Just In Time, the Brave Browser Becomes My Default

Last night I saw a respected security professional I follow on Twitter mention the Brave web browser, and how good he thought the mobile version is. Brave was started by the Mozilla Project co-founder Brandon Eich, and is based on Chromium, the open-source base that Google Chrome is constructed upon.

Today, I caught wind that Chrome is soon going to prevent you from doing things such as disabling its DRM management feature called Widevine. The problem with this is summarized here:

…a single browser may now require two different DRM plugins to play all DRM content. These plugins have their own security issues, but unlike with the Flash vulnerabilities, security researchers are banned from looking for them, due to Section 1201 of the Digital Millennium Copyright Act (DMCA). That means malicious hackers, who already engage in other criminal activities, may freely take advantage of all the vulnerabilities they find in these DRM plugins before companies discover them on their own.

In short, because of the closed nature of the DMCA, we end users are at risk unnecessarily, and we will soon have no ability to disable this plugin should we wish to do so.

Enter The Brave

Brave offers a browser that works on all platforms (Windows, Mac, Linux) and on mobile. It blocks ads by default, blocks malware, and is lean and fast. Putting user privacy and security at the forefront, along with speed, this thing is a powerhouse as it forces https on websites and prevents malware-serving advertisement networks from invading your workspace.

But the difference is the paradigm shift in supporting advertisers, as opposed to simply blocking them out completely:

Brave intends to keep 15% of ad revenue for itself, pay content publishers 55%, ad partners 15% and also give 15% to the browser users, who can in turn donate to bloggers and other providers of web content through micropayments.

I have yet to figure out how or if that will work, exactly, and it doesn’t seem to be fully impemented in the browser yet, but it seems like a great way to solve the elephant-in-the-room problem the Internet faces today: how to earn money and keep users safe at the same time, so that they don’t need to run ad blockers and anti-tracking plugins?

Stay tuned for more info as I learn it, and as I figure out Brave.

Writing for Listverse is a Waste of Your Time

Listverse is often a recommended website for people who wish to make a little extra cash. They make it sound like it is fun and easy to “Write & Get Paid.”

I’m here to urge you not to waste your time.

The Listverse deal seems rather straightforward at first: come up with a list of things that are quirky and unique, write at least 1200 words about them, cite your sources, then submit them for review. If approved, they send you $100 via Paypal. I thought this sounded like a fun way to make $100 by writing about topics I know and am interested in.

One thing you have to do before writing a list is to make sure they don’t already have a list about the topic you want to write about. Searching their site for existing lists is futile, as their Search feature doesn’t seem to work at all. See the example below, where I searched for a list about vampires that is shown on their home page, and even it doesn’t come up in a search result:

search_-_listverse

This leaves you with having to use Google to query the Listverse site in an attempt to make sure you don’t waste your time writing a list that is already there:

listverse_vampires_-_google_search

Once you think you have a good idea for a list topic, it’s a good idea to read about the Listverse guidelines on what they expect and what the rules of engagement are. Here is how they summarize it:

It works like this: You write your list (10 items per list minimum), you send it in, we reply and say “Great—we’ll publish it” and send you $100 by PayPal (don’t have an account? just make one—it’s easy and free); or we reply and say “Sorry—it isn’t the sort of thing our readers will love—give it another shot.” Just remember, your list should be at least one or two paragraphs per entry.

There is also a more detailed Author Guide that gets into writing style and some more about the rules and what they expect.

The other major caveat is not to write about something in their short list of topics that they are currently not taking submissions for, which are sports, self-help, personal stories, and gaming.

Sounds pretty easy, right?

I dove in and spent about two hours researching topics, writing up a list, proofing it, finding sources for it, then attempting to submit it. Their submission page says, “We only consider submissions with the highest standard of English and submissions should not exceed 1,500 words.”

No problem. I love writing and have what I consider a good mastery of the English language. My article was about 1000 words, so I thought it was ready to go.

First Problem

Only at this point do you learn that lists must be at least 1500 words. Wait…what? Above, on the Submission page, it says that the article “should not exceed 1500 words”. But if you click Submit List, and your article isn’t long enough, you see this:

extra_listverse_com_submit_submit_php

They don’t tell you this anywhere on the submission page until you click the Submit button. And this situation makes it seem like you are set up for failure from the start. So, in one place it says no more than 1500 words, then you are scolded about not having at least 1500 words when you try to submit. What to do?

I went back and added more meat to my list, getting it to the minimum length required, and was finally allowed to proceed. The resulting page and the resulting confirmation email I got told me that it would be up to two weeks before hearing from them. Apparently they read every entry they get, and it is time consuming. I am a patient man, so I was OK with this.

