Fred Stluka's Links Page
Last Updated: 4/23/2000
Applies to: Internet, World Wide Web
Check out my links page for links to lots of useful Web sites.
--Fred
Internet Security
Beware Hoaxes and Scams
Last Updated: 12/4/2007
Applies to: Internet, World Wide WebBeware of hoaxes and scams, especially those leading to identity theft.
Here's a fun cartoon video that is worth watching every now and then to remind you not to fall for these things.
http://info.org.il/irrelevant/may02-smilepop-soapbox4.swf
On a more serious note...
There are tons of hoaxes circulating via e-mail these days. No, you probably didn't win the UK lottery, if you'll just send them your name, addresss, age, ... No, it's probably not a good idea to send bank account info to that friendly Nigerian official so he can use your account to transfer massive amounts of money out of the country before the rebels get it. Etc...
Here's a typical one that arrives by phone, not e-mail:
Jury Duty Scam
The phone rings and the caller says you missed jury duty and a warrant has been issued for your arrest. When you say you never got any notice of jury duty, he asks for more info, so he can check the records, clear up the confusion, and get the warrant cancelled. He asks for your SSN, birth date, etc.
You just got scammed and gave away the info he needs to steal your identity.
For more info, see:
http://www.snopes.com/crime/fraud/juryduty.asp
http://www.truthorfiction.com/rumors/j/jury_duty_scam.htm
http://www.fbi.gov/page2/june06/jury_scams060206.htmHere's a really common e-mail one:
Identity Already Stolen Scam
You get an e-mail that seems to be from your bank, claiming someone may already have stolen your identity, and asking you to login to your bank account to confirm that fact, and to get started resolving the problem.
The e-mail looks real, because it uses the bank's graphical logos, and has lots of links to the real bank site (its privacy policy page, its page for changing your password, etc.). It's also full of warnings to not fall for scams. However, the one link it asks you to click to login is a bogus link that takes you to a page that looks exactly like the login screen of the bank, but which collects your username and password for its own purposes. After doing so, it may even use the username and password to log you in to the real bank site, so you never notice that you were scammed.
The one thing to watch for in advance is the status bar at the bottom of your e-mail window. When you hover over a link before clicking, it shows the URL that the link will take you to. On a phone or tablet, long-press the link to see the URL. You may notice that it says something like:
http://225.142.76.88/citiback.com/login.jsp
or:
http://something.ru/citibank.com/login.jsp
or something, instead of just:
http://citibank.com/login.jsp
However, not all e-mail programs show such info, and even that can be faked sometimes.For more info, see:
The best way to be safe is to NEVER give out personal info and NEVER log into a Web site, unless you initiated the contact. If you called them at the standard phone number, or you went to the standard Web site to do your on-line banking, fine. But if they called you, or they sent you an e-mail with a link, beware!!
If anyone contacts you, via e-mail or phone, asking you to login with your username and password, or asking you for info like account number, age, address, username, password, PIN, SSN, credit card number, etc., no matter how plausible the context, ask yourself:
- What proof do I have that they are legit?
- Does it sound too good to be true?
- Wouldn't the real agency/company/whatever already have that info about me?
If you want to check out a particular e-mail or phone call to see if it's a hoax, check any of the hoax-debunking sites listed at:
http://bristle.com/~fred/#hoaxesThanks to Carol Hebert for sending me the warning about the jury duty scam, and to Mary Neviska and Carol Stluka for sending me the video!
Feel free (but not obliged:-) to forward this warning to your friends.
--Fred
Sextortion hoax with real password
Original Version: 10/24/2018
Last Updated: 5/16/2020
Applies to: Internet, World Wide WebSecurity risks keep getting worse and worse. Here's a new twist: "Sextortion" scams with your real password!
For decades now, we've had to be careful about computer viruses. Then we started seeing scams that claimed we ALREADY had a virus, and pushed us to download and install a program to fix it -- which was itself a virus! Doh! The hackers keep getting more and more clever.
A few months ago, I got an email that claimed my computer had been hacked and my camera was being used to watch me. Said they'd recorded embarrassing video of me while I was visiting a porn site. Threatened to send it to people in my contacts, which they also claimed to have access to. Wanted me to pay them (anonymously via Bitcoin), OR ELSE! Don't dare call the police, etc., etc., etc...
I laughed it off because the first thing I always do with any computer I use is to tape over the camera. And I'm pretty careful about what sites I go to, and never download or install anything from a non-trusted source. Get lost, sucker! Nice try though!
But it occurred to me that lots of people would not be as sure as I was, and might pay the ransom. Worse, they might be extorted into doing something else. Abuse their power in a way that the scammer demanded. In their workplace, to help the scammer with industrial espionage. In their elected office, to help the scammer manipulate the government. In their position as a judge in a court case. Lots of possibilities...
Last week, it got even worse.
I got a similar email. Camera has been watching me. Send money now. Yada, yada, yada, ... But with a new twist.
This email had my REAL PASSWORD in the subject line!!!
Claimed that it already had complete control of my computer. Could monitor every keystroke I typed, watch me with my camera, listen via my microphone, see the stuff on my screen, etc. That was how it knew my password. Send money now or we'll do all sorts of damage to your reputation, your data, your files, your email, etc.
Fortunately, I NEVER use the same password in 2 different places. And I keep track of the passwords I've used over the years. So, I recognized the password as one I had used for a while at MySpace.com about 10 years ago. Not my current password on my laptop or anywhere else.
Yeah, it was possible that they'd hacked some computer of mine 10 years ago (especially back when I used Windows instead of Mac and Linux). But that doesn't mean my current laptop is vulnerable. Anyhow, it seems more likely that they hacked MySpace.com and found my password there.
I did a quick Google search:
Found lots of sites talking about it. Yes, MySpace, LinkedIn, Tumblr (and probably lots of others) were hacked years ago. For some reason, these sites had stored the passwords without strong encryption. (Should have been using Linux, not Windows). So the hackers got the passwords and sold them to scammers like the one who wanted money from me.
One of the sites I found was the FBI asking people to report such scam emails to them at the "Internet Crime Complaint Center (IC3)":
So again: Get lost, sucker! I've reported you to the FBI. Nice try though! Thanks for playing!
But again, not everyone is as careful as I am.
Imagine you'd used the same password at lots of places for years, and were using it on your current laptop. Then you got an email with that password in the subject line. Would you have believed the scammer, and been tempted to pay the extortion money to avoid having your life upended? I might have...
Can you imagine how Trump would respond to such a threat? Especially one made credible by his real password? He'd think back to the worst porn site he'd ever visited and what he was doing as he watched. Would worry about a video being released of him, side by side with video of what he was watching at the time. Would know he couldn't laugh it off, or call it #FakeNews. Too many people would have their doubts. Especially the extremely conservative religious folks that make up the right wing of his base. Would fear that even those who didn't care about the porn would view him as weak and stupid for having been caught. Wouldn't dare to ask anyone for advice for fear of a leak. Would have to decide, entirely on his own, what to do. He's the perfect target for such a scam. Would do whatever he could to avoid the public humiliation. Would give in to their every demand. Maybe he already has?...
Lessons:
- Don't fall for this particular scam
- Use different passwords at different sites
(Watch for my upcoming tip on how I use a simple algorithm to generate and remember a unique password in my head for each site.) - Always be skeptical. Do a Google search or check the Snopes.com site before believing any such claim
- Change your password at any site that's reported as having been hacked
- Also change any passwords at other sites that are the same, follow the same pattern, or are in any way guessable by a hacker who's seen the hacked password
- Report such scam attempts to the FBI
Be safe and be happy!
