Category Archives: Tech

GPS Navigation Options We Need

GPS navigation options we need:

  • I know how to get to the freeway from home.
  • I know how to get home from the freeway.
  • Don’t send me down someone else’s narrow residential streets just to save two minutes.

If I’m trying to get somewhere other than home after work, I’ll use GPS to get an idea of the time remaining and the fastest route. Since I’d rather avoid the freeway during rush hour, it keeps trying to send me on these zigzag paths through residential neighborhoods to avoid backed-up arteries or just avoid busy intersections. I used to follow those routes, but after a while I started noticing other cars ahead of me that were clearly doing the same thing. It’s not just one car being added to that lumpy narrow road with lots of driveways, stop signs, kids on bikes and people taking out the trash. It’s a lot of cars. And of course we’re following the same apps drawing from the same data, so we’re all taking the same side streets, not spread out among all of them.

If there’s a big difference, that’s one thing, but for two or three minutes? What’s the point?

Of course the avigation app seems so testy when I decline to be part of the problem, and it has to keep recalculating…

Treat Passwords Like Driving: Separate Your Hazards.

The last time I set up a new computer, I was surprised to find that installing a password manager has become a critical part of getting the system ready to use.

It used to be that you could pick a few unique passwords for critical services like your primary email and banking sites, and reuse some passwords for less important sites, and maybe remember them all. But when so much of what we do happens online in so many places with so many different levels of security (and visibility), the attack surface is huge. Add in how many criminals and others are trying to break into those sites, and it’s no longer safe to reuse passwords.

Why?

If one site gets hacked, and you use the same password at another site, someone will try it just to see if it works.

The only way to protect against that is to use a different password on every site. And unless your online activity is very narrow, chances are you can only memorize a few of them. You can stretch it out with mnemonics like XKCD’s passphrase scheme, but eventually you’re going to have to record them somewhere. Putting it in a text file or spreadsheet is bad, because anything that gets onto your system can read it, but password managers are designed to encrypt them.

You still have to protect the master password on that file, but now you don’t need to worry that when someone finds your old MySpace password, they’ll start buying stuff on one of your shopping accounts, or hijack your Twitter as part of a harassment campaign, or use your email account to send malware to all your friends.

LastPass is a popular one. It’s cloud-based, which makes it convenient to use on multiple devices, but you do have to trust them. If you’d rather not trust your passwords to someone else’s computer, you can go with an offline manager like KeePass, which stores everything locally on your system in an encrypted file.

Goodbye, Xmarks! (again)

I got an email from LastPass that they’re dropping Xmarks on May 1. Xmarks is a cross-browser bookmark sync service that I’ve used for a long time to keep Chrome, Firefox, IE, and Safari on multiple computers using the same set of bookmarks.

Once it’s gone I can still sync Firefox across devices, Chrome across devices, etc., but that doesn’t help with syncing Firefox, Chrome, etc. with each other.

That said, it’s been a bit flaky for a while:

  • Anytime I came back to a system without using it for a while, it would have trouble syncing and have to re-download everything.
  • Sometimes it gets confused by the different folder layouts.
  • Since Firefox dropped their old extension API, the new extension hasn’t worked well with my scheme that drops all cookies when I close the browser except those on sites I want to stay logged into.

Maybe someone will pick them up again, like when they planned to close down in 2010 but LastPass bought them and took it freemium. On the other hand, I’m not sure I would trust someone who wanted to buy them now. Maybe I should pull my data early.

Whatever the case: If you sync bookmarks across different browsers, what do you use? Would you recommend it?

Alternate Sharing Buttons (Now with Less Tracking!)

I’ve been trying out some alternate sharing buttons that don’t talk to Facebook, Twitter, etc. — or to a third-party button provider like ShareThis — until you actually click on the button. Facebook can track you across the internet when sites include the standard “Like” button hosted on their services. Same with Google and the +1. Even WordPress’ Jetpack buttons will call out to Facebook and Pinterest to display the share count. I want to reduce my contribution to ubiquitous tracking.*

Sharingbuttons.io is totally self-contained and doesn’t even use any JavaScript. You use their site to generate a set of buttons for a particular page, then copy the HTML and CSS to your site. Downsides: The HTML includes embedded SVG that has to be repeated on every page, and your page title and URL are repeated in each button within the page. I used this set on the old Alternative Browser Alliance site, replacing ShareThis. It’s only around five pages, so it was faster to repeat the generator five times than write a tool to template it.

Share42 uses locally-hosted JavaScript to avoid repeating the title and URL on every button, and a single image sprite generated from the set of buttons that you choose. You copy both files to your own site, so that it doesn’t contact a third-party server just by appearing. This also made it simpler to add to WordPress, because I only need to add an easily-templateable stub and enqueue a local script. So I put it on Speed Force, replacing Jetpack’s sharing module. I may put it on the old Flash reference site (which used to have ShareThis on it) if it seems like it’s worth it.

These are both topic-based projects. For my personal blog here, I’ve decided to just drop the share buttons entirely. I’m not sure how useful they are these days, anyway, especially on mobile, where sharing to an app is built into the system.

*Yes, I said reduce, not eliminate. I’m still using WordPress stats, for instance, though I’m phasing out Google Analytics on my personal sites, and of course anywhere you actually embed content from another site, the remote site can potentially track your visitors.

Mastodon: Welcome to the Federation

Mastodon is one of a newer crop of decentralized social networks that are trying to put the users first instead of building everything around ads, tracking, and attention-grabbing feedback loops.

It’s open source software run on a bunch of smaller networks, mostly volunteer-run, each with its own policies and moderators. (You can even run one yourself if you want!) These smaller networks can talk to each other behind the scenes, allowing you to follow and interact with people across networks (that’s where “federation” comes in). Each instance has a different community and flavor, and each is part of the broader community.

I’ve been on for a few months now. It takes a while to settle in, and it feels kind of like the early, optimistic days of Twitter, plus there’s an effort to learn from the past and make it better this time. You can find me at @kelsonv@mastodon.social (general discussion) and @kelsonv@photog.social (photography).

If you’re interested in trying it out, joinmastodon.org is a good place to start, and can suggest which instances might be a good fit. And this Brief Introduction to Mastodon goes into a bit more detail on how to use it and what the culture and etiquette is like.