Monday, December 13, 2010

Chrome's Omni-Search

I've mentioned this feature before, but thought I'd give it a bit more attention. Google Chrome is very smart, and the omnibar is very powerful.

For example, if you go to a site like dictionary.com and do a search (such as "Chrome"), you're taken to a page with a URL along the lines of http://dictionary.reference.com/browse/Chrome (notice how the search term is actually part of the URL).  But part of the amazing thing with Chrome is once you've done a search once, Chrome will usually automatically figure out how the search page URLs are formed. Then all you have to do is type something like "dictionary.com{tab}blog{enter}" and you'll be immediately taken to the search results page. And it does this automatically and completely in the background on almost any site! It'll even tell you when you can do this so when you start typing "dictionary.com" in the omnibar off to the right you'll see a message "Press {Tab} to search Dictionary.com".

And while it will figure this out automatically on most sites, on some it doesn't quite work for various reasons. Also, understanding what's going on in the background allows for a couple other tricks with this feature.

So... when you do the search the first time Chrome will automatically detect the URL of the new page. If it contains the data from the form (search box) you filled on on the previous page it adds an entry in its internal list of Search Engines with the new page URL and replaces the search term with a special "%s"... a variable meaning "whatever I searched for".
In Chrome you can view (and add & edit) the sites Chrome knows how to do searches on for by going to Wrench -> Options -> Basics. And in the "Default search" area, click the "Manage" button. Under the "Other search engines" heading you'll see all the other sites Chrome has figured out how to search for you.

This is also where you can add these couple tricks...
Because Google Maps uses AJAX to perform searches the URL does not directly get changed. However, Google has made it so you can still perform a search on Maps using a URL simply with...
http://maps.google.com/?q=%s
So to be able to search Maps directly from your omnibar simply go to that Search Engines manager, click Add and add the URL as a new search engine.

Tuesday, November 16, 2010

Just -Why- is IE bad?


I've done a few posts about other Internet browser options (Chrome, Firefox, Safari, Opera), and what's good about the others, but never really explained clearly why the rest are so much better compared to Microsoft's Internet Explorer (IE).
So here goes...

W3C Standards
You first should understand when your browser software requests a webpage the data it receives is typically clear text with Hyper-Text Markup Language (HTML). HTML is text with special encodings within it that tell the browser software how something should graphically be displayed.
So when a webpage contains something like...
This <i>is <b>encoded</b> with</i> <u>HTML</u>!
That tells your browser to italicize "is encoded with", and bold-face "encoded", and underline "HTML"...
This is encoded with HTML!
And there's lots of markup encodings that can be used. Everything from text styling/sizes, colors, positioning/layout, linking, all that kind of stuff.

The "World Wide Web Community" (W3C) have developed certain Standards; what the community agree on for what tags should do what. And while there are minor quirks and differences among all browsers, they pretty much all render things the same... except IE. With IE though, it appears Microsoft has decided, "since we have the biggest market-share (thanks to IE being pre-installed with Windows), we'll make our browser work however we want."  Because of that, now web designers have to implement several different encodings and "hacks" in order to achieve some level of consistency in how their pages appear across different browsers. Take for example this HTML (which rather than in-line HTML tags it uses something called Cascading Style-Sheet, or CSS encoding, but exact same issues in IE)...
<div style="width:200px; height:25px; text-align:center; border-radius: 10px; border:2px solid black;">I'm in a styled div </div>
If you view that in any W3C Standards compliant browser you'll get a nice little rounded box around the text...
I'm in a styled div
However, view it in IE and the dimensions are slightly off and you get no rounded corners at all. If the designer really wants be sure to get rounded corners they have to create graphic images for each corner and fight with exact positioning (using the previously mentioned "hacks"), and your browser then takes longer to load the page because it has to then also download those graphic images to display. And that's just for a rounded corner effect... once you start trying to implement positioning on the page, and nesting of elements within other elements or nearly anything beyond bold, italicize, or underline it just keeps getting worse! And the designers have to either write code on the server-side that changes the HTML sent down to your computer depending on the browser you're using, or they have to send down extra HTML to try to target all browsers. In either case, things take longer if they have to be able to work in multiple browsers. So web design and innovation gets slower trying to keep things consistent for IE. Browsing the Internet is slower because of all the extra stuff that has to be downloaded or built. And most developers even give up on making sure IE works the way they intend things to work, and just say "close enough" and move on. So the user-experience with websites is even worse in IE.
There are lots of things webpages could do, but because there's pretty much no way to achieve the same thing in IE, they're not used at all. So quite simply IE holding back design and innovation!

