All posts by Kerika

About Kerika

Kerika is the only task management tool that's designed specially for global, remote teams.

Looking out for suspicious links in Kerika

We had some incidents recently where hackers stole the Microsoft credentials from some folks in Europe and North America (there’s been a lot of that lately), and then used these stolen credentials to sign up as Kerika users.

Once they signed up, they created Whiteboards that were made to look like they included official links from Microsoft to download documents.  Here’s what one of them looked like (we have obscured some information):

 

The link in the image shown above led to a phishing site where people might inadvertently enter their Microsoft credentials in order to read this document, which would have looked like it came from a Kerika board that was owned by a trusted colleague.

To make this more convincing, they used a very old feature of Kerika’s Whiteboards that’s called VIEW AS WEBPAGE:

 

This feature was originally built to help nonprofits and open-source teams share their work with people who weren’t Kerika users: the Board Admin could create an ordinary Web page that contained everything that was on the Whiteboard.  This page was then sent to the contacts of the person whose credentials were stolen.

To deal with this, we have made some important security updates throughout the Kerika app, on the desktop and on mobile devices:

  • Whenever you add a link to any task (card), chat, board, or canvas in Kerika, we will check if that link is known to be suspicious or malicious.
    If so, you will be warned, and Kerika’s security team will be informed immediately. Your account will then be monitored to see if this behaviour continues.
  • Whenever you click on any link anywhere inside the Kerika app, we will check again if that link is known to be suspicious or malicious, and will warn you if that’s the case.
    Please take this warning seriously!

We have disabled the VIEW AS WEBPAGE feature for Whiteboards while we evaluate the results of these security improvements.  Once we feel confident we have dealt with this situation we will consider re-enabling that feature. (Let us know if this feature is important to you.)

We are using Google Web Risk service to help screen URLs entered by our users.  Google has been dealing with malicious websites since they started, and we think they have some great resources that we can leverage to improve security for our own users.

Mr Bond, they have a saying in Chicago: 'Once is...

What’s in our latest release

A ton of bug fixes, most of them so obscure that no end-users ever spotted them, but since we track our error codes seriously we make sure we fix stuff that no one even knew fixing.  Some of the bug fixes are truly obscure, here’s a few from our latest version that’s easier to explain:

  • There were some problems related to how our iOS app was updating that were a result of Apple deciding not to support Progressive Web Apps anymore.  (Thanks for nothing, Apple.)
  • When a person renamed a file attached to a task or board, the file was appearing as having unread updates (orange highlight) to the user who made the change.
  • For our Kerika+Microsoft users, we needed to make sure the correct OneDrive icons were appearing where files were attached to tasks and boards.
  • Also for our Kerika+Microsoft users: OneDrive files are better support for users of our Whiteboards feature.
  • When a text field could potentially be auto-filled using the browser’s saved values, if a user selected a saved value it wasn’t displaying properly.  (Thanks to a breaking change in one of Chrome’s many, many updates — seriously, why are they releasing new versions every week?)
  • Dates shown for non-English users will now appear in the locally selected languages.
  • If a user opened a task on the mobile apps that had been found by doing a search, editing the task’s title was showing HTML characters.
  • Handling situations better where two people were making changes to the same task at the same time: users are warned if someone else has made changes that would get overwritten if they saved their own changes.
  • Improvements in the new user experience: this is, frankly speaking, a never-ending quest for us!
  • Fixed a situation where a new user who didn’t complete their signup returned later to Kerika: the language selection that’s the first thing that a new user does wasn’t working properly.
  • We made it easier for people to stop getting their 6AM task summary emails; we really should have done this a long time ago.
  • Fixed a long-existing bug that finally surfaced that omitted some tasks from the 6AM emails.

 

It’s now even easier to catch up on changes in attachments and checklists

The orange arrow that appears at the top or bottom of a column when there are unread updates that are out of view has proved to be a very useful and popular feature, so we have extended the concept to work inside of tasks (cards) as well: if there is an unread change to a checklist item, or attachment, that’s out of view for you, an orange arrow will appear to help guide to you it:

The way these orange arrows work is very intuitive: just click on it to have the view scroll up automatically to show the next unread checklist item or attachment.

What Got Done and What’s Due: By Quarter

The What Got Done View, that’s accessible from your Dashboard, now has a new feature: it can show you everything that got done by calendar quarter:

This can be accessed from the Settings dialog from this View: just click on the gear icon at the top right corner of the app.

This feature is also available for the What’s Due View: now you can see how your long-term deliverables stack up over the next four quarters.

This By Quarter View should help folks that need to report to their bosses what the team is getting done, on a quarterly basis.

We made it even easier to see what’s changed inside a Task

When working on our Task Boards, users will now find it even easier than before to see exactly what changed inside a task (card): new attachments, for example, are flagged like this:

And that’s true for new chat:

And for checklist items:

We know Kerika is used for some really large projects with thousands of cards, so we are always looking to see how we can make it super easy for distributed and global teams to keep up with what their colleagues are doing.

 

Ultimate Guide to Lesson Planning: Tips and Strategies for Teachers

Mirror Review features Kerika in an article on lesson planning! From the article:

Choosing the right lesson planner is important as it directly impacts your ability to organize teaching materials efficiently and save time in the long run. Kanban tools have gained popularity among teachers due to their visual and flexible nature. There are many tools available in the market like Clickup and Trello. But if you’re looking for a cost-effective tool that caters specifically to educators, Kerika is the standout choice.

Read the entire article.

Kerika just got better: why you are seeing this message more often

“Kerika just got better…” is a message you are seeing almost daily, and that’s thanks to the massive 2-year effort that overhauled our old backend and made it much easier to push out changes.

We are now rolling out bug fixes and feature improvements on a daily basis, using our modern architecture. Previously we had to batch these up and do large upgrades; now we can push out the smallest changes, when we feel they are ready to go.

Under the old architecture taking the servers down for maintenance was a painful necessity; now changes can be deployed without any downtime.

All changes still go through extensive internal testing, and new features go through a lot of usability testing in particular, before anything gets pushed out.