--Fred
Patch/upgrade your browser
Last Updated: 11/18/2014
Applies to: Internet, World Wide WebLots of scary bugs lately. How can you protect yourself? Read on...
We're starting to find lots of security holes in the basic software used for Internet connections. Recently, there've been the Heartbleed, shellshock, and POODLE bugs that all have to do with vulnerabilities in Web servers. Hackers could take advantage of these bugs to break into Web servers and steal info, or to listen in on the connection from your browser to the server and steal info.
Not much you can do about them. The people who run the web servers are scrambling to apply patches. All of my servers are now patched. Most likely, all of the banks and other critical sites you connect to are now patched too.
However, there are also lots of bugs in browsers that allow a hacker to take control of your computer if you browse to an infected site. No one else is going to fix these for you. You'll have to fix them yourself, by applying patches and allowing automatic upgrades to your browsers.
Here's the latest bug found in Microsoft Internet Explorer:
- Overview:
http://www.itworld.com/article/2846976/microsoft-fixes-severe-19-year-old-windows-bug-found-in-everything-since-windows-95.html - Details:
http://securityintelligence.com/ibm-x-force-researcher-finds-significant-vulnerability-in-microsoft-windows
For the past 18 years, any time you connected to any web site via Microsoft Internet Explorer, the site's been able to silently do whatever it wanted to your computer:
- Stealing your files that may contain credit card info, bank accounts, and other sensitive data
- Installing a program to record every keystroke you type and send them to the hacker
- Adding your computer to a "bot-net" -- a robot army of computers that do whatever the hacker wants, like all simultaneously attacking the computer of a bank or store, or power plant, or the government, to prevent that computer from doing its job. So, for example, block stock trades while someone makes a financial killing, block the US defense systems while missiles are launched at us, etc.
- etc.
I claim that the vast majority of Windows computers are already part of a bot-net, and the owners just don't realize it. If you don't want to be part of the problem:
- Install all security patches as soon as possible
- Use Chrome or Firefox instead of Internet Explorer
- Consider moving from Windows to a more secure operating system like Mac or Linux
- Turn your computer off when you are not using it, so it's available less often to be part of an attack.
Meanwhile, if/when Microsoft releases a fix for this latest bug for your Windows operating system, be sure to apply it ASAP. The bug was discovered in May and Microsoft was told about it. 6 months later, they finally have a patch for some versions of Windows (not yet Windows XP because they want you to buy a newer version of Windows from them instead).
Now that they have a fix, the guy who found the bug is starting to tell people about it, which means even more hackers will learn about it and start trying to exploit it. So if you don't apply the fix, you are at risk.
You've been warned,
--Fred- Overview:
Google GoodToKnow
Last Updated: 1/30/2012
Applies to: Internet, World Wide WebHere's a link I just added to my links page:
http://www.google.com/goodtoknow/It's a new Google site with lots of info about security and privacy on the Internet, including explanations of:
- Cookies
- Phishing
- Viruses vs Worms vs Trojan Horses, etc...
- 2-step verification (Multi-Factor Authentication)
- etc.
Also warnings about:
- Internet cafes and other public WiFi hotspots
- Electronic banking
- Online shopping
- Strong passwords
- etc.
It also talks about Google Dashboard:
https://www.google.com/dashboard
which you can use to review and edit all of the info that Google stores about you.If you don't already know about all this stuff, or have friends and family members who don't, this is a good site to start learning. It has lots of simple explanations, short videos, etc.
I added it to the "Google" and "Internet Security" rows of my links
page:
http://bristle.com/~fred/#google
http://bristle.com/~fred/#internet_securityThanks to Brita van Rossum for telling me about the site!
--Fred
Internet Security Tools
Who sent this e-mail?
Original Version: 11/10/2011
Last Updated: 2/22/2013
Applies to: Internet, World Wide WebHere's how to find out who really sent an e-mail.
This is useful in 2 cases:
- When you want to know whether to trust an e-mail you received
- When someone tells you that your e-mail has been hacked and is sending spam to them. Most likely, you have not been hacked. Instead, a spammer is probably just sending e-mail from his own mail server and making it look like it came from you, so your friends won't know it's spam.
Some e-mail headers, like the "From:" line are very easy to fake. I can easily send you a message that appears to be from "god@heaven.com" or any other address I choose. In fact, I have done this to friends and family several times over the years, just for fun.
Other headers are much harder to fake, especially those that are used by the e-mail software to actually deliver the message to you. Most e-mail programs provide a way for you to see the detailed message headers:
https://mediatemple.net/community/products/dv/204644060/how-do-i-view-email-headers-for-a-message
In Thunderbird, it's very easy. Simply hit Ctrl-U or use the "View" menu and choose "Message Source". You'll see a window containing the entire message as it was transmitted across the Internet. You can see the details of how the message was passed from one computer to another on its way to you, which can give you a good feel for whether the message is likely to be genuine.
The headers might look like:
From - Sun Sep 18 16:39:51 2011 X-Account-Key: account2 X-UIDL: 1316376419.24861.mail35,S=5303 X-Mozilla-Status: 0001 X-Mozilla-Status2: 00000000 X-Mozilla-Keys: Return-Path:
If you don't want to dig through all those details, there are tools that will do it for you. Copy the headers above and paste them into the "Email header analysis" box at:
http://www.iptrackeronline.com/header.php
and it will show you a nice easy to read report about where the email came from and how it got to you. In this example, which is from a message I sent to myself, it shows that the e-mail was sent:
- from Malvern PA (where I live) via Comcast Cable
- to Amazon.com (where my bristle.com outgoing mail server is hosted)
- and from there to Network Solutions (where my bristle.com incoming e-mail is stored)
If even shows you a Google Map of where the Comcast office is located in Malvern.
Note: You have to ignore any references to "France Telecom" in the report. They are triggered by a bug that causes this tool to interpret ecelerity version numbers like 2.2.2.41 as IP addresses.
Whenever you're investigating a suspicious IP address, you can use:http://www.iptrackeronline.com/
to see the geographic location of the IP address.
See these and other Internet security tools at the "Internet Tools" row of my links page:
http://bristle.com/~fred/#internet_security
--Fred
URL Syntax
Original version: 2/28/2021
Last Updated: 4/24/2021
Applies to: All browsers, all Internet protocols
A typical URL looks simply like:
but that's only the tip of the iceberg. You can use a URL to:
- Open a web page
- Open a web page and scroll to a named location
- Open a web page, and scroll to and highlight a specified text string
- Pass parameters to YouTube, Google, and other web apps/sites
- Send an email, embedding the subject line and body in the URL
- Make a phone call
- Change browser settings
- Run JavaScript code
- Login to a web site with username and password already specified
- Access relative files and pages at a web site
Note:
Technically a URL (Uniform Resource Locator) and a URN (Uniform Resource Name) are both special cases of a URI (Uniform Resource Identifier). But don't worry about that. I think everything I say here applies to URLs and can be used in the address bar of any Web browser. On any server, desktop, laptop, tablet, or phone.
A URL can be thousands of chars long. Most software supoorts at least 2,000 chars. Some supports 64,000 or more. The HTTP spec sets no hard limit. For limits in various Web browsers and environments, see:
- https://stackoverflow.com/questions/417142/what-is-the-maximum-length-of-a-url-in-different-browsers
The full syntax of a URL has several parts, all of them optional:
scheme://username:password@host:port/path?query-string#fragment-id
The parts are discussed in the following tips.
BTW, thanks to Phil Hostetter for dubbing me the "Duke of URL" based on this series of tips. I love it!