JavaScript
Most webpages have some level of client-side scripting in them. This is program code, typically written in JavaScript (JS), that runs in the client-side browser to do various things. Most commonly manipulating elements on the page in response to the user's actions. Finally the latest versions of IE are getting consistent with using the same keywords / properties (though people using old versions of IE are likely to still have problems).
But when the browsers need to run the script there is some pretty technical stuff going on and while IE does generally do the stuff, it is WAY slower at it. Now generally client-side script is very short simple things so the differences between 0.01 seconds and 0.1 seconds may not seem like much, as pages get better more sophisticated those speed differences continue to grow. Take for example something like Google Docs (docs.google.com) which is completely browser-based document/spreadsheet editing or Gmail (www.gmail.com) or other high-end web apps. Those things that need to do a lot of client-side work, can easily start showing the weight of IE; in most other browsers something that may take 1 second could take 10 in IE!


There is a popular browser javascript speed test here... http://v8.googlecode.com/svn/data/benchmarks/v6/run.html
Just as an example I ran this on my system in Chrome, Firefox, and Safari three times in each. The average scores were... (bigger numbers = better)
Chrome v7.0 got 3,532
Safari v5.0.2 got 1,913
Firefox v3.6.2 got 422
For IE I only run it once because every couple seconds it constantly was popping up...
And I had to continuously click the "No" to finally get a single test to complete. And for that...
Internet Explorer v8.0 got 77.4


More on Speed
In addition to client-side script speed, there's also a significant issue of speed in regards to parsing and displaying a page. When your browser software sends a request for a webpage your Internet connection speed affects how long it takes to get the HTML/content of the page downloaded to your computer. But once that's downloaded the browser software then has to figure out what the page says and how to actually display it. This is of course primarily dependent on the speed of your computer, but also heavily on the browser software. Pages with a lot of content or complex layouts take significantly longer to display in IE than pretty much any other browser.

Another speed tests that tests some other things than JavaScript such as dynamic changes to page elements is the Acid3 test... http://acid3.acidtests.org/
Chrome 100/100
Safari 100/100
Firefox 94/100
IE 20/100 and "FAIL" ? (That really does say it all! LOL)

Security
There is a standard accepted way webpages can be encrypted and transmitted securely (HTTPS). And pretty much all browsers handle HTTPS just fine. But for additional security, when implemented in a network infrastructure correctly, IE is probably better in that respect. But for probably 99% of users, the security of IE is like using a fire hose when you want a straw.

Sweet Feature of the ..whenever I post them..

So here's a really handy feature of Google Chrome's omnibar... it does math!

Type an equation in the bar and in the "suggested searches" list that drops down from it, it will display the results of your math formula. Even some pretty complex equations and unit conversions!

For example, how many liters are in a 12 pack (12 ounce cans) of pop? Type in...
(12 * 12) ounces in liters
And you'll see a 12 pack is about 4.25 liters...

Thursday, November 11, 2010

Malicious URLs / Phishing

Just a quick reminder about how URLs ("web addresses") and security work...

URL Formation
Given a particular URL...
http://www.google.com/#hl=en&...

