A Day Without Chocolate

Chrome Extensions for Hackers

April 28, 2012

I Googled “Chrome Extensions for Hackers”, and I was disappointed by the failure of Google to understand what I meant when I said hackers. I then Googled “Chrome extensions for programmers”, and was flooded with Firebug (pfft) recommendations - bar one Stackexchange question, which had a single good recommendation - Development and Coding Search (I had a bet with myself in my head that this question would be “closed”, and I was not disappointed.)

So here’s a list of extensions I currently use, which you should probably ignore, since you might already be using most of them. Many of them are security/privacy related; so I guess I should have titled the post “Chrome Extensions for The League of People who care about their Privacy”. But aren’t hackers and privacy minded people? Surely! Are privacy minded people hackers? Maybe. (in the words of the great Prof. Michael Crowley)!

Social Auth Disconnect

(Note: This extension is now called fPrivacy, but I used it before it was hip, you know?).

Every once in a while, I face the disgusting dilemma of allowing a Facebook application to access my account - I really don’t want to give hundreds of permissions to apps I’ll probably use just once in my life. This extension lets you opt out of giving specific permissions to FB apps - but this comes with a repercussion - you break poorly programmed FB apps - since they cannot handle the misery of you not providing a permission or two - Oh the misery! This extension is open source too, so it alleviates your privacy concerns! Any other excuses?

Cr-gpg

This is a wrapper for the GPG binary on your Unix-based system, and works perfectly for GMail. Unfortunately, the Decrypt button stopped showing up when I updated to the wonderful new look in GMail. I’ve filed an issue, and waiting to hear back - the developer(s) seem to be replying to issues pretty quickly. Rad!

Ghostery

One of the best alternatives to the extremist NoScript extension - this has a pre-defined rule list (which you can edit), and blocks useless scripts from loading and slowing down your browsing experience. No more Facebook comments on other websites! Yay!

Keep My Opt-Outs

This extension lets you opt-out of personalized advertising and data-tracking. It is written by Google. I’ve seen it all.

Frictionless

Want to read that enticing article on Washington Post Social Reader - but don’t want to install the spammy app? Fret not! You can bypass the app install and read the article / watch the video directly! This extension is open source, so please submit an issue if you find that the extension doesn’t work for an app - the developers said “Pretty Please”.

Hacker News Sidebar

One of the best additions to your Hacker News browsing experience, this shows a nifty sliding drawer on any page that was submitted to Hacker News at any time. I cannot count how many times I have found priceless HN threads providing commentary on a webpage I was looking at.

HTTPS Everywhere

This is one of those genius but straightforward things that give me “why didn’t I think of this before” moments. Redirects you to HTTPS versions of “major websites” - works on most websites I visit. Hey!

Netflix Confirmation Email Fail

March 09, 2012

tl;dr - You can register for Netflix using ANY email address, without requiring you to verify ownership.

I have a couple of roommates, let us call them A and B. A is parsimonious and he keeps signing up for Netflix using new email addresses every month, taking advantage of the one month free trial offered. Apparently he ran out of email addresses last month, and signed up for a new trial using B’s email address.

B, on the other hand, remembers receiving emails from Netflix, but deleted them thinking they were spam that happened to get through GMail’s filters. When he found out about the whole situation, he felt violated, and I can totally understand why. This may only be a miniature form of identity theft, but it still feels like a personal boundary has been crossed.

B was, in fact, looking to take advantage of Netflix’s free trial with the Spring Break coming up. He can’t anymore, to say the least.

This is a major fail on the part of Netflix and it is unacceptable that they don’t provide a way to verify email ownership (which I don’t imagine is too hard).

My File Sharing Setup (Linux)

November 06, 2011

Update: I have written a multi-purpose Ruby script to work with S3, Cloudapp and Imgur, and that’s what I use right now. Be sure to check it out.

There’s been a buzz around file-sharing sites for a while now- YCombinator’s KickSend receiving some funding, while Dropbox is growing as always. Somehow, I still feel the ideal file-sharing platform is missing. The closest app that has come to perfection is Cloudapp, but that’s only for Mac. However, they have an API and there are a couple of scripts to get it to work on Linux as well.