--Fred
-
scheme:
Original version: 2/28/2021
Last Updated: 3/19/2021
Applies to: All browsers, all Internet protocolsThe "scheme" is the first part of a URL:
scheme://username:password@host:port/path?query-string#fragment-id
Typical scheme values are:
- http: Normal Web page via the HTTP protocol
- https: Web page via a secure SSL connection
- ftp: FTP connection for file transfer
- file: Access a local file
- etc.
You may have also seen:
- tel: Call a phone number from a cell phone
- mailto: Open the locally installed email client to send mail
- pop: Retrieve email messages via POP3
- imap: Sync email messages via IMAP
- about: Firefox browser settings, etc.
- chrome: Chrome browser settings, etc.
- ssh: Connect to a remote server via SSH
- news: Usenet news
- etc.
Programmers also use:
- javascript: Run JavaScript in the browser
- jdbc: Access a database via JDBC
- git: Access a Git repo
- jar: Java JAR file
- mvn: Access a Maven repo
- urn: A URN, not necessarily a URL
- ws: WebSocket
- ldap: LDAP server
- geo: Geolocation
- hundreds of others....
A scheme is case-insensitive ("http" is the same as "HTTP", "htTp", etc.)
Omit the trailing colon (":") when no scheme is specified. In some places (in a browser address bar, or embedded in an email message and some other types of documents), the scheme defaults to "http" and you can omit not only the colon, but also the pair of slashes ("//"). So, a URL can be as simple as:
In a web page, the scheme defaults to the scheme that was used to retrieve the page containing the URL. It's a good idea to omit the scheme for all URLs embedded in any Web page, especially if that same page can (now or in the future) be accessed via both "http" and "https". Then all URLs linking to other pages at the site automatically use the same scheme.
Here's a full list of schemes:
Thanks to Thor Collard for catching typos!
--Fred
-
username@
Original version: 2/28/2021
Last Updated: 3/30/2021
Applies to: All browsers, all Internet protocolsIt's a really bad idea, but your username can be specified as part of a URL:
scheme://username:password@host:port/path?query-string#fragment-id
You can specify your username as part of the URL, in plain text. Can do so when logging in to a web site or FTP site, or when connecting to a remote host via SSH, etc. This is a bad idea for a couple of security reasons, if you don't want people to know your username:
- URLs are not encrypted when passed across the Internet to remote servers, so it may be "sniffed" by a hacker.
- If you type such a URL at the command line, it may be stored in your command line history file. Or may be seen by other users on the same computer via a "ps" command or other process monitor. Or by simply looking over your shoulder as you type.
- If you store such a URL in a shell script on Unix, Linux or Mac, or in a Windows BAT file, someone may see it in that file.
- The URL may be logged by the remote server.
- The URL may be stored in your browser history.
- etc...
Usernames MAY be case-sensitive ("fred" is usually the same as "FRED", "Fred", etc., but not necessarily.)
Omit the trailing at-sign ("@") when no username is specified. If a username is required, you'll usually be prompted to enter it manually.
For some tools, like ftp and ssh, the username defaults to the one you're currently logged in as on the local computer. That's a great convenience if you have the same username on multiple systems.
If not, you may be able to change the default, so you don't have to specify it each time. For example, the config file for an SSH client allows you to specify a different default username for each remote server. Can also specify different aliases for the same server, with a different username for each alias.
For more info on ssh, see:
For more info on ssh config files, see:
--Fred
-
:password
Original version: 2/28/2021
Last Updated: 3/23/2021
Applies to: All browsers, all Internet protocolsIt's an even worse idea, but your password can also be specified as part of a URL:
scheme://username:password@host:port/path?query-string#fragment-id
If you specify your plain-text username in the URL, you can also specify your plain-text password. This is a bad idea, for the same security reasons as for your username. If yoi don't want all those people to know your username, you certainly don't want them to know your password. Instead, enter the password manually.
If you do specify a password as part of a URL, remember that passwords are case-sensitive ("mySUperSecretPassword123$!@" is NOT the same as "mysupersecretpassword123$!@").
Omit the leading colon (":") when no password is specified. If a password is required, you'll usually be prompted to enter it manually.
Better yet, use an SSH key instead of a password. Here's a shell script I wrote to help create and manage your public and private SSH keys, and to push your public key to a remote host.
For more info on ssh, see:
Warning! Microsoft Windows doesn't support ssh. All other computers in the world do (Mac, Linux, Unix, etc.), but not Windows. See:
You can install PuTTY, a 3rd party package, to add ssh to a Windows PC. See:
--Fred
-
//host
Original version: 2/28/2021
Last Updated: 3/30/2021
Applies to: All browsers, all Internet protocolsThe "host" is the most essential part of a URL:
scheme://username:password@host:port/path?query-string#fragment-id
A host is a remote (or local) computer that you want to connect to.
It's often something like "trident.bristle.com", where "trident" is the hostname of the computer, and "bristle.com" is an Internet domain name.
A more common example is "www.bristle.com". In 1994 or so, when the "World Wide Web" was first becoming popular, the Internet had been around for over 20 years. As companies created their first "Web sites", it was common to use "www" as the hostname for the computer that handled incoming Web requests.
Note:
There's nothing magic about "www". It's just another hostname. Similarly, there were often hosts with names like:- ftp.bristle.com
- gopher.bristle.com
- mail.bristle.com or smtp.bristle.com
- news.bristle.com or nntp.bristle.com
- dns.bristle.com
- etc.
But the most common form for a URL host is simply "bristle.com". This form, with a domain name but no explicit hostname, is supported in any of 4 ways:
-
DNS record for bare domain name
Create an explicit DNS record for the bare domain name with no hostname: "bristle.com".
-
DNS record for default hostname ("@")
The DNS lookup mechanism that translates host and domain names to IP addresses allows the hostname to be omitted. DNS uses the IP address in the domain's "@" (default) record.
-
DNS record for wildcard hostname ("*")
The DNS mechanism also allows wildcards. If the hostname is missing and no "@" record or explicit bare record exists, it uses the IP address of the domain's "*" (wildcard) record. Same if a hostname is specified in the URL, but there's no explicit DNS record for it.
-
Browser defaults to "www."
Web browsers typically default to a hostname of "www". So if no hostname was specified, and the DNS server fails to find an IP address for "bristle.com", the browser tries again with "www.bristle.com".
By now, almost all web sites admins have now figured out how to do #1, #2 or 3 above. (I did it for bristle.com in 2001 or so.) So, you almost never need to specify the "www.". But there are still some exceptions. For example, there was a time recently when even YouTube (owned by Google) did it wrong. Some things failed if you left off the "www.". See the 2nd "Note" in this tip:
Hostnames and domain names are case-insensitive ("trident.bristle.com" is the same as "tRidEnt.Bristle.COM", etc.)
Omit the leading slashes ("//") when no host is specified. This is a good idea for all URLs embedded in any Web page, unless you need to explicitly reach out to a different server. The host defaults to the server currently processing the page. Such a page can easily be moved to a new server, without having to edit each embedded URL.
--Fred
-
Locally defined hostnames
Original version: 2/28/2021
Last Updated: 4/2/2021
Applies to: All browsers, all Internet protocolsHosts can also be defined locally. For example, if you don't want or need anyone outside of your local computer or LAN to be able to access a server, you may choose to NOT create a world-wide DNS entry for it.
Local to a computer
Instead, you may simply add a line to the local /etc/hosts file on each computer that needs to know the hostname. On Windows PCs, the file is C:\Windows\System32\drivers\etc\hosts. But it still uses the same Unix syntax of space-separated IP address, hostname, and optional aliases.