Problem Two: Rejection

I got the rejection letter this morning. I understand not getting accepted for legitimate reasons; it was more about the issues surrounding it that led me to writing this lengthy blog post.

First, the rejection letter itself was not the “highest standard of English,” which was amusing more than anything, but I thought I’d point it out. For example, it said this:

“We regret that your list is just not quite what we are looking for right now; this is usually because your subject matter is outside the scope of the direction in which we are taking Listverse.”

Taking Listverse? Ok, whatever. Moving along…

Second, they go on to list out some of the same caveats about submitting a list, but only this time is it in more detail than before you actually write your list:

We are currently not taking any lists from the following categories: self-help, opinion, product rankings or reviews, money making guides, personal experience stories, health advice, gaming, sports, music, TV, movies, and animals.

My list was not in any of those categories, but I did stop to think that many of these had not been mentioned up front, and I’d have been pissed if I had spent a lot of time on a list about animals, for example.

They went on to list some “technical” reasons for rejection:

1. The list is too short, too long, or does not have ten items
2. The list requires too much editing (poor English or lack of proofing is usually the reason)
3. The topic is already covered on Listverse or the Internet in general
4. The topic is simply not in keeping with the style of content we publish

Regarding 1, I had exactly 10 items on my list. Was I rejected because the list was over 1500 words long, even though I was unable to submit a list unless it was 1500 words long? That seems stupid.

I knew my rejection wasn’t due to numbers 2, 3, or 4, as I had researched everything, proofed it all, and come up with something rather unique to write about, and made it appealing to the type of audience they cater to.

The Final Knockdown: It’s an odds game

Being rather bewildered at the reasons for rejection not lining up with my article, and still not understanding why my submission was not taken, I carefully re-read the rejection email and I found this sentence in the middle:

We receive more than 150 submissions each day and can only choose three for publication.

Only now, after spending all this time writing a list, researching it, proofing it, and waiting on the outcome, did they choose to mention that 3 per day is the limit. The odds sure would have been helpful to know up front, way before any of this ever happened.

But then, why would anyone ever choose to write a list and submit it if they knew the odds, right?

I will not be wasting any more of my time on Listverse, and I urge you not to, either!

 

Note: I will publish my list here soon. Since they rejected it, I retained rights to it 🙂

 

Random Links

No links are better than random links, so I have culled my Bookmarks to find some things that have piqued my interest lately, and I am presenting them here for your perusal. I supposed that the act of coagulating these links into a blog post no longer makes them “random” in some sense of the word, but nevertheless, here they are. Enjoy.

 

Always Something Interesting

Shorpy.com is an historic picture archive “featuring thousands of high-definition images from the 1850s to 1950s. The site is named after Shorpy Higginbotham, a teenage coal miner who lived 100 years ago.”

That sounds pretty neat, and it is. The site is choc-full of very high resolution, pre-Scalia imagery (too soon?) for you to look at. Who doesn’t like a hi-res picture of ‘newsies’ smoking cigarettes?

 

Gone Phishing

GoPhish is an open source phishing framework that allows you to create fake emails, add them to phishing campaigns, then track their success. Perfect for the Inter security professional in your house to do some social engineering in order to find out which family member is most likely to give up the login information for your Netflix account.

Being open source, it’s free to use as you wish.

 

Facebook Safety

FaceCrooks.com keeps an eye on all things Facebook related, with security tips, account setting recommendations, scam alerts, and more. Keep this one in your back pocket if you are a Facebook user.

 

Credit Card Fees

Don’t you hate being charged more to use your credit card when you get that cup of coffee? It’s an understandable position that many small shops try to recoup some of the processing fee for small transactions, but there are restrictions shop owners may be unaware of. This site keep you, the consumer and/or business owner, up to date about what you can and can’t expect related to charing fees for card use.

We Cut The Cord!

cable tv photoAbout 3 weeks ago, we decided we were done paying Charter $120/month for the highest level TV package they had. When Rachael and I sat down to think about it, we realized that we really only care about a few things:

  1. College basketball (well, for me, anyway).
  2. HBO shows we like
  3. Jeopardy!

Everything else was peripheral, and we felt like we could live without it. We imagined more free time, more book reading, and more chances to talk to each other and interact amongst the family.

The New Way

I set out to find out the best way to go about this. After quickly discovering the Cord Cutters sub-Reddit, I was pretty well set. Here’s what we ended up with:

  • SlingTV account for $25/month (base package + extra sports channels). This covered most all of my college basketball needs, live CNN, and some other channels we don’t really care about.
  • HBONow through SlingTV for $15/month. While I signed up for this for one month, I think we may go to the HBONow version available through iTunes. That way, we can watch it on either of our AppleTV’s, of which we have two: one in the living room and one in the bedroom. The SlingTV app doesn’t provide for this. Either way, it’s $15/mo., and we can cancel it during the dry months when our favorite shows aren’t on.

