Looking out for suspicious links in Kerika

August 14, 2024KerikaSecurityKerika

We had some incidents recently where hackers stole the Microsoft credentials from some folks in Europe and North America (there’s been a lot of that lately), and then used these stolen credentials to sign up as Kerika users.

Once they signed up, they created Whiteboards that were made to look like they included official links from Microsoft to download documents. Here’s what one of them looked like (we have obscured some information):

The link in the image shown above led to a phishing site where people might inadvertently enter their Microsoft credentials in order to read this document, which would have looked like it came from a Kerika board that was owned by a trusted colleague.

To make this more convincing, they used a very old feature of Kerika’s Whiteboards that’s called VIEW AS WEBPAGE:

This feature was originally built to help nonprofits and open-source teams share their work with people who weren’t Kerika users: the Board Admin could create an ordinary Web page that contained everything that was on the Whiteboard. This page was then sent to the contacts of the person whose credentials were stolen.

To deal with this, we have made some important security updates throughout the Kerika app, on the desktop and on mobile devices:

Whenever you add a link to any task (card), chat, board, or canvas in Kerika, we will check if that link is known to be suspicious or malicious.
If so, you will be warned, and Kerika’s security team will be informed immediately. Your account will then be monitored to see if this behaviour continues.
Whenever you click on any link anywhere inside the Kerika app, we will check again if that link is known to be suspicious or malicious, and will warn you if that’s the case.
Please take this warning seriously!

We have disabled the VIEW AS WEBPAGE feature for Whiteboards while we evaluate the results of these security improvements. Once we feel confident we have dealt with this situation we will consider re-enabling that feature. (Let us know if this feature is important to you.)

We are using Google Web Risk service to help screen URLs entered by our users. Google has been dealing with malicious websites since they started, and we think they have some great resources that we can leverage to improve security for our own users.

Mr Bond, they have a saying in Chicago: 'Once is...

What’s in our latest release

June 15, 2024Bug Fixes, KerikaBug, Microsoft, Mobile, Task Board, WhiteboardKerika

A ton of bug fixes, most of them so obscure that no end-users ever spotted them, but since we track our error codes seriously we make sure we fix stuff that no one even knew fixing. Some of the bug fixes are truly obscure, here’s a few from our latest version that’s easier to explain:

There were some problems related to how our iOS app was updating that were a result of Apple deciding not to support Progressive Web Apps anymore. (Thanks for nothing, Apple.)
When a person renamed a file attached to a task or board, the file was appearing as having unread updates (orange highlight) to the user who made the change.
For our Kerika+Microsoft users, we needed to make sure the correct OneDrive icons were appearing where files were attached to tasks and boards.
Also for our Kerika+Microsoft users: OneDrive files are better support for users of our Whiteboards feature.
When a text field could potentially be auto-filled using the browser’s saved values, if a user selected a saved value it wasn’t displaying properly. (Thanks to a breaking change in one of Chrome’s many, many updates — seriously, why are they releasing new versions every week?)
Dates shown for non-English users will now appear in the locally selected languages.
If a user opened a task on the mobile apps that had been found by doing a search, editing the task’s title was showing HTML characters.
Handling situations better where two people were making changes to the same task at the same time: users are warned if someone else has made changes that would get overwritten if they saved their own changes.
Improvements in the new user experience: this is, frankly speaking, a never-ending quest for us!
Fixed a situation where a new user who didn’t complete their signup returned later to Kerika: the language selection that’s the first thing that a new user does wasn’t working properly.
We made it easier for people to stop getting their 6AM task summary emails; we really should have done this a long time ago.
Fixed a long-existing bug that finally surfaced that omitted some tasks from the 6AM emails.

For 4 quarters in a row, Kerika has been identified as a Leader in Task Management by Sourceforge

May 1, 2024KerikaKerika

Kerika Reviews

Kerika + Twine: a great partnership for freelancers everywhere

April 2, 2024Kerika, Team CollaborationKanban, Task Board, TemplatesKerika

We are thrilled to announce a partnership with Twine, a global expert network that major companies are using to outsource all kinds of work:

Designers
Animators
Musicians
Filmmakers
Photographers
Marketers
Developers
Illustrators

Twine has over 500,000 registered members already, and is growing fast — and we are thrilled to be partnering with them to help Twine’s freelancers and clients get more done using our Task Boards.