The first part, "http" in this case, is the "protocol". There's a few different things you may see here, but nothing you generally need to be concerned with.  Although it is worth knowing that when the protocol is "https" that means data is encrypted before being exchanged between your browser and the server. On pages where you're entering sensitive data (SSNs or credit card numbers), you should check that the page is secured ("https://").

Then after the protocol seperator ("://") is the "domain name". Domain names are basically a tree path, seperated by the dots, and formed right to left. The right-most dot-something group (".com") in this case is referred to as the root domain. Then moving to the left the next sub-domain, the "first level" domain is google. And then one more sub-domain, a "second level" domain of www.
Anything after the first slash after the domain name ("/#hl=en...") all has to do with the path to resources on that site, and all irrelevant to the rest of this info.

This often mis-understood right-to-left organization is something malicious sites tend to try to take advantage of. They register domain names but then apply sub-domains (parts on the left of the first level domain) to make them appear legitimate.
For example, I received an email about a Password Reset from a service I use, and the email had a link to their reset page. I'm sure if I went to the page it would look like the real service's page and ask me for my "old password", which if I provided of course they'd then have my account password and be able to hack my account.  The URL was...
http://us.battle.net.blizzard-password-us-eu.net/account/login.html?ref=https://www.worldofwarcraft.com/...
Which the first level domain name they used is actually ".blizzard-password-us-eu". The real service they're trying to impersonate "us.battle.net".

Public Networks
And if you're using a public network (library, coffee shop, etc), you should probably also make sure any page where you provide a password (or any sensitive data) is also secured. This is because any data you send out on a network, can be seen by other people on that network. But if you're on a page using HTTPS while anybody can still see the encrypted data, it will be just jargon to them.
For example (and rather surprisingly), Facebook's default home / log on page is not secured! If you just type "facebook.com" in and hit Enter you'll be taken to http://www.facebook.com/. If you then log on to that your logon credentials can potentially be seen by anybody on the same network.  With most sites like this though, it is also possible to explicitly provide the https and still use the site as normal. So while just typing "facebook.com" and hitting Enter takes you to the unsecured page if you explicitly put "https://facebook.com" you can still use the site and log in as normal, but now your data is protected.

So in short...
Before providing passwords be sure to check the first level domain you're on and that you know it's legitimate. And before providing anything like SSNs or credit cards (or any private data when on a public network) the page is using a secured (HTTPS) protocol.

Thursday, July 29, 2010

Try Google Chrome

Topic: Google Chrome|Level: Beginner|Type: Informational



I had done a couple previous posts about various web browsers...
http://nicksnetniche.blogspot.com/2009/04/web-browsers.html
http://nicksnetniche.blogspot.com/2010/01/go-away-ie.html
http://nicksnetniche.blogspot.com/2010/01/go-away-ie-part-2.html
...but thought I'd mention a few things specifically with my current browser of choice, Google Chrome.

First of all, Google Chrome (http://chrome.google.com) and Firefox (http://www.firefox.com) are both very good browsers. Firefox is a bit more powerful than Chrome with more add-ons. However, for general web browsing Chrome is my browser of choice.

Fast
Chrome is fast. Like, really fast! Everything it does from initial loading, to parsing and displaying pages, to processing and running javascript. And the real surprising thing is that that speed doesn't seem to come at much cost as compared to the other browsers out there.

Middle-Clicks
Most browsers support middle-clicks (or Ctrl+Clicks) as well. This very handy feature allows you to middle-click (or click your mouse-wheel down) on a link and it will open that link in a new tab. Or you can middle-click a tab to close it.

Tabs
Pretty much all browsers support tabs now to be able to have multiple web pages open concurrently. But not many people realize just how powerful the tabs are in Chrome. For example, you can re-arrange them by simply clicking and dragging them in the tab strip at the top of the window. Or you can even pull a tab out of the tab strip to separate that tab in to it's completely own window or drag a tab from one window in to the tab strip of another.