Local to a tool
Hosts can also be defined locally to some tools. For example, if you don't want or need any tool except ssh to be able to access a server, you may choose to NOT define it world-wide via DNS or even LAN-wide or system-wide via /etc/hosts.
Instead, you can define aliases in the ssh config file. In fact, you can define as many aliases as you like for each server. When defining an alias, you can specify the server by its IP address or by the host defined in DNS or /etc/hosts.
Local to a user of a tool
You can also define a host for a single user. Since there's a separate ssh config file for each user, different users can define different aliases for the same server.
Available to tools that use ssh
These ssh aliases can also be used by tools like sftp, scp, rsync, etc., that use ssh as a transport.
--Fred
-
Reserved hostnames and domain names
Original version: 2/28/2021
Last Updated: 4/13/2021
Applies to: All browsers, all Internet protocolsThere are some reserved (pre-defined) hostnames and domain names. For example, "localhost" refers to the local computer itself.
That's not particularly useful to the average Web user who uses URLs mostly to access remote web sites. But it's very useful to computer programmers who often need to refer to the local computer. For example, when a developer runs a local web server for testing purposes. Or when a production web server is configured to access a local database production server -- one that runs on the same server computer as the web server.
In such a case, it's better to specify "localhost" than the name or IP address of the server. It allows the same code to run in the TEST, DEV, or PROD environment, with each web server finding the corresponding local DB server. Otherwise, there's the risk of cross-talk where a DEV or TEST server corrupts a PROD DB. Or a PROD web site stores data in DEV or TEST that never gets acted on, and eventually gets deleted.
Similarly, the following is a reserved domain name referring to the local domain:
- .local
And the following are "Special-Use Domain Names" that are reserved, or proposed to be reserved, for various purposes like referring to the local domain, or being used in test code or documentation, etc:
- .test
- .invalid
- .localhost
- .example
- example.*
- .localdomain
- .domain
- .lan
- .home
- .corp
- .onion
- etc...
Thanks to Bob Rodini for reminding me that some operating systems like Mac append ".local" to the hostname of your local computer. I've also seen Mac append other "domain names" like ".home", ".WiFi_router_name" and various others. I'm not sure why it does that, but don't worry about it. You can ignore those suffixes, and just use the simple hostname without them.
I use the Unix/Linux/Mac command "hostname" in some of my shell scripts. For example, to add the hostname to my command line prompt. Along with the current time, my current username, the username I'm currently su'd to (if different), the full current directory path, number of nested shells, number of directories stacked by pushd/popd, etc. See:
On Mac, I've had to udpate all such scripts to use "hostname -s" to get the short version of the hostname, without the domain name appended. Otherwise, on the Mac I'm using now, the hostname would be shown as "mbp5.fios-router.home" instead of simply "mbp5".
But beware that while the "-s" option exists on Mac and Linux, it does NOT exist on some older versions of Unix. On those systems "hostname -s" tries to change the hostname to "-s". That fails cleanly if you don't have the rights to change the hostname, but would succeed if you did. Bad idea! If you change the local hostname accidentally, all sorts of things may stop working.
--Fred
-
IP address instead of hostname
Original version: 2/28/2021
Last Updated: 4/9/2021
Applies to: All browsers, all Internet protocolsA host can also be specified as a simple IP address instead of a name, as "http://174.129.10.250". This bypasses the whole name lookup step. It's especially useful for any server on your local LAN that may not have a public DNS name, or even a local /etc/hosts name or ssh alias. And for times when you're debugging a problem with the DNS server, /etc/hosts file, ssh config file, etc.
I use IP addresses instead of names on the "ping" command when I'm having WiFi trouble, or any other connectivity issue. If I type "ping 174.129.10.250" when I have no Internet connection, it keeps trying once per second and keeps reporting either success or failure. So, I can sit back and watch, as I try various things, and know immediately when the connection is restored.
But, if I type "ping bristle.com", it tries to do a DNS lookup of the name "bristle.com" to know what IP address to try pinging. If I have no connection to the remote DNS server, that lookup fails and the entire ping command aborts.
BTW, beware sending mail messages that include a URL with an IP address instead of a hostname. That looks spam-like and may cause your email to be filtered. (Yes, I found this out the hard way. When I mailed out this tip, I heard back from Kent Johnson that his copy arrived with a warning banner about phishing, unsafe messages, and the links in my email being automatically disabled for his safety. Doh! Thanks for the "heads-up", Kent!)
--Fred
-
Reserved IP addresses
Original version: 10/2/1999
Last Updated: 4/13/2021
Applies to: All browsers, all Internet protocolsThere are also some reserved IP addresses. For example, 127.0.0.1 always refers to the local host, regardless of any other IP address that may be assigned to that host.
And the following ranges of IP addresses are reserved for use within a local LAN. They're "non-routable", meaning they can't be used across the public Internet, only locally on a private LAN.
-
10.*.*.* (10.0.0.0 - 10.255.255.255)
-
a.k.a. "10/8", "Class A block", "24-bit block"
-
a.k.a. "10/8", "Class A block", "24-bit block"
-
172.16-31.*.* (172.16.0.0 - 172.31.255.255)
-
a.k.a. "172.16/12", "Class B block", "20-bit block"
-
a.k.a. "172.16/12", "Class B block", "20-bit block"
-
192.168.*.* (192.168.0.0 - 192.168.255.255)
- a.k.a. "192.168/16", "Class C block", "16-bit block"
Also, IP addresses 169.254.*.* are often used by DHCP clients to report that they were unable to get an IP address assigned to them by a DHCP server. Couldn't find the DHCP server, or it failed to assign an address, or something.
For more info about reserved IP ranges, see:
For me, 169.254.*.* was a VERY painful lesson. Read on for the history of how that convention came to be, but mostly for entertainment value and to share my frustration.
I bought my first PC with wireless capability in Feb 2001. It was a Dell, with a built-in WiFi card. But WiFi was selling like hotcakes. Dell had to back-order the new faster 802.11b router I wanted. It was 3 months and many phone calls later, May 2001, when they finally shipped me the Dell TrueMobile 802.11b wireless router I'd ordered. Until then, I used a 100-foot Ethernet cable so I could move around the house, and even work in the back garden.
I tried connecting to the router, wrestling with special Dell install disks, setup software, and "Client Manager". Also, buggy Windows 2000, screwy error messages, and lousy tech support. Re-booted many times.
No luck! Gave up for a while. Other pressing priorities. Gotta put in some billable hours. Ethernet works fine.
Edited configuration profiles, specified SSIDs and WEP keys. Tried various WiFi "channels". Moved further away from cordless phones in case they were interfering with the radio signal. Applied various Windows hotfixes from Microsoft. Ran Dell diagnostics on both the PC and the router. Installed new device drivers. Re-booted many more times.
No luck! Gave up for a while. Big project gearing up at work. Ethernet is my friend.
Watched the LEDs on the router and the icons in the Windows system tray. Counted the number of beeps during router power up. Installed a new version of Java that it said it needed. Applied firmware patches to the router. Re-booted many more times.
No luck! Gave up for a while. Pressing deadline at work. I love you, Ethernet!
Played with dozens of detailed TCP/IP property settings in Windows Control Panel. Investigated issues of NAT, bridges, routers, hubs, etc. Learned and tried many Windows "NET" commands. Re-booted many more times.
No luck! Gave up for a while. Working 97-hour weeks at work. (Good thing they pay me hourly!) Met the deadline so the project manager will get his bonus. He's very happy. I'm a hero! Ethernet, let's move in together!
Tried to keep notes on the errors I was getting, but many of the changes took several minutes to go into effect. Networking changes on Windows always take forever to settle into place. So I got lots of erratic, non-repeatable behavior.
