DEV Community: Jon McCullough

Why Vivaldi will never create ThinkCoin

Jon McCullough — Thu, 13 Jan 2022 11:04:48 +0000

Some years ago, when cryptocurrencies weren’t talked about as much, we were considering announcing a parody cryptocurrency for April’s Fools. It would be called ThinkCoin, and the joke was that all the value associated with it was in the mind of the user, with no software to back it in the real world.

This was ridiculous, of course, playing on the idea that actual cryptocurrencies have no actual value either. This should tell you that we never thought seriously about entering that space. These days, however, with the incredible hype and attention that cryptocurrencies, and more recently NFTs, are currently getting, we couldn’t even go for such a joke, for fear that it would be taken seriously.

Since the discussion around cryptocurrencies has reached such an extreme, I think it is high time to clarify Vivaldi’s position.

Cryptocurrency – is it a revolution?

Cryptocurrency has been touted by many as a revolution in currency, the future of investment, and a breakthrough technology. But if you look beyond the hype, you’ll find nothing more than a pyramid scheme posing as currency.

It’s basically a digital commodity, though one without government backing or banking system support. Claiming to be the new digital currency of the internet, cryptocurrencies promise decentralization and freedom from governments.

Each cryptocurrency typically follows a certain recipe to ensure that the founders create a lot of wealth, a way to distribute the currency to give it legitimacy, and some story on how it is different from all the others.

But since cryptocurrencies are too volatile to be used as an actual currency, people treat it as a sort of investment scheme. The problem is that to extract actual money from the system you have to find someone willing to buy the tokens you are holding. And this is only likely to happen as long as they believe they will be able to sell them on to someone who’ll pay even more for them. And so on, and so on.

If at any point one stops being able to find people willing to buy those tokens on just the promise of them being worth more in the future, the whole scheme might well come crashing down, with the value of all tokens going to zero.

An environmental disaster

The energy consumption of cryptocurrency is another major concern. The energy usage of bitcoin alone is staggering, consuming as much electricity as some countries. And this is likely to keep increasing as the technology behind it does not and cannot scale in any reasonable way.

For obvious reasons, that sort of energy consumption isn’t good for the environment as the energy could clearly be spent better somewhere else. This is also true if it’s renewable energy since it could instead be used to displace fossil fuels in other applications.

While so many of us are trying our best to reduce our carbon footprints, it feels counterproductive to indulge in technology that undoes that hard work.

The entire crypto fantasy is designed to lure you into a system that is extremely inefficient, consumes vast amounts of energy, uses large amounts of hardware that could better be spent doing something else and will quite often result in the average person losing any money they might put into it.

Jon von Tetzchner

Where we stand

At the time of writing (January 2022), there are over 8,000 cryptocurrencies in existence. Compare this to the 180 actual currencies worldwide that can be used as legal tender.

The most baffling part of this cryptocurrency craze is that it’s still unclear if there is any viable use case or a meaningful way to value it. Without this, it is reduced to merely an overcomplicated slot machine for those with money to burn.

Yet, despite all the negatives, there will still be those who opt to participate. And for those who end up owning some crypto tokens that they’ll need to manage, the browser might seem a logical place to keep track of it all. Indeed, some of our competitors have done just that and now provide crypto-wallets in the browser.

Since Vivaldi is all about offering choices and customizability, you might expect us to include this functionality, as well. But in good conscience, we cannot.

The entire crypto fantasy is designed to lure you into a system that is extremely inefficient, consumes vast amounts of energy, uses large amounts of hardware that could better be spent doing something else and will quite often result in the average person losing any money they might put into it.

When you strip away the hype, these virtual currencies have very real repercussions for people, society, and the environment. By creating our own cryptocurrency or supporting cryptocurrency-related features in the browser, we would be helping our users to participate in what is at best a gamble and at worst a scam. It would be unethical, plain and simple.