Extensions
Chrome supports "Extensions" (like Firefox's "add-ons"). Which are small applets that you can browse a gallery of, and add to Chrome to add or customize functionality. To browse the many available extensions simply click the Wrench icon in the upper-right, then select Tools -> Extensions.

Bookmarks
or Favorites. Everybody knows what these are. But something you may not realize is in Chrome you can Bookmark a page by very simply clicking the little Star button to the left of the address bar. You'll then be presented with an option on where to save the Bookmark. By default, new Bookmarks are added to the "Bookmarks Bar". Which is a list of bookmarks on the New Tab window (if you use the New Tab window instead of a standard Homepage). You can also have fine control of the organization of your bookmarks by using the Bookmarks Manager which can be accessed from the Wrench -> Bookmarks Manager.

Super Smart Address Bar a.k.a. the Omnibar
The address bar in Chrome is very powerful. Not only can you type website URLs as you'd expect, but from this bar you can also perform web searches (type a search and hit Enter and it will be sent to your configured search engine of choice and you'll be immediately taken to the search results page). Or you can start typing the name of a website you've previously bookmarked and the suggestions that appear below the address bar will include any matching bookmarked sites in it.
Or a very cool feature I just recently noticed is once you preform a search on a website (like a shopping site such as amazon.com or reference site like dictionary.com ), Chrome will usually be able to figure out how searches are performed on that site. Then once you've done a search on the site once, all you have to do is typing something like "amazon {tab} something {enter}" in your address bar. When you hit {tab} a box appears that says something like [Search amazon.com:] and then you just type what to search for on that site and hit Enter. You're taken right to the search results of that site for whatever you're looking for.

Synchronization
Most people use more than one computer and with Google Chrome you can have your Bookmarks, Preferences and Themes synchronized to your Google account and then synchronized to your other Chrome installs with syncing set up. This feature can be found by going to the Wrench -> Options -> Personal Stuff. And the first group on that page.

Process Separation
This is a more technical thing, but basically each tab, extension and plug-in in Chrome is handled by a separate process in the operating system. What this basically means is that if something does go wrong and a particular tab or extension has to be closed, only that one thing is closed; not the entire browser.

Wednesday, March 24, 2010

Web Services

"Never underestimate the web" - Vic Gundrota

There are tons of great products and services on the Internet, so many it can be very over-whelming. So I figured I'd list a few of the ones I use and some of the benefits of them all. Also, these are all free services or at least have some free version/level available.

The first thing to bring up has to be the browser itself. I have done a few blog posts already about different browsers, but it has to be said again here because the rest of this blog is about different web-based products and services. If you're using Microsoft Internet Explorer (IE) STOP IT! IE does not work, and there's no signs of it getting fixed any time soon. Pretty much any of the other options (Chrome, FireFox, Safari, Opera, etc) are fine though. If you don't know the differences between them and don't want to do the research, just get Google Chrome ( http://chrome.google.com ) the best IMO for the majority of users.

The second thing to mention has to be Google... all things Google! They put out so many great products and services it's amazing it all comes from one company. And Google is far more than just Gmail. Gmail is just their email service, but they provide lots of others. It's also important to realize there's a difference between a "Google account" and a "Gmail account". Most people don't realize there's a difference because when you get a Gmail account it automatically comes with a Google account, but you can create a Google account with absolutely any email address, not necessarily an @gmail.com address. Which brings me to the services...