That’s it for paid TV. We are at $40/month, and we will cancel Sling once college basketball season is over. That puts us at $15/mo for HBO.

What Else We Are Using

In order to use SlingTV decently, I hooked up my old Mac Mini to our main TV in the living room. I just launch the SlingTV app and we can browse through it with a wireless keyboard and mouse. This comes with the added bonus of doing whatever else we might do on a computer with the TV as the monitor.

I also found a website called USTVNOW.com that gives you all the broadcast networks for free. The local news is based in Philadelphia, but you get all the programming of ABC, CBS, NBC, Fox, and a few others. So we get Jeopardy!

USTVNOW.com does require you to be in another country, as it was geared towards US military and government people overseas to be able to get TV from the States. All I had to do was log in once from another country (thank you Tunnel Bear) and now it lets me in every time, at least until the browser cookie expires, but that is easily resolved.

We also have a Chromecast and the two AppleTV’s I mentioned before. The Chromecast makes it easy to watch Youtube or whatever we might have from another computer or a phone. The AppleTV’s let us watch Netflix ($9/mo) and we might sign up for Hulu ($8/mo).

Lastly, I found an AppleTV remote app, a remote mouse app, and a custom remote app for my phone that let me control my TV, AppleTV, and the Mac Mini, all from my phone.

Getting Used To It

The only qualms about all this have been some moments where the streams were jittery (especially USTVNOW during NFL playoffs), and not being able to channel surf the way we used to. However, we still get to watch the shows we like, I have yet to miss a Louisville basketball game, and the other benefits I mentioned have been working their way into our lives.

There have been some moments of frustration while we try to get used to this new way of life, especially during those “just want to veg out and channel surf” moments, but we are adapting, and realizing that there are better uses of our time.

Summary

We reduced our Charter bill significantly by going down to internet-only and ditching cable TV. It is 2/3 cheaper now!

Even if we pay for SlingTV, Hulu, Netflix. and HBONow all at the same time, we are still looking at less than half the cost of what we were paying to Charter.

This is an endeavor I highly recommend!

Photo by Mike Licht, NotionsCapital.com

The Slippery Slope of Encryption and Terrorism

encryption photoThis is really bugging me: Two nights in a row, on major news outlets reporting on the horrific attack on Paris, I have heard the reporters say things like, “the terrorists used encryption technology to ‘go dark’.”

I heard that on CBS evening news tonight (slightly paraphrased).

Last night on CNN, Poppy Sanchez (or whatever her name is) said that encryption was used to hide all of their communications, and that it was very concerning.

They are alluding to encryption as a bad thing because the terrorists used it to coordinate their attacks. They may have used automobiles too, but they didn’t seem concerned about that.

Why this attention to encryption irks me is because there has been a concerted effort by governments of the world (ours in the forefront) to get major tech companies (Google, Amazon, Facebook, more) to build so-called “backdoors” into encryption technology.

That means that if you send an encrypted message to someone, otherwise unreadable by anyone except the person you sent it to, it can still be read through this “backdoor” by the governments who are in cahoots with the tech companies, allegedly to be able to monitor communications amongst the bad guys.

You’d think that’s a good idea, right? Well, it’s been proven over and over again that backdoors get found and exploited by people who are not supposed to find them.

That is what hackers do, for better or for worse, and it’s usually for the better. You heard me correctly. Hackers find exploits and tell people about them so that they get fixed, and make everyone safer.

That is what my day job involves, actually. Sure, there are evil hackers who like to exploit these things for nefarious purposes, but that’s why we continue to find vulnerabilities and fix them.

The news outlets are pushing this idea that encryption is some dark arts majik that terrorists are using, while no one else would ever dare need such a thing. I worry that this will give the general public the wrong idea: that encryption = terrorism, so we need to do something about it.

What better time to push this idea than after a terrible tragedy?

I will link to my favorite article about encryption. It’s short, and it makes sense, and you should read it. For now, a quote:

Today, we are seeing government pushback against encryption. Many countries, from States like China and Russia to more democratic governments like the United States and the United Kingdom, are either talking about or implementing policies that limit strong encryption. This is dangerous, because it’s technically impossible, and the attempt will cause incredible damage to the security of the Internet.

–Bruce Schneier, in Why We Encrypt

 

Edit (9:4pm): I missed the story circulating about this exact topic, confirming everything above.

Photos by Encryptomatic,