We refuse to dress these scams up as opportunities. Instead, we encourage you to treat them with the skepticism they deserve. This may be a game for some curious crypto-investors and wealthy speculators, but for those unlucky enough to get caught out by the pyramid scheme, it could be devastating.

It’s just not worth it.

What are your thoughts on Vivaldi’s stance or cryptocurrencies in general? Let us know in the comments below.

An insight into security research and ethical hacking

Jon McCullough — Thu, 13 May 2021 08:22:33 +0000

Software testing is an important part of software production. Whether done by the developer, a dedicated team of testers, or an army of volunteers, well-tested software helps to ensure that the end-user does not end up facing potential problems caused by software malfunctions.

There are also external testers who, without being formally enrolled as a volunteer, can also choose to help with testing the software. They may want to improve a product that they use themselves, or just for the fun of it, or in the hopes of a reward. And then there are the security researchers and ethical hackers.

Ethical hacking is not a shady job

Ethical hacking, also known as penetration testing, is testing a website or service for security flaws, for the purpose of improving the security of that website or service. This is the same as how a security researcher might perform testing of a deliverable software product, such as a browser.

The term "ethical hacker", however, relates to the testing of websites and services, and is a subcategory of security research.

Websites and Internet services are made from big and complex pieces of software. It is common to have small mistakes in them. A small mistake normally is not a problem - a web page might show an error message instead of the correct contents - but sometimes a mistake gives a hacker a way to make the website or product reveal secret information, show misleading messages, give access to accounts, or divulge large amounts of data held on the website.

Website owners try to ensure that they do not include any mistakes that can be abused this way, but occasionally, an important mistake will be missed. An example would be a login form on a website that allows you to try an infinite number of passwords so that you can log into an account. Another more serious example would be an SQL or command injection that does not sanitize quotes in a query string and will end up treating it as part of an SQL command or shell command.

Learn more about how we rate security issues.

Software applications (apps) are also often complex, and similar mistakes can happen. An app may be made to crash, or parts of the app could show an error. But it might also be possible to make it show incorrect security information or fail to update a security field. It might be possible to make it run executable code controlled by an attacker, or divulge private data.

Ethical hacking is a far cry from hacking

The term "hacker" originally meant someone who could apply advanced modifications to their computer's software configuration to change the way it works. However, when people say "hacker", they usually mean a person who has worked out a way to bypass the security of a website or service. That hacker then steals the data or gains access to accounts, and perhaps they will then cause damage that costs the company large amounts of money to repair. They may use tools for this penetration testing, or they may test it manually.

In the end, a criminal hacker may sell the stolen data, or details of the security issue itself, to malicious organizations for large amounts of money. Or they may use the stolen information directly for extortion, demanding money from victims.

An ethical hacker - or security researcher - will not steal any data, or cause any damage. Instead, they will report this issue to the website owner or product vendor, so that the owner can fix it.

Many website owners hire people specifically to perform this kind of testing so that they can improve the security of the website. Some website owners will openly invite ethical hackers to test their websites for issues. Some owners do not like having their websites or services tested in this way, and maybe hostile towards a security researcher, even though the security researcher is really trying to help.

An ethical hacker or security researcher chooses the high road

Why does an ethical hacker or security researcher choose a high road? Because many big website or service owners offer financial rewards for researchers that find exploitable issues and report them responsibly. For a good security researcher, this can be enough to earn a living. Smaller companies that are unable to afford a large budget might offer other rewards, such as merchandise, or the chance to have the researcher's name written on their website on a "hall of fame" credits page.

Learn more about Vivaldi's Security Hall of Fame.

Working to get your name on a website can help some fledgling security researchers to build their portfolio of work, and really helps when they are trying to apply for testing jobs. It is a badge of honor that can be carried around in the future.

However, this is essentially working for exposure and you should only do it if you feel that not getting financial compensation is right for you. This can be the case if you are doing this as a learning experience, only care about the credit or if you are really invested in getting the service or product improved.

If you would like to learn more about Vivaldi's security policies, and how Vivaldi rewards security researchers, take a look at our security pages.