I'd try something and get one error a few times in a row, then walk away for a while, and get a different error when I came back. Behind the scenes, things were trying, failing, re-trying, timing out, changing status, etc. Hard to make any progress narrowing down the problem.
Ethernet, you OK? You're looking a little frazzled.
No, I can't take it any more! No more tripping over my cables running down the hallway and out the door. No more "walk of shame"! Make it official. Acknowledge me as your one true network. Route me through the wallboard with proper wall jacks!
Yes, dear, if you insist... Er, I mean, that's a GREAT idea, honey!
Eventually, I gave up and tried buying a new wireless router from Dell. A high-end Linksys router this time, instead of Dell's own product. Also a new PCMCIA wireless card to insert into a side slot of the PC in case the built-in wireless card is defective. Better to stick with Dell than to switch now to Gateway, Compaq or any other vendor.
I've already got Dell and Microsoft pointing fingers at each other. Don't need to add more useless vendors to the mix. Besides Dell has a much better reputation than the others. Does more corporate desktops, and fewer home PCs.
Errors at the Dell web site. Can't complete the transaction, but it may have charged my credit card. Tried again. Same error. Called Dell support. No one there except 9-5. Doh!
Yes, Ethernet my love. I'm almost done here. Bear with me just a little longer, and I'll be right in to join you.
Called Bank of America to ask if the charges had been applied to my credit card. The support person sees 2 "receipts" for $183.16 each, but can't tell if Dell plans to follow up with actual charges. Says I should call Dell. She showed me a site where I can see the "receipts" she's seeing.
To get there I had to create a BOA username and password, and "personalize my profile", specifying a "personal message" and 3 questions/answers in case I ever forget my password. Great!... Another Internet account to keep track of... And an important one this time! My credit card account. I'd been trying to avoid the risks of the new "Internet banking". Sigh...
Tried again at the Dell web site. Same error. Now I see 3 "receipts" at the BOA site. Tried again several times, flushing browser cookies, switching to a different browser, rebooting the PC, etc. No luck!
What's that, Ethernet? Who am I talking to on the phone in the middle of the night? Don't worry dear, it's no one special. Just Jake at State Farm. You'll always be my one true love!
Called Dell the next day. Spent a couple of hours waiting on hold, talking to people who could find no record of my purchase attempts, and had no idea whether my credit card had been charged already, or would be charged soon, or was not to be charged at all. Got transferred around to several different people.
Had to call back manually a few times when they were unable to route me to the department they suggested I call next. Why does the Dell phone system always mis-route me? I can never even get to the number I was told to call. Waited on hold for 10 more minutes to speak to someone who routed me to another number where the recording said I'd have another 27 minute wait time. Grrr!!!! Hung up with no idea if my credit card would be charged multiple times.
Ethernet, you do an awful lot around the house. Why don't I take over bringing in the mail and paying the bills for a while? Just for the next month or two, to give you a break?
Checked the BOA site a couple weeks later. None of the charges from Dell ever came through. Well that's good, at least!
Gave up on Dell. Most of the software I was running was licensed by Microsoft to work only on the MUCH more expensive "server" versions of their software. I hadn't yet graduated to the vastly superior FOSS (Free and Open Source Software) world, where software works as expected, and support staff want to help you not just get your credit card number.
So, I'd been assuming that cheaper consumer-grade stuff wouldn't work as well. Was leery of anything that wasn't expensive.
But corporate-quality products and support from Dell and from Microsoft were not working out. Even the "Professional" level of the "Microsoft Software Developer's Network (MSDN)" subscription I'd been carrying for 5 years at $2,500/year, wasn't getting me any answers.
Yes, Ethernet, I know it's expensive. But it's the cost of doing business. I work hard to support us. Can you please stop nagging me?
Microsoft Support said if I wanted any real answers, I should sign up for the even more expensive "Super Duper Universal" level. Or the horrifically expensive "Really Professional, We Mean It This Time" level. Or better yet, I should sign over my life savings and my first-born child for the "You Bet Your Booty We Support Enterprises" level. Then, with hold times measured in mere weeks, I'd get to talk to folks who'd actually graduated high school, instead of the drop-outs I was talking to now.
Hey Ethernet! Take a look at this slick new MSDN support plan. Wouldn't it go great with those shiny new blue cables I bought you last month? ... No, maybe you're right. It's just not in the budget.
Out of desperation, I decided to try the plain old vanilla consumer electronics approach.
Ethernet, honey, I'm running out to do some errands. I'll be back in an hour. No, you wouldn't want to tag along. It's just boring stuff for work.
I drove to the local CompUSA store in King of Prussia. Looked at cheap $49 routers. Talked to sales staff, who seemed somewhat competent and never put me on hold. Bought a Netgear WiFi router and took it home. Plugged it in, ran the setup program, and configured it. No luck!
Tried a bunch of the same things I'd tried with the Dell router. Also, tried connecting it to my hardware firewall with regular vs "crossover" cables. Turned off some security settings. Bypassed the firewall and plugged it directly into the Comcast cable modem. Took it to a friend's house and tried with their Verizon DSL instead of Comcast. No luck!
Then, finally, on Jan 2, 2002, almost a year after I bought the first router from Dell, I took the new Netgear router back to CompUSA to return it, and maybe talk to their tech support folks.
What's that Ethernet? Where am I going now? Why so mysterious? No, I'm not having an affair! I'm just really busy at work, and have to run to the office for a few hours.
I was explaining the problem in detail to a techie when a random customer walked by and overheard me. He interrupted to quickly explain what my problem was, then walked away and I've never seen him since.
I'd been telling the CompUSA techie that I turned everything on and used the Windows ipconfig command to see that the PC had IP address 0.0.0.0, then waited a while and saw it change to a valid IP address. So, I knew it was being correctly assigned an IP address by the DHCP server. But it still wouldn't connect.
The IP address it was assigned was different each time, which made sense to me since a DHCP server uses the "Dynamic Host Configuration Protocol" to assign dynamic IP addresses to DHCP clients that request them. The addresses it assigned were different at different attempts, but always started with 169.254. That made sense too since DHCP servers typically give out addresses in the same range as themselves. So, I assumed the DHCP router itself had IP address 169.254.0.1 or 169.254.1.1 or something.
Barry Gordon, a professional network engineer from Lockheed, wandered by, happened to hear me say "169.254" to the CompUSA techie, and interrupted to tell me that wasn't a valid IP address. Huh?!?!? Why not?
He explained that Microsoft Windows reported random IP addresses starting with 169.254 for any network card that requested an IP address from a DHCP server and DIDN'T GET ONE. He had no idea why they did that instead of leaving the IP address at 0.0.0.0. But he'd noticed that they did. Then he walked away and, as I said, I've never seen him since.
Ethernet, honey? I know it's late, but I'm going to be up for a while yet. I have an idea that may get me a bonus at work. I just need to flesh out some details. We could use the cash for that vacation we've been talking about.
He was absolutely right! Neither of the WiFi routers I'd tried had a DHCP server built into it like modern routers do these days. And neither of them was configured to pass the DHCP request on to the Comcast cable or Verizon DSL network I was using. So, my laptop was timing out, broadcasting a DHCP request and getting no response from any DHCP server. So Windows was assigning it a "special" 169.254.*.* IP address. Doh!!!!
Once I changed the laptop setting to use an arbitrary static IP address that I made up, things worked fine. I had to insert some Windows setup floppy disks to give myself the option to use a static address, but I was able to get it working. Of course, I made a point of using a non-routable 192.168.*.* IP address to match the submask of my hardware firewall.
