Tips on reducing/eliminating spam mail

Spam is a common problem that we all live with. Here are a few things that I have found to work for me when dealing with spam. This blogpost is an attempt to share some of them.

Spammers just need an email address to get started. Here are a few common ways in which they collect them.

• Brute Force : they will send out a mass email with various variation of common names/phrases. eg jane@com through jane9999@xyz.com are very likely to be valid email address.
• Buy them : they will buy the email address from other sites etc (aka share your info with business partners in the privacy statement)
• Collect them : they run “promotions”/”lucky draw” and collect info from your
• Seduce you : Hackers sometime set up “honey pot” sites offering something of perceived value and encourage users to register. They get your email address and more importantly the passwd. Large number of users 80-90% use same passwds for most sites. they now have your email address and a passwd too.

Once the email address is collected its verified by one of the following techniques:

• email addresses that bounce are removed
• emails that user respond to are validated
• links in email that user clicks validates the email address
• pictures or media that autoloads or autoplay validates the email address (most spammers use 1px by 1px images so you don’t even know it autoloaded)

Our spam defending scheme starts with not revealing our email address :

• bugmenot.com. There are a large number of sites that force you to register with them, just to browse it. bugmenot provides us a valid userid/passwd of large number of such site. So just “borrow” a valid id and your are in. No need to reveal your email address

• mailinator.com mailinator is an amazing service, no need to register with them, just create an @mailinator.com address on the fly then go to their site and check your email, no passwd required. emails usually remain for about a day and are clean. They get all the spam not us. I usually use them if bugmenot doesnt help me

• disposable email: There are cases when we have to give out a real email addres to a site that has not “established” the trust with us. In such cases I give them an alternate email address, linked to my real email address. I use filter rules to filter emails to alternate emailaddress to an folder. I still only log into my primary email address, and emails from the alternate id show up in folder that I check periodically, my inbox doesn’t get cluttered

• email alias: Google provides a very cool way of creating email aliases by attaching identifying tags or by inserting or removing dots to the primary google email address. We can then you can filter on these aliases.

  eg. fname.lname@gmail.com = fnamelname@gmail.com = fname.lname+tag@gmail.com

  you get the idea when you register with abc.com just use email address fname.lname+abc@gmail.com. create a filter to move all emails arriving at this address to a folder called abc. If you find spam coming to that email address you know abc.com betrayed you.

  Some sites dont recognize email addresses with “+” as a valid email. in such cases you can just take off the dot or introduce a dot eg fnamelname@gmail.com or f.name.l.name@gmail.com

If you end up getting spam here are a few things you can do to still protect furthur damage.

• bounce the email if you can : Mac Mail client allows you to simulate a mail bounce. some spammers will take off your email address if they get a bounce
• never respond : many spammers will ask you to send an email to a unsubcribe@spam.com. dont do that
• never click on link : if the email has a link/ dont click on it. Most links have tracking information and will validate your email address. In some cases links can point to a fraudulent site.
• turn off the setting to autoplay/auto display images. at the min for the emails from addresses that are not in your addressbook.

some other things you can do

• educate your friends and family to not enter your primary email addresses any any site (eg. to send ecards, invites, share a story/link i) etc. Every time the email addresses is entered on a “rougue” site it can be exposed to spam. Point them to this article. so in future if they get an urgue to do it they will atleast use an gmail alias :)

I hope this helped. Will appreciate your comments.

Facebook now automatically makes your "looser" friends disappear

<rant>

Facebook’s motto seems to be do ALL evil. How else can one explain that they over and over and over again manage to make the most obviously wrong decision. They have repeatedly proven that they cant keep the interests of their users in mind. These prima donnas feel that their users are extremely dumb and constantly need the settings tweaking behind the back.

I am really sick of this irresponsible behaviour. But guess I am stuck unless I find another home. In the meantime I will have to keep checking all my gazillion settings often to see what was changed behind my back. Hopefully I can ask IBM’s watson what did facebook changed today!

</rant>

Well this time in their infinite wisdom they have decided that we users have made way too many friends on facebook and this is causing too much clutter on our walls. And we dumb users cant handle this clutter and thus enter our savior the smart facebook overlords decided to secretly step in and give us the facebook-wall-nirvana by automatically making some of our friends disappear. Thus if we had not “interacted” with a friend in a while (i.e clicked om his liked, commented, messaged etc), any updates from those friends will no longer appear on our wall.