Being a security researcher is not everyone's cup of tea

Security research appeals to a certain type of person who looks for small details and thinks about how that detail can be used in a bad way, but who has no bad intentions of their own. The type of person who might work in quality assurance and software testing.

Patience is very important because the work can be repetitive, and the chances of finding an exploitable issue might be low.

Several hours or days of work might end up revealing nothing important, or just present a lot of hope. The rewards are sometimes big, and sometimes small, so it helps to be someone who is happy with the small rewards and enjoys the feeling of success.

Most important is the ability to see the ways to misuse something. A feature that was meant to be used in a certain way, but if you use it in a different way, can you make something bad happen?

Programming ability helps for some things, for example, knowing the sort of mistakes a programmer is likely to make in specific languages. For websites, some programming languages might not offer a standard way to encode unsafe characters into HTML entities, so it might help to start looking for HTML injection issues with query strings that might allow cross-site scripting. PHP normally uses standard APIs to access MySQL-compatible databases, which send each query as a single statement, so even though the website might not sanitize SQL inputs, it might not actually be possible to use command splitting characters to run additional commands.

Being able to learn the protocols used by a service is a major plus. You might already have tools to test the password hammering protection for an HTML login form, but the website also offers POPaccount access, and you can study the POP3 protocol documents, and try programming your own tool to hammer the POP3 login password. The protocol is public, it's something you can learn from.

In some cases, if you don't have all of these skills, you might look if you can work as a team with people who can help in the areas where you are lacking. It can be powerful to have several people to discuss ideas with and at least one person who can deal with the parts of the process that require patience.

Get started with becoming a security researcher

There are plenty of articles out there already on the sort of common issues that can be found on websites. In fact, there is a very popular website run by The Open Web Application Security Project (OWASP) project, that many ethical hackers use as their guide, sharing details of the issues they have found.

Tools such as Burp Suite and Metasploit are used to automate testing. They will need some knowledge and configuration first, but they can perform many tests quickly without needing to do it all by themselves. Relying entirely on such tools, however, does not make you a good researcher, as the tools have their limits, and their responses need to be examined carefully.

For software apps, it is a little harder, since each application is different, and the sort of things that might be considered exploitable in one app might be considered irrelevant in another, depending on how they are designed to work. For all kinds of software, there are tools called "fuzzers" that send random junk input, or nearly valid but slightly wrong input, to the app or website, to see if it will malfunction. These require a little more knowledge, and in general, are something that would be used by the application developers.

Improving your security research

The simplest kind of testing can often be done with automatic tools, so large amounts of knowledge are not required. However, if you want to become really good at it, there are many universities around the world offering courses specifically for ethical hacking, and many for general security research. A common summer vacation assignment is to see how many website halls of fame you can get your name in.

In general, it is not really possible to use books for up-to-date information relating to potential exploits. Technology moves too fast, and books are out of date before they are even published. Online courses can often help keep you up to date, but this is a field where constant research is best.

Do's and Don'ts for security researchers

Not all security issues are "critical". They are definitely more important than regular bugs, but most have minimal impacts. Being able to apply the wrong stylesheet to a website is definitely not as important as being able to compromise all of the data on the server.