Hey there, WiFi! Come here often? Can I buy you a drink? Want to go someplace more comfortable? Step outside with me. We'll sit in the sun.
That may be the only time I've ever been stymied so long by a computer problem, and eventually solved it. Nearly a full year! Google existed at that time, but wasn't as good as it is now, and I had no idea what to search for. I assumed my WiFi routers contained DHCP servers. And I was seeing them (I thought) assign valid IP addresses after a short delay. Who knew Microsoft was just making up random IP addresses and then refusing to use them? Doh!!!
4 years later, the IETF (Internet Engineering Task Force), which sets world-wide Internet standards, gave up trying to get Microsoft to stop this bizarre behavior. The Internet would work better if there was one world-wide standard on how to handle such failed DHCP requests, and if it was documented somewhere.
But Microsoft had patented their convention of using 169.254.*.* addresses as U.S. Patent No. 6,101,499 (the "'499 patent") and wanted to be paid for its use. The IETF negotiated with Microsoft and got them to let them use the idea for free. After 7 years, in May 2005, they reserved the 169.254.*.* range of IP addresses as "Link-Local" addresses for this and related purposes, and formally defined the rules for use of such IP addresses.
Thanks, Barry Gordon, wherever you are! You saved my life! Things were getting rocky between me and Ethernet. I felt so tied down. We've since gone our separate ways. WiFi is the new hotness -- all sweetness and light. We're BFFs!
Thanks to Ed Schindler for catching typos!
--Fred
-
10.*.*.* (10.0.0.0 - 10.255.255.255)
-
Subdomains
Original version: 2/28/2021
Last Updated: 4/25/2021
Applies to: All browsers, all Internet protocolsIn addition to a hostname and a domain name, the host portion of a URL can include zero or more dot-separated, nested subdomain names. For example:
- trident.forks.bristle.com
- trident.spears.fishing.bristle.com
- trident.weapons.poseidon.sea.gods.bristle.com
Subdomains are a way to group servers of a domain into a heirarchy. They can make URLs more clear to the user, and the same hostname can be reused in different contexts to refer to different computers, as in the examples above.
Different subdomains within a domain can be managed independently. Each subdomain has its own DNS "zone file" containing the DNS records for its servers. And each subdomain can have its own directory tree of Web pages, its own log files, etc. That makes it easy to assign responsibility for different subdomains to different people or groups within a company.
The number of nesting levels is limited only by the max of 253 chars of the host portion of a URL. But in practice I've rarely seen more than 1 or 2 levels. The last example above (4 levels of nested subdomains) is possible, but relatively rare.
--Fred
-
Subdomain name vs hostname
Original version: 2/28/2021
Last Updated: 4/25/2021
Applies to: All browsers, all Internet protocolsThe use of a single subdomain may be more common than you realize. For example, the following may be specifying a hostname or a subdomain name:
- mail.google.com
- finance.google.com
- maps.google.com
When there are only 3 parts like this, the last 2 parts ("google.com") are definitely a domain name. But the 1st part ("mail", "finance", or "maps") may be either of:
-
A hostname defined by a DNS record that specifies its IP
address
-
A subdomain name defined by a DNS record, if there's
another DNS record that specifies the IP address for any of:
- The subdomain's bare name
- The subdomain's default hostname
- The subdomain's wildcard hostname
For the user of the URL, it doesn't matter. They typically don't know and don't care. In any case, the DNS maps it to the IP address of a server to connect to.
This is by design. Since the user doesn't know whether the URL specifies a hostname or a subdomain name, the web developer can change that on the fly. Can start out with a single host to handle all of finance, for example. And later discover the need to have multiple hosts to handle different aspects of finance. Can then update the DNS records to define "finance" as a subdomain with a default hostname, and define other hostnames within that domain. Users can keep using the same URL and never see a problem.
If there are at least 4 parts, a subdomain name must be involved, because you can't specify a hostname nested in another hostname. Hostnames can only be nested in domain names and subdomain names.
If you really want to know whether the host in a URL is a hostname or a subdomain, you can examine the DNS records via tools like nslookup, host and dig.
Thanks to Bob Rodini for reminding me to mention the host command.
--Fred
-
Domain vs subdomain
Original version: 2/28/2021
Last Updated: 4/30/2021
Applies to: All browsers, all Internet protocolsThere's really no difference between a domain and a subdomain. The domain "google.com" is actually the subdomain "google" of the top-level domain (TLD) "com".
The Internet evolved from the US Department of Defense ARPANET, which was used for military and government research projects by government, scientists, and universities. When the ARPANET added support in 1984 for non-military sites, there were 5 original TLDs, plus 2 more added quickly for a total of 7 TLDs.
TLD Meaning Purpose .mil military US military sites .gov government US government non-military sites .edu education Schools, colleges, universities .com commercial Commercial companies .org organization Typically non-profits or non-commercial orgs .net network Added to support Internet infrastructure .int international Added at the request of NATO Plus, over time, a couple hundred country-code TLDs for use by other countries:
TLD Country/Region .us United States .uk United Kingdom .fr France .it Italy .es Spain (Espana) .de Germany (Deutschland) .ru Russia And so on. See: Technically, all US companies should probably use domain names ending in com.us or co.us, just like British companies often use .co.uk. But since .com was available for US companies, it got used instead. In recent years, non-US companies use .com also.
For a decade or 2, that's all the TLDs there were. But people starting using "domain hacks". They'd approach a country or region whose country code was a useful suffix to a common word. Or had some other common meaning. And they'd get permission to use that country code for another purpose in their domain name:
TLD Country/Region Purpose Examples .us United States Suffix delicio.us, fabulo.us, decoro.us, pernicio.us .ly Libya Suffix bit.ly, love.ly, happi.ly, sil.ly .tv Tuvalu Television abc.tv, nbc.tv, cable.tv .am Armenia AM radio kyw1060.am .fm Federated States of Micronesia FM radio 957ben.fm .cd Democratic Republic of the Congo Compact Disc music.cd .me Montenegro Individual people FredStluka.me, JohnSmith.me .me Montenegro Me buy.me, love.me, its.me, please.do.not.disturb.me .gl Greenland Suffix goo.gl .be Belgium Suffix youtu.be .ms Montserrat Suffix nyti.ms .pr Puerto Rico Suffix n.pr (NPR -- National Public Radio) .es Spain (Espana) Plural suffix itun.es, hors.es, hous.es, pictur.es .fi Finland Suffix spoti.fi .kr South Korea Suffix flic.kr .cn China Cartoon Network TomAndJerry.cn .ai Anguilla Artificial Intelligence robots.ai .io British Indian Ocean Territory Input/Output github.io, spring.io .gs South Georgia and the South Sandwich Islands. Suffix blo.gs, fro.gs, gi.gs, clo.gs .ch Switzerland (Confoederatio Helvetica) Suffix stit.ch, it.ch, ri.ch .it Italy It darn.it, got.it .it Italy Information Technology support.it, windows.it, programming.it .de Germany (Deutschland) Suffix ri.de, si.de, ru.de, inclu.de And MANY more. See: By the early 2000's, the desire for more TLDs was well established. More were added, and now there are thousands of them:
.accountant Accountant .ads Advertising .art Artist .auto Automobile .biz Business .info Information .radio Radio station .zone Sports "zone", technology "zone", "In the zone",... And MANY, MANY more. See: --Fred
-
DNS lookup mechanism
Original version: 2/28/2021
Last Updated: 4/30/2021
Applies to: All browsers, all Internet protocolsThere are 13 "root" name servers, named "A" through "M", that are the starting point for any DNS lookup. (Actually, counting replicas, there are far more than 13, but that's a detail for another tip.) Each of the 13 know about all of the TLDs and, for each TLD, which other DNS servers to forward name lookup requests to.
