Just In Time, the Brave Browser Becomes My Default

Last night I saw a respected security professional I follow on Twitter mention the Brave web browser, and how good he thought the mobile version is. Brave was started by the Mozilla Project co-founder Brandon Eich, and is based on Chromium, the open-source base that Google Chrome is constructed upon.

Today, I caught wind that Chrome is soon going to prevent you from doing things such as disabling its DRM management feature called Widevine. The problem with this is summarized here:

…a single browser may now require two different DRM plugins to play all DRM content. These plugins have their own security issues, but unlike with the Flash vulnerabilities, security researchers are banned from looking for them, due to Section 1201 of the Digital Millennium Copyright Act (DMCA). That means malicious hackers, who already engage in other criminal activities, may freely take advantage of all the vulnerabilities they find in these DRM plugins before companies discover them on their own.

In short, because of the closed nature of the DMCA, we end users are at risk unnecessarily, and we will soon have no ability to disable this plugin should we wish to do so.

Enter The Brave

Brave offers a browser that works on all platforms (Windows, Mac, Linux) and on mobile. It blocks ads by default, blocks malware, and is lean and fast. Putting user privacy and security at the forefront, along with speed, this thing is a powerhouse as it forces https on websites and prevents malware-serving advertisement networks from invading your workspace.

But the difference is the paradigm shift in supporting advertisers, as opposed to simply blocking them out completely:

Brave intends to keep 15% of ad revenue for itself, pay content publishers 55%, ad partners 15% and also give 15% to the browser users, who can in turn donate to bloggers and other providers of web content through micropayments.

I have yet to figure out how or if that will work, exactly, and it doesn’t seem to be fully impemented in the browser yet, but it seems like a great way to solve the elephant-in-the-room problem the Internet faces today: how to earn money and keep users safe at the same time, so that they don’t need to run ad blockers and anti-tracking plugins?

Stay tuned for more info as I learn it, and as I figure out Brave.

Let’s Revisit: Sending Mass Emails The Right Way

envelopes photoThe concept of sending an email to multiple people the right way seems to have eluded the populace as a whole lately. I’m looking at you, schoolteachers, soccer coaches, and party invitation senders. I write to you today because, in recent months, it seems I’ve been included on more and more emails where I’m one of 50 people whose email address is awkwardly stuffed into the CC: field of the email you sent, right there with all the others for everyone in the list to see. I even got an email from the manager of the local Sears store I had recently purchased an appliance from, that got sent to all the people who had bought something there recently, and everyone’s name and address were easily viewable in the CC field.

The problem here is that you are being inconsiderate towards peoples’ privacy, and you are sending around a large list of real email addresses to possibly be harvested by spammers.

There is a way to do this that protects peoples’ privacy, doesn’t annoy the nerds and geeks in your email list, and makes you look like you know what you are doing. What trifecta could be better than that?

The easiest way to do this is by using the BCC: field instead of the CC: field. BCC stands for “Blind carbon copy,” which means that any email address entered in it will not show up to the recipients of the email. The CC: field does show them, so don’t use it.

The trick is that you should enter your own email address in the To: field of the email, then enter the long list of room parents or party invitees in the BCC field. That’s it! Now you too can look cool.

There are some detailed instructions, with pictures, available here, in case you need more info.

Let’s Encrypt The World

lets-encrypt-logoI have been a big fan of free SSL certificate authority LetsEncrypt.org since it was in Private Beta. Now in Public Beta, and now being a Certificate Authority recognized by every major web browser, it’s time for you to start using it on your website!

The great thing about Let’s Encrypt is that it is free. Why? Because the sponsors behind it believe encryption is for the public good. And they are correct. No more do you need to pay $80/year or more for an SSL certificate through some company like GoDaddy. This all may sound too good to be true, but it isn’t.

Wait, what?

In case you are unfamiliar with what I’m talking about here, LetsEncrypt.org offers you free SSL (Secure Socket Layer) certificates for your website. This make your website secure and encrypted for your visitors, just like your bank does, by changing your site’s address from using http://  to https://.