Well there is a setting to undo this:

scroll to the bottom of page and click on "edit options"
in the dropdown box select "all friends and pages" instead of "friends and pages you interact most"

This should restore the old way facebook use to work.Hopefully it helps solve the mystery why some of your friends fell from the face of the earth

Iphone Contacts - Mac Address Book Syncing Issues

I recently noticed that my Contacts to Mac Addressbook Syncing was kinda sorta broken. It did sync some updates, but not in all cases. It was driving me crazy. I finally got some time to research it.

If you google Iphone contact sync, or search on apple forums, they all ask to reset isync, or rebuild address book. My issue was different and this did not fix it for me.

The root cause of my issue was that my iPhone contacts were getting sync to two accounts : Exchange server at work and to Address Book on my mac. Apparently when I added Exchange sync, IPhone decided to add all new contacts under the exchange account. These contacts were not getting synced to my address book.

There is how I fix it :

Tell IPhone to create all new Contacts on the Mac's Addressbook account and not Outlook.    
* On iphone, Go to Settings -> Mail,Contacts, Calendar
* Under Contacts, set Default Account to your mac

This will fix the issue for all new contacts going forward. I still have a quite a few contacts under the exchange account which were not in my Addressbook. Unfornutely Iphone does not allow to move contacts among groups or accounts. There is no easy way to export contacts out and import them under the group. Varaious online forums suggest to sync it to Addressbook/Outlook and fix the issue there. My issue was that the contacts were not showing up on my mac in the first place.

I decided to add my exchange account in address book and that did the trick. Here is how to Add Exchange account.  
AddressBook -> Preferences -> + to add a new account -> Type in my email address, username & Password.

And like magic the defaut group that Iphone has created under outlook showed up on my mac (even without syncing iphone). I was able to move the contact around to the groups in my Addressbook (family, friends, collegues, Business Associates etc).

Hope it helps you, if you are having similar issues

HTML 5 : Video

Boulder Java User group meeting. Presentation by Scott Davis : look at source of google.com apple.com they use html5

when working with public facing web site, idea of video is a very big deal. 

animated gifs : first time moving pictures on the web circa 95
interlaced jpegs, interleaved gifs, progressive downloads same to interbet for downloading on modem

now progressive downloading in movies : first by apple : moved meta data to the front of file (it was the at the end of the file). enabled streaming with quicktime circa 97

netflix moving to html5 (currently supported on ps3 & )
html5 is big on mobile

the big battle on html5 will be on TV set.

web video increased to 54% in oct2010 from 10% in jan2010. but on mobile html5 is almost exclusive,

    <video>
    container/codec
    html5 streaming

    <video src='file.ext' width='300' height='200'>

    similar to 
    <img src='file.ext' width='300' height='200'>


    <video width='300' ...   preload autoplay controls>
        <source src=".....ogv" type="video/ogg;codec=..>
        <source src=".....ogv" type="video/mp4;codec=..>
        <object> .... for flash
        <p> downlaad from    < dislay a message to user to download it
    </video>

    tries to play  first source if it cant tries second etc.... the object. if everything fails download message is displayed

Video containers video files are containers that contain video track, auto track meta data etc. popular container are mpeg4 (.mp4 .m4v), flash (.flv) ogg (.ogv) webm () AVI ()

    mp4 : patent for encoders/decoder
    flash : cpu/memory hungry, no silicon encoder/decoder
    ogg : no patent encumberance like mp4
    webM  : not open standard, just google, google own patents

    flash plugin supports mp4
    quicktime pligin supports ogg
    webM :  also supports  ogg

encoders when we watch video 1. interpreting the metadata 2. decoding video 3. decoding ideo

    3 codecs : h.264, Theora, VP8

    mpeg4 = h.264
    ogg  vorbis=audio, theora=video   (no patents)
    vp8 = webM  (brand new, no onchip container)

    h.264 : both low bandwidth (mobile) high bandwidth (blue ray eyc)

HTTP live streaming (HLS) invented buy Apple submitted to IETF.