When you type a name like "mail.google.com" into a Web browser, or click a link to it, the next thing you see is a Web page. But a LOT has to happen first, behind the scenes.
The 1st step is for your browser to connect to your local DNS server to look up the name "mail.google.com" and get the IP address of the Web server. Then it connects to that Web server to get the page it shows you.
But how does your local DNS server know the IP address? It starts by connecting to one of the 13 root name servers. Each root server knows about all of ".com" (and ".gov", ".us", ".radio, and all the other TLDs). And about all of the hundreds of millions of domains registered in all those TLDs. Like "bristle.com" and "google.com", for example.
But it doesn't know about all of the billions of hostnames and subdomains of those domains. It doesn't, and can't, know about "mail.google.com", and "trident.weapons.poseidon.sea.gods.bristle.com", etc., etc., etc. There are too many of them, and they change too often.
So, it simply tells your local DNS server the IP address of the DNS server that's responsible for "google.com". Your local DNS server then connects to that DNS server, and asks again for the IP address of "mail.google.com".
That DNS server knows about the domain "google.com", and may reply with an IP address. Or it may tell your local DNS server to connect to yet another DNS server that knows about the subdomain "mail.google.com".
And so on, for each level of subdomain. There can be several steps before your local DNS server finally gets the IP address and gives it to your browser.
--Fred
-
DNS lookups are distributed and redundant
Original version: 2/28/2021
Last Updated: 5/23/2021
Applies to: All browsers, all Internet protocolsThe name lookup done by DNS servers is a very distributed mechanism. There are hundreds of thousands of DNS servers around the world dividing up the task of mapping names to IP addresses. This makes it "scalable" to handle all of the HUNDREDS OF MILLIONS of domain names, BILLIONS of hostnames and subdomain names, and TRILLIONS of name lookup requests per day.
DNS is also a very redundant mechanism, with many identical copies of each DNS server. This is for speed, scalability and reliability. For speed, each DNS server is configured to connect to other DNS servers that are physically close to it, to reduce the transmission time of lookup requests.
For speed and scalability, most DNS servers cache info that they previously looked up from the "authoritative" DNS server for a domain or subdomain, even if it's info that they are not authoritative for themselves. Including the info they get from the root name servers. So they can do the same lookup more quickly next time.
For scalability and reliability, each domain can register multiple DNS servers to do the name lookups for all users of that domain. And conversely, each user can specfiy multiple local DNS servers to use for that user's lookups of all domains. In both cases, the multiple DNS servers share the load of lookups. They also cover for each other, taking over for any DNS server that becomes unavailable.
--Fred
-
DNS caching can delay DNS changes
Original version: 2/28/2021
Last Updated: 5/25/2021
Applies to: All browsers, all Internet protocolsOne side effect of all the redundancy and caching is that it can take a while for a change to a DNS record to propagate to all DNS servers around the world. If you change the IP address associated with a hostname, be prepared for a period of a few hours or days when some users are still using the old IP address, and others are already using the new one.
This comes up often when you're replacing an old server with a new server. You create a new server at a new IP address, and configure it to replace the old server. Then you update the DNS record to map the existing hostname to the new IP address. But some users around the world continue to use the old IP address for a while. So, it's not a crisp transition.
If you plan in advance, you can shorten the transition time. A few days before you make such DNS changes, set a short TTL (Time To Live) value on each of your existing DNS records. Then all caching servers will expire their caches sooner, and go back more often to the authoritative server for the new IP addresses and other values. Once you've finished making changes, you can raise the TTL value again, to make the DNS caching more efficient again.
If your server resides on AWS (Amazon Web Services), you can sometimes avoid this DNS propagation delay by using an "EIP (Elastic IP Address)". Point the DNS to the EIP when you first set it up. Later create and configure the new server using a different IP address (not necessarily an EIP).
Then make no change to the DNS, but instead use the AWS console (or AWS CLI or AWS API) to move the old EIP to the new server. This transition is crisp and immediate. Within a second, all users around the world are accessing the new server, and the old server is completely idle and ready to be decommissioned.
Thanks to Bob Rodini for reminding me to mention propagation delays, and to John Moore for catching typos!
--Fred
-
DNS caching can make DNS changes erratic
Original version: 6/11/2021
Last Updated: 6/15/2021
Applies to: All browsers, all Internet protocolsThe Problem
DNS caching can also cause erratic behavior (not only the delays I explained in a previous tip) when you change a DNS record. I'm not sure exactly why, but I'm seeing a case today (right now) where the IP address reported by nslookup keeps switching back and forth between old and new values.
Why it's a Problem
That's much worse than just a delay with a one-time transition from old to new. With a one-time transition, you can rely on each client (web browser, email, ftp, ssh, etc.) for each user of the server to continue to use the old IP address for a while, but to eventually cut over to the new one. There may be a glitch at the transition, especially if the client does a series of operations, like interacting with a web site, and looks up the IP address again at each step. But after the transition, things should work smoothly for that client.
But if the IP address keeps switching back and forth between 2 IP addresses, all bets are off! The client web app may get VERY confused, with some operations being done at the old server and some at the new server. That can cause all sorts of problems, depending on the web app, how fault-tolerant it is, how frequently the changes occur, how long before it stabilizes at the new IP address, etc. And the problems can be serious -- affecting financial transactions and other critical things.
How I Noticed
I'm not sure what's causing this, and I've never seen it before, but I've never watched very closely before. I only happened to notice this time because I'd registered a domain name at Network Solutions a while back, and yesterday I finally got around to setting up its DNS.
Previously, it had pointed at a Network Solutions "Under Construction" page. Yesterday, I updated the DNS records at Network Solutions to point at my server. Knowing that the DNS change could take a while to propagate, I set up a loop to keep making nslookup calls and watched for the IP address to change.
In fact, since I'd recently written my tip about DNS propagation delays, I was curious about how long this propagation delay would be, as seen from various places on the Internet. So ran my nslookup loop from 2 different places:
- A Mac laptop that uses a Verizon FiOS DNS server
- A server at AWS (Amazon Web Services) that uses an AWS DNS server
But then I saw something unexpected. It changed to the new value and a couple minutes later it changed back to the old value! And the same type of erratic behavior occurred at both places!
Watching More Closely Via Automated Scripts
So I wrote a couple of automated scripts and ran them overnight at both places to collect more detail:
-
nslookup_bare_ip_address
Echo the IP address reported by nslookup -
nslookup_loop
Call nslookup_bare_ip_address once per second, echoing the output with a timestamp -
nslookup_beep
Call nslookup_bare_ip_address once per second, and if it changes, beep and echo the output with a timestamp
In both places, the IP address stayed at the old value for a while (the Network Solutions "Under Construction" page). Then changed to an unexpected value for a while (a different Network Solutions "Under Construction" page). Then changed to the desired new value. Then started bouncing around among the various values.