Email
For email service I suggest Gmail. It's web-based email so you can access it from anywhere with an Internet connection. But also now thanks to some recent technological advancements you can even have your gmail accessible while you're offline (as long as you're using a working browser / not IE)! For more info about Gmail check out http://nicksnetniche.blogspot.com/2009/05/love-ya-google-gmail.html

Photo Sharing & Editing
Another Google product many people tend to not know about; Picasa. There's actually two parts to this. One is the desktop software to organize and edit your photos on your local computer and to upload your select photos to the other part, the Picasa Web Albums where they can be stored, linked to, and shared with others. More info on this one here... http://nicksnetniche.blogspot.com/2009/07/love-ya-google-picasa.html

Document Storage & Editor
As an alternative to the very popular and expensive Microsoft Office there's Google Docs. Not as powerful as Office, but it's quickly growing in features and of course, free and has features that come with it being web-based such as sharing and collaborative document editing between other users. http://nicksnetniche.blogspot.com/2009/08/love-ya-google-docs.html

Calendars & Schedules
Easy to use calendars that you can create multiple calendars for organizing your events, and all the regular things you'd expect of course like one-time or repeating events. You can also configure your cell phone in Calendars so you can have it automatically send you text message reminders of upcoming events. Share your calendar(s) to other users so they can see your events in their calendars. calendar.google.com

Maps & Directions
I used to use mapquest.com for all my driving directions, but of course Google now does it better in pretty much every way... Save maps with custom markers, share maps to others, get driving / public transport / walking directions. Amazing search support; rather than having to provide start and end points in separate Address/City/St fields you have a single search box where you can type nearly anything including searches such as "Some-Business to Some-Address" maps.google.com

Online Streaming Music
Pandora.com (or Last.fm is just about the same) are great services for streaming music to your computer. You start by indicating some music you like and it starts playing other music that's similar you'd probably like. Then you can further refine your "stations" by giving songs it picks to play a thumbs-up or thumbs-down or by explicitly adding other songs/artists to your station. The free version of Pandora does have a limit of 40 hours per month and does play very short advertisements once in awhile, but the pay options are also very inexpensive.
Lala.com is another web-based music service, but this one allows you to actually build a playlist of specific music to listen too. I've not used this service as much as Pandora as this seems to be better to listen to specific songs, but for general listening Pandora has more advantage. Pandora does not allow you to listen to specific songs (as it's more of a web-based radio), but it does keep playing without the need to pick songs to play and helps you find and discover other music you would probably like.

Online Streaming TV & Movies
Hulu.com Yup, free online streaming of various tv shows and movies, all in the browser, no need to download and install anything! And as the site gets more popular they keep getting more and more content.

Remote Computer Access
Ever had a situation where you were somewhere and wanted to be able to check or do something on your computer at home or at work without going there. LogMeIn.com allows you to install a small application on your computer and then from anywhere else you can simply go to the website, log in to your account, and then connect to and control your computer(s) right through the website!


File Transfer and Sharing
DropBox.com is a service that allows super easy transfer of files between your multiple computers or between different users. You install a small application on your computer and it creates a special "My Dropbox" folder on your computer. Then any files you place in that folder automatically uploaded to the DropBox servers under your account. This then serves as a backup for your files as well as you can access those files then by logging in to your account through the website from any computer. But the real beauty of this service is you can then install the application on other computers, set them up under the same Dropbox account, and the service automatically synchronizes all the files in your Dropbox folder across all your computers. (It's really as easy as you save the file in your Dropbox folder on one computer and when you look on your other computer, the file is already there without doing a thing!) You can then open the file, make changes, save it. And when you look on your first computer your changes are already reflected on it.
You can even Share sub-folders to other Dropbox users to provide a way to super easily transfer files to others without the need to go through the process of attaching the files to emails, sending them, then the other person has to download the emails and attachments and save the files themselves.
And there's even a special Public folder that allows you to get a web link to the files that you can provide to other users and they don't even have to have a Dropbox account. Files in your Public folder can be accessed by anybody with just the link Dropbox provides you.

Chat & IM
There's tons of Chat and Instant Messenger services out there and most people already have a few. Meebo.com provides a service that allows you to create a single Meebo account and then register all your other chat and IM accounts under it. You just log in to your one Meebo account and you have a single unified list of Buddies/Friends and you can chat with them all right from Meebo. They even have different Meebo apps available such as downloadable application, but I prefer to just use the browser based one.