Avoid assumptions: Do not assume that because a tool says it has found something, that it must be exploitable. Tools often warn about possible issues that can only be exploited in very specific circumstances, and the website or app might not satisfy those requirements; for example, a website might not have clickjacking protection, but that is not dangerous unless there is something harmful that can be done with a click.
Investigate: Potential issues might need a lot of investigation first - the more of the work that you do, the more the website owner will want to reward you. If it is reported without testing if it can really be exploited, it wastes a lot of time both for the security researcher, and the website owner who has to explain to the researcher that their assumption is wrong. If you repeatedly report things too early without checking if they actually work as an exploit, the website owner can simply get upset with you and stop listening to your reports. Or they might choose not to reward you when you find a real issue because you have wasted so much of their time.
Even though something is listed as being a security issue on The Open Web Application Security Project (OWASP), that doesn't mean that it is a security issue on the current website. The OWASP site mentions a lot of things that are totally irrelevant in most circumstances. For example, it has pages saying that revealing a server make or version number is dangerous because it lets an attacker know what issues to look for. This is not the case. A real attack uses all of the possible exploits without checking the make or version number. If it works, it works, if it doesn't then the attacker moves on to the next potential exploit. Hiding server make or version information just makes life harder for the security researcher, and only gives a false impression of security, known as security by obscurity.
Not all issues are issues: When a website owner or product vendor has accepted that something is an issue, do not assume that it will always be an issue. Many website owners and vendors assume that being cautious is best. But some will actually investigate the real impact and might tell you correctly that what you have found is actually not an issue. The owner of the previous websites or products might have made the wrong assessment. Arguing might make the website owner or vendor stop listening to your reports.
Report privately: Report things privately to the website owner or product vendor, and allow them a reasonable amount of time to fix issues. If you make the details public, you put the website or product and its users at risk, and you do not deserve the reward. If you share it with other researchers before the issue has been fixed, then the other researchers can reveal details, and you put the website and its users at risk. Issues cannot normally be fixed in a day, or a weekend, or over a vacation. Sometimes it might take a month or two to get all of the software updated. Keep communicating, and be flexible. This is how you earn your rewards.
Check how to communicate reports: Before reporting the issue, check how the website owner or product vendor wants to receive reports. Technology companies often have dedicated bug reporting systems where reports can be made confidentially. Some use a security email address. Some might only have generic contact email addresses. Never, under any circumstances, report issues on public websites like Twitter, Facebook, Reddit, or forums. If that is the only way to contact a company, message them, stating that you have a security issue to report to them, and ask how to contact them in private.
Evaluate ways to report: Reports almost never need a "proof of concept" video. As an example, with cross-site scripting, a simple link to the URL with the correct query string is enough. Videos are best used for complex cases where network requests need to be monitored, or interactions between different accounts need to be seen. For most issues, writing it in plain text is easier, even if you cannot write in the same language as the website owner or vendor. The website owner or vendor can use an online translation tool if needed. If you do choose to use a video, concentrate on the details of the issue itself, not on typing out your name or team or asking for rewards. Try not to waste time in the video, keep it short and simple. And make sure you never put your videos on a public website.
Avoid Zero-Daying: If a website owner or product vendor refuses to listen or waits many months to fix simple issues, and you know that the issue is actually exploitable and very important, then sometimes it does help to disclose some minimal details publicly, to persuade the website owner to fix it. But this should be done only as a last resort, not a first resort. If you disclose it publicly too early, you put all the users of the website at risk, and you become as dangerous as a criminal hacker. Unfortunately, bad experiences with one company can make some researchers treat all companies as if they will be bad, and these researchers then insist on disclosing all issues they find elsewhere early, known as Zero-Daying. This is dangerous for everyone involved and does not deserve to be rewarded. Treat every company as if they will respond well, and give them a chance to respond.
Develop credibility: Do not demand money before revealing information. This is not ethical hacking, it is extortion. That makes you a criminal hacker, not a hero. Do not ask for financial rewards in the first email, it can make you look like a criminal hacker. Companies that offer rewards will usually have it written in their security policies somewhere - if you are only interested in the money, then check before you test their site. Allow a company to check if your report is valid, and then see what they offer you. If your work is good, they will offer a reward if they have a rewards program. You don't need to ask.
Seek permission: If you are going to perform testing that might look like a real brute-forcing or denial of service attack, ask for permission first. Otherwise, you will simply look like an actual attacker, and you will probably be treated like one. The website owners may already have software designed to detect such things, and it might ban you from testing again.
Opt for honest research: If a website is using software from another company such as blogging software, server software, or forum software - and that software has a known security issue in it that was recently fixed, you do not need to tell the website owners unless they have left it a very long time. They will normally update it within a few weeks or months when they do their next software update. Reporting it to them in the hopes of gaining a reward is not really honest research. The researcher who deserves the reward is the one who found the original issue. If you want to earn the reward, look for new issues in the third-party software and report it to the vendor of that software, or look for issues in the website's own software.