So, without further ado, here is my file sharing setup based on the scenario:

1. For small files (under 25 MB)

I use Cloudapp (free account) for this. Its a no-nonsense application that makes it really easy to share files. The native Mac client has this cool drag-and-drop interface on the desktop, and that is replicated for Linux to an extent by py-cloudapp. However, I spend most of my time in the command line, and I use my (forked) script cloudapp-rb. I’ve integrated a way to (g)mail the link of the uploaded file to someone, and it really takes the pain away from doing it in GMail’s web interface. So, to upload a file to cloudapp, and to send it to someone, I just have to press a few keystrokes:

ul file.txt classmate@domain.com

2. For securely transferring files (P2P)

Sendoid is the clear winner here. It has pretty generous filesize limit (I’ve successfully tested files of ~1 GB), 128-bit AES encryption, and you can even password protect your end-point URL. Also, it is P2P and the file is never stored on ther servers : it goes directly the sender’s machine to receiver’s.

The web interface is decent, but the AIR app is what makes this product awesome. The app is very clean, as you can see here:

Sendoid Screenshot

3. For transferring big files

On more than one occasion, when not on my laptop, I’ve had to share source code with my classmates, which is usually an archive of size ~500MB. The Dropbox web-application fails here, as it has a 250 MB upload limit (if I’m not mistaken). That’s where Ge.tt comes to the rescue. It has no file-size upload limits that I am aware of. A free account gets you 2 GB of upload space, (3 GB if you were with them before the introduction of the pricing tiers). Get this: you can share the file permalink even before the file has finished uploading, and this is a great way to temporarily share files. You can group files into collections/folders of sorts and I wholeheartedly recommend this app!

4. Pseudo-Permanent File Sharing

Of course, there’s Dropbox, and I previously used it for sharing. But, I find it extremely inconvenient to copy the file in question to my Dropbox Public folder, and then copy the Public link. Hence, I shifted to cloudapp for sharing small files. However, there are some files that need to be shared for long time spans (and I need a backup of these files for personal use): That’s where Dropbox comes in. After putting the file in my Public folder, I can distribute the link and be sure that everybody can access it even months after it has been uploaded. Also, I can be sure it is synced across all my devices.

5. Expiring URLs and Command Line uploads

How can you forget the big-daddy of cloud storage: Amazon S3. I fail to understand why S3 has intimidated non-technical people. It’s web interface is super-easy to use, and the AWS free tier provides 5 GB of S3 storage - which is a steal even if you don’t use the plethora of other cloud services provided.

I use mishare, a script I wrote, which makes it really easy to upload files from the command line to S3.

# Upload file to S3 and email it to john@example.com , and the link should expire after 30 minutes
mishare ul -f file.txt -e john@example.com -t 1800

Twitter Share Bookmarklets Secret Feature

October 08, 2011

I just discovered something really cool about Twitter’s Share Bookmarklet, though I’m quite sure somebody would’ve noticed this before.

Yesterday I was reading a piece on Steve Jobs, and I decided to share it on Twitter. Keep in mind that it was a paginated article (split into 2 pages). Only after sharing it did I realized I was on the 2nd page of the article when I shared it, and the URL of that page was was:

www.nytimes.com/2011/10/07/opinion/the-man-who-inspired-jobs.html?pagewanted=2

Notice the end of the URL clearly saying pagewanted=2. However, when I checked my tweet, the URL that Twitter included had turned into:

www.nytimes.com/2011/10/07/opinion/the-man-who-inspired-jobs.html?pagewanted=all

I couldn’t believe it. I tried the Share bookmarklet on the page again, and sure enough, it was changing 2 to all. I then decided to experiment a little bit more - and see if this feature on other websites as well.

Here’s a list of pairs of URIs - the first URI is the actual page that was shared, and the 2nd URI is the ‘converted’ version - by Twitter’s apparently smart bookmarklet.