RSS
If you're not familiar with what RSS is check out http://nicksnetniche.blogspot.com/2009/04/whats-this-rss-feeds-subscribing-stuff.html . As far as an RSS reader my current choice is Google Reader; reader.google.com . Again all browser based and subscriptions stored under your Google account so can be accessed from anywhere.

Personal Finances
I've not actually used this one yet but was just now told about it by a very good tech-friend, and it definitely looks like it's worth checking out... mint.com . An alternative to Quicken or other finances tracking & budgeting applications.

Graphics Editing
Aviary.com has a few products but they're pretty much all about graphics editing, and one for sound wave file editing. A pretty good alternative to the pricier Macromedia Photoshop / Illustrator products. (Keep in mind Picasa is probably better for photo editing, this is more for vector or clipart graphics.)

Telephone calls
Ok, not really telephone, but rather Voice over IP (VoIP) technology allows you to use your computer speakers and microphone and with many services your webcam so you can have conversations with others over the Internet as if it were a regular telephone / video conference call. I don't use these services too often, but still the best appears to be Skype.com

Android
Ok, this isn't any kind of web service but it's worth mentioning. Android is an operating system for electronic devices, primarily web-enabled cell phones. There's lots of Android phones on the market now for nearly every cell service provider. The reason I mention this is because Android is actually developed by Google and very tightly integrates with Google. Pretty much all of the services I just mentioned because they're all web-based and accessible from anywhere with an Internet connection, you can also then access them from web-enabled phones as well! (Or at least will be able to soon... Dropbox and LogMeIn currently have Android versions of their apps in development) But all the other services from Google (Gmail and Contacts, Calendar, Docs, Maps, Reader) are all accessible right from the device.

Thursday, February 25, 2010

Don't Get Phished!

Topic: Privacy Protection|Level: Beginner



What is Phishing?
More specifically what I'm referring to is "website forgery". It's a scam where you are taken to a website and asked to log in. However the website you're taken to is not the real website; rather it's a malicious group that has built a site that looks just like the original site and when you try to log in they record your username & password.

So how do you protect yourself?
If you're ever on "Site A" and click a link to "Site B" you potentially could be on a phishing site.

What you have to do is look at your browser's address bar and know the real "domain name" of the site you want.

The domain name is the shortest, simplest part of a website such as "blogger.com", "twitter.com", or "wikipedia.org". A company can prefix their domain name with any number of subdomains they wish. These subdomains will always come before, to the left of the root domain name. So en.twitter.com is still twitter.com, but twitter.somebadthing.com is not twitter.com, it's somebadthing.com which would probably have nothing to do with twitter.comsomebadthing.com would probably then make their homepage to look just like twitter.com complete with the login fields. You then log in, they record your credentials and can even then forward you through the real twitter.com login so you'd probably never even know you just got phished.
So any time you're about to log in to a website that you didn't enter the address in your browser's address bar yourself always check the address of the page before you log in.
An entire website address will start with a protocol ("http://" or "https://"), then may have any number of subdomains before the root domain.  But they all will come before any slash ("/") characters.
So...
http://www.twitter.com/  is  twitter.com; safe.
https://register.facebook.com/editaccount.php is facebook.com; safe.
https://bankofamerica.com. somebadthing.com/ is somebadthing.com; not Bank Of America. Putting a legitimate name as a subdomain of a malicious name is a common way to trick people.
http://security. somebadthing.com/facebook.com/login.aspx is still somebadthing.com. Putting the legitimate domain name as a subfolder (after the "/") is another way.
http://www.myspace.net/ is myspace.net; not myspace.com Using a different root name such .net instead of .com could be used for phishing. Although most companies when they register a .com name, they also get .net and any others that are appropriate and then if you use the .net they automatically direct you back to the .com. But still to be safe always use the one you know for certain is the one you want.
http://www.wikepidia.com is not wikipedia.com. Using a misspelled domain name is another way.