Want to get involved?

At Vivaldi, we welcome security researchers who want to assist with the testing of our software. Do take a look at our security pages for more information.

On that note, we are very grateful to all of our software testers, both official and unofficial, for helping us to make great products for our friends. And to all of the security researchers who help to improve the security of our products and services, your contributions are very much appreciated.

Happy bug hunting!

5 signs it’s time to replace your browser

Jon McCullough — Mon, 28 Dec 2020 08:20:07 +0000

The browser you’re currently using might not be the best one for you, but you’re probably so used to its antics, you aren’t even looking for a new one.

Yet, the browser is the most important application on your computer and phone and it’s worth investing some time into choosing the right one.

A good browser will make a huge difference to your life and productivity. That’s because so much of what we do (especially right now) happens in the browser – we work in the browser, we collaborate, we communicate, it’s where we learn, have fun, create and build.

So when is it time to replace your browser?

1. Your more-techy friend cringes when they see what browser you use

We all have geeky friends who have their undying commitment to the tech things they love. They even obsess about their browser. Apparently, their browser is the best thing since sliced bread. It’s a browser that doesn’t just sit there but, would you believe it, lights up with your gaming devices, connects with smart home lighting, and whatnot. They vouch for their browser and are nudging you to replace your browser. They will even set it up for you. That’s how committed they are. Could they be onto something?

2. The browser maker tells you how to browse

You’re stuck with a browser that is cutting down on functionality, rather than adding to it. You feel like your hands are tied.

Do not worry. Browsers today tick way more boxes than they did even five years ago. A good browser can make a huge difference to your life and productivity through a wealth of built-in features.

In Vivaldi, we like to listen to our users and take the lead from there. We have a ton of useful features built into the browser, mitigating the need to add third-party extensions or apps. Things like taking notes right in your browser, viewing several webpages side by side, even reading text vertically should give you an idea of what’s possible straight out-of-the-box if you choose to replace your browser.

3. You wake up to the fact that ads know you better than your mom

Most people trust their browser to do the best for them but many companies, including browsers, are built on the data-collection model and survive by selling your data to advertisers and publishers.

Private data such as search history is often fed to algorithms that have the tendency to become biased. Algorithms will show you what they think you are more likely to click on. Eventually, they’ll put you in a bubble by showing you only things you agree with.

At Vivaldi, we don’t track or profile you. Nor do we collect usage data. We only try to have a general overview of how many users we have, what OS they run, and where in the world they are, taken as a whole. We generate revenue from partner deals with search engines and bookmark partners, not from selling personal data to advertisers and publishers.

Speaking of search engines, your choice of a search engine can have a big impact on your privacy. We offer you several privacy-focused alternatives that protect you from surveillance and believe in the neutrality of search results. Many folks replace their browser on these grounds alone.

4. The company behind your current browser gives you the creeps

There’s no two ways about this. The tools and services we use today shape our future.

As you become more aware of the choices you make, the ethos of your browser company (or lack of thereof) may begin to bug you. Things like abuse of power, avoiding taxes, and r ecord-breaking fines can be taken as tell-tale signs. Where do you draw the line? When is it high time to replace your browser?

5. You’re not excited when the browser releases a new version

Worse. You are not even aware that your browser has a new version. This alone should be your wake up call to do some soul-searching.

* * *

Do you know of more signs it’s time to replace your browser? Let us know in the comments!

Download Vivaldi

3 top work from home tools to stay productive (and happy)

Jon McCullough — Wed, 09 Sep 2020 08:40:50 +0000

On paper, working from home should boost your productivity. When you work from home, there are fewer distractions, less stress from commuting, and no office politics to navigate.