Twine’s users are exactly the kind of folks that Kerika was designed for: creative people, developers, freelancers and businesses that need to come together quickly to execute on a project. In an environment that’s that fast-moving, having access to a task management tool that’s designed specially for remote and distributed teams, with a design that’s simple enough for anyone to get going with, is essential.

And that’s where Kerika can help Twine’s community.

As part of this partnership we will develop custom templates that can help Twine projects get going faster. And that’s just a starting point: we hope, over the coming months, to deepen this relationship!

We made it easier for people to join board teams

March 26, 2024Agile & Scrum, Kanban & Lean, Team Collaboration, UsabilityAccount, Kanban, Scrum, Task Board, Teams, WhiteboardKerika

Board Admins can now invite people to join their boards as Team Members or Visitors by simply sharing a unique link that’s created for each board. We added this function because some of latest users include schools that want to add large groups of parents to boards with a single action. Here’s how it works:

When you open the Board Team dialog (as a Board Admin), you will see a new option at the bottom, called Let People Join Using a Link:

Clicking on this will bring up a dialog that let’s you create links for adding people as Board Admins, Team Members, and Visitors:

For additional security, separate links are created for each role: Board Admin, Team Member, and Visitor. When you turn on one of these options, Kerika will create a special link that you can then send to a large group of people to join you board.

(We obscured the link in the screenshot above, for our own security!)

When you create a link, it’s also automatically copied to your clipboard for easy pasting in an email or chat.

If you are concerned that the link may have been compromised, perhaps because the people you sent it to have carelessly passed it on to others, you can always turn it off: turning off a link will automatically make it useless for future use.

You can then create a new link if you want to.

Try it, and let us know what you think.

A new product overview video

February 26, 2024KerikaKerika

Feature Kerika’s integration with Office 365 and OneDrive

A naming change for Done and Trash

February 18, 2024Agile & Scrum, Kanban & LeanKanban, Scrum, Task Board, UsabilityKerika

We are making a change to the names of the Done and Trash columns on Task Boards, to make it easier for new users to understand what these columns represent.

The Done column will become Completed and the Trash column will become Deleted.

Looking at the demographics of our new users, we found that over 80% had never used any kind of boards before, and we think the new names will be easier for them to understand.

This is just a naming change, there’s no difference in functionality.

We would like to know a little about you

January 24, 2024KerikaKerika

We are asking new users two simple questions, at the time of sign up:

These two questions, that take just a few seconds to answer, will help us create a more custom onboarding experience for new users. This is still a work-in-progress, of course, and in the first step we are just collecting some data while we get the rest built. There are a bunch of customization ideas we are exploring. Stay tuned.

This is Us

January 23, 2024KerikaKerikaKerika

Our team has had much to celebrate over the past few months, as we achieve milestone after milestone. This is the India-based development team of Kerika:

Using Kerika with Microsoft 365

January 22, 2024Kanban & Lean, Kerika, TechnologyAccount, Box, Calendar, Document Management, Google Apps, Microsoft, Scrum, Task Board, Teams, WhiteboardKerika

We have made a very big extension to Kerika, by integrating with Microsoft 365: now you can sign up using your Microsoft ID, and have your files stored in your own OneDrive account!

Kerika+Microsoft works the same was as Kerika+Google and Kerika+Box: you can use your existing Microsoft account to sign up and login to Kerika; there’s no need to create and remember a new password:

When you upload files to your board for the first time, you will be asked to choose a preferred cloud storage: if it’s Microsoft, then you will be asked to give Kerika access to a single folder in your Microsoft OneDrive:

After you allow Kerika access to your OneDrive, Kerika will create a single folder in your OneDrive that it will use for all of your Kerika-related files:

That one top-level folder is all that Kerika will ever use: inside there Kerika will automatically manage all the subfolders you need to sort your different Kerika accounts (yes, some folks have more than one Kerika account!) and your board.

Kerika doesn’t go snooping around or altering any other part of your OneDrive!

Files you add to your Kerika boards will be automatically shared with everyone on the board’s team: Board Admins and Team Members will get read+write access, while Visitors will get read-only access.

As folks join or leave your board team, access to all the files on that board will be automatically managed by Kerika, freeing you up from all the admin work that other tools make you do.

You can even create new Office 365 documents from inside Kerika, and have them shared automatically with your board team:

And we have always had the ability to sync your Kerika due dates with your Outlook calendar, so that completes everything you need to get the most of Kerika+Microsoft!

Get more done, with Kerika

Task Management for Remote Teams