First up: Wired and GQ - which have a URL strucuture similar to that of NYTimes - they use a query string to specify pagination:

www.wired.com/wiredscience/2011/10/living-relics/?pid=2212 www.wired.com/wiredscience/2011/10/living-relics

www.gq.com/news-politics/big-issues/201109/dont-ask-dont-tell-gay-soldiers-military?currentPage=2

www.gq.com/news-politics/big-issues/201109/dont-ask-dont-tell-gay-soldiers-military

Next, Vanity Fair uses a fragment identifier:

www.vanityfair.com/business/features/2011/11/michael-lewis-201111#gotopage2 www.vanityfair.com/business/features/2011/11/michael-lewis-201111

And finally, Playboy and The Atlantic - which actually pass the page number as the last parameter in their URL:

www.playboy.com/magazine/playboy-interview-steve-jobs/2 www.playboy.com/magazine/playboy-interview-steve-jobs

www.theatlantic.com/magazine/archive/2011/07/the-brain-on-trial/8520/3/ www.theatlantic.com/magazine/archive/2011/07/the-brain-on-trial/8520

This seems more and more like specific use-cases added by Twitter to make their bookmarklet ‘smarter’. I’m not sure which CMSs the above sites run on, and it could be quite well be CMS-specific.

However, it did fail to do the magic on some websites:

Esquire passes the page number as a hyphenated value at the end of the URL-slug of the article.

www.esquire.com/features/william-petit-case-0611-4

NY Books, meanwhile, has a query string style page number, but it didn’t work.

www.nybooks.com/articles/archives/2011/aug/18/very-deep-america-friday-night-lights/?page=2

Sports Illustrated was an interesting case. The page number is the second-last parameter in the URL, with the last parameter being index.htm. I expected the bookmarklet to fail to work on this, and it did. It even failed when I removed the index.htm at the end.

sportsillustrated.cnn.com/vault/article/web/COM1061362/3/index.htm sportsillustrated.cnn.com/vault/article/web/COM1061362/3

I wonder if some Javascript Ninja could help out here, the Twitter Share Bookmarklet points to a share.js, that seems to do the magic.

Any thoughts? Tweet me @hardikr !

On Spotify

September 30, 2011

Spotify is an unbelievable service - it’s like having already purchased most songs in the world, and it looks great. It seems to be reducing piracy, and the premium plans look quite tempting. Everyone’s been raving about it for quite a while now, and it shouldn’t be long before it becomes the #1 music service used all over the world.

Anyhow, here are a few things I have to say regarding Spotify, that would be far from laudatory.

The requirement to have a Facebook login to create a new account is ridiculous. It’s probably driving away potential customers. Sure, Spotify may have been ‘forced’ to do it, but that really is no excuse.
Spotify should really cater to the Linux world too. Their Linux beta is only for paying customers, and non-paying customers have to rely on the Windows version to run on wine. A recent update to Spotify causes it to crash on startup. The fix for this issue ? When Spotify starts, you have to be fast enough to close the Facebook tab on the right, because that’s causing the crash. No problem if you were a Counter Strike sharpshooter (like me :)), but otherwise, keep trying. Many people will say that free users shouldn’t complain of a lack of functionality - but come on, this is broken. There should at least be a plain vanilla app that runs on Linux.
Spotify ads. This one’s really been bugging the OCD-hell out of me. I’m fine with ads, but Spotify often plays ads for the exact playlist/artist I’m listening to at that moment. Sure, they may not have those many ads, but playing ads just for the heck of it? I don’t know. It’s a waste of money for advertisers, because their target audience is already using their product. I realize that I may have found the playlist as a result of listening to the ad sometime in the past, but what use is that ad to me now apart from interrupting my listening the very same playlist that they’re advertising about? It’s like you’ve bought a car, and then a salesman drags you out of your car every 5 minutes to pitch you about the exact same car you’re driving. It’s maddening. I’m sure it’s not that difficult to ‘whitelist’ on a realtime basis, the listeners that shouldn’t be served this advertisement. Why not play a different advertisement ? Or reward the listeners by not playing the advertisement once, because they’ve presumably clicked through and are listening to the targeted playlist/artist.

← Older