At least one big study carried out at the beginning of the pandemic indicates that you are more productive working from home.

But six months on, it looks like we’ve yet to learn how to work remotely and stay efficient.

Just last week the Harvard Business Review published a study of the productivity of 12,000 people working from home across the U.S. and Europe. The study indicates that we don’t use wisely the time we save from commuting. This time – around 89 million hours each week for workers in the U.S. – is getting wasted on unproductive work and poor choice of leisure activities.

The truth is that many of us are learning through trial and error, adjusting to this new way of working as we go along.

Luckily there are tried and tested techniques, as well as many reliable tools, that we can all use to stay productive working from home.

Productivity tools for working from home

Starting in the spring, I’ve been experimenting with work from home productivity tools and, surprisingly, have found that I need just 3 tools:

Vivaldi browser with its multiple built-in productivity tools.
Todoist.
Ecosia (yes, I’ll get to this in a minute).

With these 3 tools I’ve been able to use the top tried and tested work from home techniques:

Follow a schedule.
Take regular breaks.
Focused work.
Motivation practice.
Switching off.

Let’s take a look.

Follow a schedule

Following a schedule should be a no brainer but in fact, working from home has made many of us forget this good old productivity practice.

Personally, I know that this is something I did very badly at the beginning. It just never occurred to me that by losing my commute, I had lost my daily routine of transitioning into work mode.

It took me a while to realize that I needed a new routine.

On my way to the office, I would take 10-15 minutes to make a mental note of things I would work on – shifting my focus to work. Working from home, I just jumped into the day.

Setting time aside to plan your workday, is a great way to transition into work mode when working from home. If you don’t schedule everything, there’s a very good chance that you’ll spend your day reacting to whatever comes up and not get to your core tasks.

There are many time-management tools out there, not to mention that you can simply use pen and paper to plan your day. Whatever works for you!

Some of our users swear by the ultimate digital to-do list, Todoist. You can use this productivity tool directly in your browser or via an app. I use it in a Vivaldi browser Web Panel.

Productivity = @vivaldibrowser + @todoist as web panel. 👌

— Victor Grimaldo (@victorgrimaldo ) September 4, 2020

You can schedule your tasks, activities, meetings, and block time for focused work. You can flag priorities and assign due dates. You can even add notes to your tasks.

Personally, I always have a “must do” for the day. This way, whatever happens, I know that I can tick off my list at least one major thing.

Take regular breaks

Plenty of research points to something that is common sense but hard to do when you work remotely. If you don’t take breaks, you’re always on and your focus will gradually diminish.

In one of several surveys on remote working conducted since the beginning of the pandemic, 37% of people said that taking breaks was their key to staying productive while working from home.

For the millions of people working remotely, the Internet is always on. But being present outside the browser is good for productivity. Everyone needs to take breaks and recharge!

That in a nutshell is why we recently created Vivaldi browser’s Break Mode, which I have been using since it first appeared in a Snapshot.

Vivaldi may be about giving you the tools to stay productive, but we also want to empower you to manage your time and focus on the all-important work-life balance.

Break Mode lets you pause your browser so that you can interact with the physical world.

It couldn’t be more simple to use.

How to use Break Mode in Vivaldi browser

Hit the Break button (that little pause-looking button on the left of the Status Bar) to pause your browsing activity. Everything will disappear from your browser window, video and audio will pause.
Take a break and focus your attention elsewhere – grab a cup of coffee, exercise, make a phone call, talk to someone, or even take a power nap.
Resume exactly where you left off by pressing the Play button (in the same place).

Focused work

Staying focused and productive while working from home is always a challenge.

There are many techniques and tools for this and you should read up on some of them but one of the most effective ones I know about is the Pomodoro technique.

With the Pomodoro technique, you break the work down into short intervals and space them out by short breaks. More specifically, you set up a timer to 25 minutes and do your focused work in this interval (called “Pomodoro”). Then you take a 5-minute break before you start another 25-minute Pomodoro cycle.