    A big file say 30 mins file into small 10 sec segments
       => can be served up by simple apache server
    .m3u stores index file, .tm file are file segments

    files can be encoded different bit stream, so if mobile app moved from wifi to 3g, it can ask for lower bitstream

    Mediasegmenter takes in the original file and segments it

HTML 5 presentation by Scott Davis: ThirstyHead

Q. How many are are doing android dev A. 3 hands went up : Teacher eval, Qwest phone features, Time warner cable

Q. How many desktop A. 50%

Q. HTML5 A. no hands

Local Storage & Application Cache : Can be used for both desktop and mobile app, but mostly on mobile

HTML 5 : Dive into HTML5 by Mark Pilgrim by O’reilly free online at diveintohtml5.org

local storage

old style persistence : cookies disadvantage : turned off, small (4k), all cookies send back & forth with each request

Q. anyone playing with nosql A. no

local storage is name value pair : its like no sql. almost like hashmap 5 MB storage for each origin

localStorage["name"] = value
localStorage["name2"] = value2
for(var i=0; i<localStorage.length; i++)
    var key = localStrorage.key(i)
    var value = localStorage.getItem(key);

Typical usage: we can store facebook updates, twitter updates on the local storage when your phone is in airplane mode. when we go online the updates from local storage is submitted.

today most TV guide are java1.1 or embedded C, most TV manufacture are converting to HTML5 and will use local storage to persist it.

There is also session storage for the current session.

polyfill : polymorphically backfilling the brower that doesnt provide the functionality that browser should support natively. there are polyfill aviable for localStorage ay github

WebSql

no support in IE (as its GPL), firefox due to develop aesthetics : sql is last gen, localStorage keyvalue

can open a db and run sql database. but not on IE or firefox, that makes it not go anywhere

storage is 25 MB

Question : how do we clear the storage, or age out after time like cookies Answer : cant age out, but can clear via offline storage : (firefox - advanced:network)

Question : shared across tabs Answer : yes

Application Cache

all requests are sent to cache and then rendered. all subsequest request hit the browser cache first

cache is king when it comes to writing performant code

great tutorial : Caching tutorial : http://www.mnot.net/cache_docs/ great book : High Performance web sites : recoomendation in books implemented in tool YSlow http://developer.yahoo.com/yslow/

App cache will be supported in IE9, not in IE 8, but in all browser including in iphone and android

html5rocks.com : great site for all things html5

html 5 uses server side hints

manifest file: text - non xml etc file is named as .manifest has 3 sections in any order : CACHE, NETWORK, FALLBACK
the session can appear multiple times

cache : cache things listed here network : users has to be online fallback : show alternate pages to be shown when user is offline

application cache also gets 5 MB

Kid-safe version of mainstream sites

Kids are becoming smarter with each generation. They are getting comfortable with technology at earlier and earlier age. Today intenet forms a very integral component of my kids both education and entertainment needs. This blog post is an attempt to attract attention to an unfulfilled need of an kid friendly need for main stream sites.

I am aware of the superior parental control features of the the computer. But in todays age most of the stuff kids (at least my kids) do is online, not on the computer. I do use parental control to block sites, or better still do it via opendns. but it is a all or nothing deal. I dont want want to block the mainstream site itself, I want to sandbox the site.

My kids use gmail, youtube, google, wikipedia, google image search. I want them to get started with blogging and start tweeting/and facebooking. All of these sites are designed with an adult in mind. Infact I cant even get an account for my kids. They point me to [COPA][http://www.ftc.gov/privacy/privacyinitiatives/childrens.html]. Most sites require you to be atleast 13 to legitimately open an account. Are they serious ? Can today’s kids can live off the internet till they are tweens ?

I think there are legit concerns about the privacy/safety online. Big sites also might be concerned about the potential liability. and ofcourse as the kids cant have the cerdit card and buy stuff online they might not be an attractive marketing target and thus are more trouble they are worth to most site.

Anyhow, what I am dreaming or hoping one of the internet giants will do is the following. and hopefully if one of them shows the way they other will have to follow :)

• Have a kid friendly version of the site. Kids need to have their ids tied to their parent account.
• Kids are allowed to communicate (send/receive) messages from only those “friends” that are approved by parents.
• Any invites/friend both inbound/outbound is sent to the parent account to approve
• All account activity is logged with the summary support sent to parent account
• All posts from adults have to self attested as “kid-safe” to show up on kids account, any adult post that show up on kids accounts always also show up on the parent account too.
• Any search is hardwired to the “safe” filter (similar to what google uses in its searches)

Just some ideas on what will make mainstream internet sites kids friendly. If one of the Big Guys dont step up, hopefully there will be a overlay site that bolts on these features.. Just wishful thinking

I do realize that as parents our responsibility would not end if this were a reality today, we do need to continue to supervise internet access. In my house Internet access is limited to the imac in the family room, so that an adult always has an eye on. No “personal” computers or laptops just yet.