this new menu, we found it so useful that we wanted to use it without taking our hands off the keyboard. Just like the Find menu, we’ve added a keyboard shortcut to open My Stuff:

My Stuff: ⌘/Ctrl + ;
Find: ⌘/Ctrl + /

Once open, you can use your up & down arrows to navigate the links. Choose the link you want and hit Enter to visit that page — no mouse required!

Give it a try!

We hope this update makes it easier to access things like your unpublished drafts, assignments, and Boosts. Let us know what you think!

Thanks again for being a Basecamp customer.

Everybody knows that perfect is the enemy of good, but it’s one of those tenets that’s easy to say and hard to live by. When you’re working on a creative project, there’s almost always something you wanted to do better, or some little detail that didn’t quite live up to your standards. That can be tough to accept.

This is why thoughtful project scoping and timeboxing is so important: if you don’t have a structured process and an end date for your work, you’ll be more likely to wander out into the perfectionist weeds. The farther out you get, the more time you’ve spent—mostly for diminishing returns.

At Basecamp, we protect ourselves against these problems by carefully scoping our projects and scheduling them in 6-week increments. This forces us to keep a regular cadence of shipping new things. Along the way, we have to make tough calls, and give up on always being perfect.

But even with that system in place, there’s still another tricky aspect of perfectionism: what perfect means for one project doesn’t necessarily apply in the same way to another. You have to redefine your standards every time.

Here’s an example.

Keep reading “The right amount of perfect”

The 5 reasons why people tend to micromanage in the workplace – and how to manage up, and around them.

I’ve heard the phrase, “I have a micromanaging boss,” more times than I can remember.

I heard it again, just last week. This person asked me, “What do I do? Is there anything I can say to a micromanager? How do I manage up?”

Here’s what I recommended to him…

Keep reading “How to deal with a micromanaging boss”

Yesterday at 12:45pm central time, our ops team detected a dramatic spike in login requests to Basecamp. More than 30,000 login attempts were made in the hour that followed from a wide array of IP addresses. Our first line of defense was to block the offending addresses, but ultimately we needed to enable captcha to stop the attack.

After the attack was over, we diagnosed that 124 accounts had unauthorized access from the attack. We immediately reset the password for these accounts, logging out any intruders, and emailed the affected account holders with all the relevant information.

All of the unauthorized access was gained using the correct username and password for the account. It’s highly likely that these credentials were obtained from one of the big breaches, like those collected in combos like Collection #1, Anti Public, or Exploit.in. All the affected accounts showed as “owned” on haveibeenpwned.com.

Our preliminary investigation shows that none of the unauthorized access actually performed any actions within the accounts. It seemed like the attack focused on first validating which accounts were vulnerable, perhaps with a plan to later exploit these vulnerable accounts. Thankfully we were able to detect and stop the attack very quickly, and also ensure that any intruders were prevented further access.

Never the less, this is a serious reminder that you should never share the same password between multiple services. Particularly services such as Basecamp that may contain sensitive information. Here’s what we recommend you do to stay safe:

1.) Use a password manager to ensure you’re using different, secure passwords on every service you use. Then if one service is breached, you don’t have to worry about the rest. We use 1Password at Basecamp and recommend it.

2.) Subscribe to a breach notification service, like the one offered by haveibeenpwned.com. Then you’ll be alerted if your credentials are part of hack known to the public.

3.) Turn on two-factor authentication (2FA) wherever you can! We offer 2FA protection for Basecamp using Google Sign-In. Most services that deal with sensitive information offer 2FA these days. It’s especially important that you enable this for critical services, like your email address.

Our ops team will continue to monitor and fight any future attacks. They did an excellent job detecting and addressing this particular attack. But if someone has your username and password, and you don’t have 2FA protection, there are limits to how effective this protection can be.

Protecting yourself against attacks like this is important. Take the time to learn the basics, and take the steps outlined above to limit the risk.

Update: On January 31st, the mass-attack resumed in much greater strength than before. More than 5,000 IP addresses were used to test stolen credentials. 89 proven correct, but no content was accessed on these accounts, and we followed the same procedure of resetting all logins and writing the people affected. We’ve since beefed up our CAPTCHA protection across all applications and all clients, which has been effective at stopping the attack. CAPTCHA isn’t perfect, and some times it’s annoying, but it has provided effective protection against this wave of attack. We continue to work on shoring up defenses, but do follow the steps outlined above to protect yourself!

Since our company is itself our most important product, we keep tweaking, experimenting, and – hopefully! – improving the organizational software that makes it run.

Here’s an example of how we refine our process at Basecamp:

That change then got codified as an update to our How We Work guide in the Basecamp Employee Handbook.

We received over 700 applications to the opening for a data analyst at Basecamp last Fall. There were a lot of qualified candidates, but in the end it was Jane Yang who bubbled to the top, and this month we were thrilled to welcome her to the team.

It’s probably not a big secret that we don’t hire often at Basecamp. In fact, we have zero open positions at the moment, and we’re still happy with our self-imposed hiring freeze too. So when we do hire someone, it’s kinda a big deal for us.

That’s also why we’ve put such a dedicated effort into attracting a much broader pool of applicants than we did in the early years of the company. When people of different backgrounds and perspectives work together, we make better decisions and better software.

Jane’s background for the last several years has been in the non-profit sector, doing strategy & research at One Acre Fund and analytics at IFF. She worked for many years in Nairobi, Kenya, but has now returned to the US. Before that, she worked at Deloitte Consulting and graduated from Princeton.

This is a perfect background for us as we’re getting more serious about charity at Basecamp recently. In addition to matching employee donations, we’re also working on a project inspired by Patagonia’s 1% for the Planet pledge. Jane brings a lot of experience from the non-profit world to give us another boost on that account.

Because, as we wrote in the job opening, running the numbers at Basecamp, as Jane will be doing, is not about squeezing every metric until it squeals more, more, MORE. Data informs us, educates us, but it does not run us. We make decisions at Basecamp on a much broader base than just “shareholder value”.

We already have enough. We’re not chasing exponential growth. There’s no quest to dominate, capture, or own everything and everyone. Data analysis is here to help us get better, wiser, kinder. Not greedier, not more extractive.

With all that: Welcome Jane!

The folks at Basecamp have been blogging since 1999, when Jason Fried would write by the light of a fire fueled by David Heinemeier Hansson’s savage indictments of the tech industry. A lot has changed since then (with the exception of DHH’s feelings about Silicon Valley). Basecamp’s blog, Signal v. Noise (the site you’re reading right now!), changed platforms a few times. And it just moved again, this time from Medium to WordPress. In this episode of the Rework podcast, Jason and designer Adam Stoddard talk about leaving Medium for WordPress, the blog’s new look, and keeping SvN fresh after all these years.