At Vivaldi, we are huge fans of this technique and a while back we integrated a unique Pomodoro timer in the Vivaldi browser.

@vivaldibrowser, +10points for adding Pomodoro timer to the new browser clock! 😀

— David "The Bald Ginger" du Toit (@ddtpoison777) April 24, 2020

How to use the Pomodoro timer in Vivaldi browser

Left-click on the Clock button (far right on the Status Bar) to bring up the Clock popup.
Click on the Pomodoro preset.
Click the Start button.
A notification sound will go off in 25 minutes.

If you find that your needs are different (perhaps 25 minutes are too short or too long for you), experiment with durations until you find something that works for you. You can edit the duration of your “Pomodoros” in the Clock menu.

The Pomodoro technique was invented in the early 1990s by the developer and author Francesco Cirillo. The method is named “Pomodoro” after the tomato-shaped timer Cirillo used to track his work as a university student. 🍅

The premise of the Pomodoro technique is simple. When you are faced with a large task or a series of tasks, break the work down into short intervals and space them out by short breaks.

The Pomodoro technique will train your brain to focus for short periods of time and help you stay productive and focused. You’ll notice that, over time, it will improve your attention span and concentration in addition to making you more productive.

This technique will help you come back to your task more focused.

Motivation practice

When you work from home, it’s easy to feel isolated. That may be the one really big downside to remote working.

You lack an overview of things. The sense that what you do is meaningful can really take a beating. And when you lose the big picture, it’s easy to assume that you haven’t accomplished anything.

Getting people to feel that the work they do is making a difference, is much more important now than it ever was.

This is one area that is evolving and employers are eager to learn how to tackle this – how to make sure that employees are staying productive and motivated.

While employers are figuring this one out, people are finding their own ways to cope.

One tool, in particular, took me by surprise and I’ve stuck with it.

Sometime this summer, I decided to try a different search engine from the one I was using. I got hooked on Ecosia, the search engine that plants trees.

As I search the web, Ecosia plants trees – 80% of their profits go for planting trees. Ecosia plants in areas where trees are needed the most benefiting people, the environment, and local economies.

Every time I perform a search, I catch a glimpse of my personal Ecosia tree count at the top of the screen. And no matter how overwhelmed, disorganized, or isolated I might feel stuck at home in front of my screen, I know that my time spent online isn’t wasted. Planting trees is uplifting. It feels good!

Ecosia is completely transparent and publishes its monthly financial reports, so I can see exactly where the income from my searches goes. As a bonus, they don’t sell my data, have no third party trackers, and anonymize all searches within one week.

Switching off

Switching off – the final productivity technique I practice – may be the hardest to achieve. At the core of it is maintaining a healthy work-life balance.

Again, easier said than done. Without an office to get to, it’s a real challenge to draw the line between work and home. Without the commute, it’s a struggle to separate work from personal life.

Yet, if you don’t find a way to do this effectively, your work responsibilities will creep into your “life”, eating up more of your free time. You really need to have dedicated work hours just like you would in the office.

In the Vivaldi browser, we’ve built in a tool that might just be the answer to this problem.

With the theme-scheduler, you can schedule different themes for different times of the day. For example, you can schedule a light theme for your working hours, and have your browser switch to a dark theme at the end of the working day. That’s a great way to designate the end of work each day. The cue would be hard to miss.

You could also set up entirely different work and personal profiles in Vivaldi browser – that way you can keep work and life completely separate.

In order to boost your productivity – and health! – you need to unplug from work.

If you stick to the techniques above, you will be productive and efficient throughout the day.

Surprisingly, I only use 3 productivity tools. At the core, sits Vivaldi browser. Then I have Todoist and Ecosia, the latter for that uplifting feeling of doing my bit for the environment.

Try these techniques and tools. It will be easier to walk away from your work feeling that you have accomplished something.

What better way to put an end to another successful day working remotely?