Being a user of the WHM/CPanel web hosting tools for the handful of websites I run, I found a great set of instructions and scripts you can use to get this set up and running in that environment. Just follow the instructions in the WHM forum here. Be sure to set up the cron job so that your cert(s) get renewed automatically. If you forget, it’s very easy to do it by hand from the command line, but the cron job makes it so that you don’t need to remember.

Encrypt WordPress

If you are a WordPress website owner, you can configure it to use the SSL certificate by editing your site’s URL in Settings > General. I especially recommend this for WordPress admin area logins, but there’s not reason you shouldn’t be using SSL on your whole site anymore. This is especially true considering Google favoring SSL-enabled sites over non-SSL sites.

Redirect Traffic to HTTPS

Using an .htaccess file, you can set it up so that any traffic going to your http:// website is automatically redirected to your https:// version. This is the snippet I use in my .htaccess file for that:

RewriteCond %{HTTPS} off
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI}

Go forth and encrypt all the things!

We Cut The Cord!

cable tv photoAbout 3 weeks ago, we decided we were done paying Charter $120/month for the highest level TV package they had. When Rachael and I sat down to think about it, we realized that we really only care about a few things:

  1. College basketball (well, for me, anyway).
  2. HBO shows we like
  3. Jeopardy!

Everything else was peripheral, and we felt like we could live without it. We imagined more free time, more book reading, and more chances to talk to each other and interact amongst the family.

The New Way

I set out to find out the best way to go about this. After quickly discovering the Cord Cutters sub-Reddit, I was pretty well set. Here’s what we ended up with:

  • SlingTV account for $25/month (base package + extra sports channels). This covered most all of my college basketball needs, live CNN, and some other channels we don’t really care about.
  • HBONow through SlingTV for $15/month. While I signed up for this for one month, I think we may go to the HBONow version available through iTunes. That way, we can watch it on either of our AppleTV’s, of which we have two: one in the living room and one in the bedroom. The SlingTV app doesn’t provide for this. Either way, it’s $15/mo., and we can cancel it during the dry months when our favorite shows aren’t on.

That’s it for paid TV. We are at $40/month, and we will cancel Sling once college basketball season is over. That puts us at $15/mo for HBO.

What Else We Are Using

In order to use SlingTV decently, I hooked up my old Mac Mini to our main TV in the living room. I just launch the SlingTV app and we can browse through it with a wireless keyboard and mouse. This comes with the added bonus of doing whatever else we might do on a computer with the TV as the monitor.

I also found a website called USTVNOW.com that gives you all the broadcast networks for free. The local news is based in Philadelphia, but you get all the programming of ABC, CBS, NBC, Fox, and a few others. So we get Jeopardy!

USTVNOW.com does require you to be in another country, as it was geared towards US military and government people overseas to be able to get TV from the States. All I had to do was log in once from another country (thank you Tunnel Bear) and now it lets me in every time, at least until the browser cookie expires, but that is easily resolved.

We also have a Chromecast and the two AppleTV’s I mentioned before. The Chromecast makes it easy to watch Youtube or whatever we might have from another computer or a phone. The AppleTV’s let us watch Netflix ($9/mo) and we might sign up for Hulu ($8/mo).

Lastly, I found an AppleTV remote app, a remote mouse app, and a custom remote app for my phone that let me control my TV, AppleTV, and the Mac Mini, all from my phone.

Getting Used To It

The only qualms about all this have been some moments where the streams were jittery (especially USTVNOW during NFL playoffs), and not being able to channel surf the way we used to. However, we still get to watch the shows we like, I have yet to miss a Louisville basketball game, and the other benefits I mentioned have been working their way into our lives.

There have been some moments of frustration while we try to get used to this new way of life, especially during those “just want to veg out and channel surf” moments, but we are adapting, and realizing that there are better uses of our time.

Summary

We reduced our Charter bill significantly by going down to internet-only and ditching cable TV. It is 2/3 cheaper now!

Even if we pay for SlingTV, Hulu, Netflix. and HBONow all at the same time, we are still looking at less than half the cost of what we were paying to Charter.

This is an endeavor I highly recommend!

Photo by Mike Licht, NotionsCapital.com