The results at the 2 places were similar, but not identical. The transitions from one IP address to another were not at the same times. And the pattern of IP addresses was not the same. On the Mac using the FiOS DNS server, the pattern was:
Thu Jun 10 15:46:36 EDT 2021 208.91.197.27 Thu Jun 10 17:44:39 EDT 2021 209.99.64.18 Thu Jun 10 18:14:40 EDT 2021 174.129.10.250 So far, so good... Thu Jun 10 22:14:47 EDT 2021 209.99.64.18 Thu Jun 10 22:19:48 EDT 2021 174.129.10.250 Fri Jun 11 00:19:52 EDT 2021 209.99.64.18 Fri Jun 11 00:24:52 EDT 2021 174.129.10.250 Fri Jun 11 08:25:07 EDT 2021 209.99.64.18 Fri Jun 11 08:35:08 EDT 2021 174.129.10.250 Fri Jun 11 18:35:01 EDT 2021 209.99.64.18 Fri Jun 11 18:44:57 EDT 2021 174.129.10.250 Sat Jun 12 00:44:51 EDT 2021 209.99.64.18 Sat Jun 12 00:49:49 EDT 2021 174.129.10.250 Sat Jun 12 04:49:46 EDT 2021 209.99.64.18 Sat Jun 12 05:04:40 EDT 2021 174.129.10.250 More...It stayed at the 1st "Under Construction" page (208.91.197.27) for 2 hours, then moved to the 2nd "Under Construction" page (209.99.64.18) for exactly 30 minutes, then finally to the desired new IP address (174.129.10.250). So far, so good...
Then almost exactly 4 hours later, it unexpectedly switched back to the 2nd "Under Construction" page (209.99.64.18) for exactly 5 minutes, and again 2 hours later for exactly 5 minutes, and again 8 hours later for exactly 10 minutes. Every change at almost exactly a multiple of 5 minutes, so that may be a clue as to what's happening. Then stable for 10 hours but still occasionally reverting back to the 2nd "Under Construction" page for 5-20 minutes.
On the AWS server using an AWS DNS server, there were far more transitions. The pattern was:
Thu Jun 10 16:01:43 EDT 2021 208.91.197.27 Thu Jun 10 16:06:43 EDT 2021 209.99.64.18 Thu Jun 10 16:11:43 EDT 2021 174.129.10.250 So far, so good... Thu Jun 10 16:16:43 EDT 2021 208.91.197.27 Thu Jun 10 16:21:44 EDT 2021 174.129.10.250 Thu Jun 10 16:26:44 EDT 2021 208.91.197.27 Thu Jun 10 16:31:44 EDT 2021 174.129.10.250 Thu Jun 10 16:41:44 EDT 2021 208.91.197.27 Thu Jun 10 16:46:44 EDT 2021 174.129.10.250 Thu Jun 10 16:56:44 EDT 2021 209.99.64.18 Thu Jun 10 17:02:44 EDT 2021 174.129.10.250 Thu Jun 10 17:22:45 EDT 2021 208.91.197.27 Thu Jun 10 17:27:45 EDT 2021 174.129.10.250 Thu Jun 10 17:52:45 EDT 2021 208.91.197.27 Thu Jun 10 17:57:45 EDT 2021 174.129.10.250 Thu Jun 10 18:12:46 EDT 2021 208.91.197.27 Thu Jun 10 18:17:46 EDT 2021 174.129.10.250 Thu Jun 10 18:32:46 EDT 2021 208.91.197.27 Thu Jun 10 18:37:46 EDT 2021 174.129.10.250 Thu Jun 10 19:02:47 EDT 2021 208.91.197.27 Thu Jun 10 19:07:47 EDT 2021 174.129.10.250 Stable for 80 minutes... Thu Jun 10 20:27:51 EDT 2021 209.99.64.18 Thu Jun 10 20:28:51 EDT 2021 174.129.10.250 Fri Jun 11 04:54:02 EDT 2021 209.99.64.18 Fri Jun 11 04:55:02 EDT 2021 174.129.10.250 Fri Jun 11 05:05:02 EDT 2021 209.99.64.18 Fri Jun 11 05:10:03 EDT 2021 174.129.10.250 Fri Jun 11 05:45:04 EDT 2021 209.99.64.18 Fri Jun 11 05:50:04 EDT 2021 174.129.10.250 More...It stayed at the 1st "Under Construction" page (208.91.197.27) for only 5 minutes (not 2 hours), then moved to the 2nd "Under Construction" page (209.99.64.18) for exactly 5 minutes (not 30 minutes), then finally to the desired new IP address (174.129.10.250). So far, so good...
Then it started switching back and forth between the new IP address and the 1st or 2nd "Under Construction" page every 5, 6, 10, 15, 20, or 25 minutes (again usually an exact multiple of 5 minutes), and did that for 3 hours.
Then it stabilized at the new address for 80 minutes. Then switched to the 2nd "Under Construction" page for 1 minute. Then stabilized at the new address for over 8 hours.
Then it started switching to the 2nd "Under Construction" page (never the 1st "Under Construction" page) every now and then (10 minutes, 30 minutes, 15, 104, 60, 30, 10, 60, 90, 35, 5, 10, 10, 100, 195, etc. -- no pattern I can see except usually multiples of 5 minutes), and switching back to the new address after exactly 1, 5, 6, or 10 minutes, and once after only 1 second).
No real sign of stabilizing yet.
What's Probably Happening
I suspect this problem is caused by a mix of DNS caching and multiple redundant DNS servers as described here. The DNS change I made has propagated to some DNS servers, but not yet to others.
That explains the initial delay in getting the new IP address. The FiOS and AWS DNS servers took a while to expire their caches for the IP address of my new domain name (which had existed with its old IP address for over a month). After a while (2 hours for FiOS, 5 minutes for AWS), the cache did expire, and they reached out to the authoritative Network Solutions DNS server to see if the IP address had changed.
But, I suspect the change has propagated to some, but not all, of the servers in a pool of DNS servers somewhere that share the load for such lookup requests. For example, it may be that only some of the FiOS DNS servers in a pool have been updated. So, when my Mac asks FiOS for an IP address, the FiOS load balancer may sometimes connect it to a FiOS DNS server that knows the new IP address and sometimes to one that knows the old address.
And the same for AWS. Perhaps only some of the AWS DNS servers in a pool have been updated. So, when my server asks AWS for an IP address, the AWS load balancer may sometimes connect it to an AWS DNS server that knows the new IP address and sometimes to one that knows the old address.
Or, perhaps instead of both FiOS and AWS, there's a single cuplrit: Network Solutions. Perhaps only some of the Network Solutions DNS servers in a pool have been updated. So, when FiOS or AWS asks Network Solutions for an IP address, the Network Solutions load balancer may sometimes connect it to a Network Solutions DNS server that knows the new IP address and sometimes to one that knows the old address.
Or the single culprit could be some intermediary that FiOS and AWS both use to access the Network Solutions DNS servers.
In any case, it should be possible to prevent such problems by sharing a single database or single distributed cache among all DNS servers in that pool. It makes sense that when I change the IP address, that change is not immediately propagated to all of the hundreds of thousands of DNS servers throughout the world. But I think it SHOULD be immediately (or very quickly) propagated to all of the DNS servers in a single pool of servers at FiOS, or AWS, or Network Solutions, or wherever. Especially, multiple DNS servers in a pool of servers should all give the same answer when asked for the authoritative IP address of one of their customers.
As a Web programmer, I'd expect that all DNS servers in that pool should share the same database. And ideally the same distributed cache of DB values (via memcached, ehcache, etc.). Then they'd all give the same answer at all times.
I'll report this to Network Solutions, Amazon AWS, and Verizon FiOS, to see if any of them understand what's going on, how to fix it, and how to prevent it in the future. We'll see...
Some Lingering Questions
-
Why 5 minutes exactly?
Perhaps there's a convention or a common agent
used by both FiOS and AWS that causes updates
every 5 minutes.
- Why so different on Mac FiOS DNS vs. AWS DNS? Perhaps just chance, that they were hitting different DNS servers in a pool somewhere. Also, perhaps AWS expires its caches more quickly, and had more changes simply because it asked a pool of servers more often.
The Bottom Line
Anyhow, be aware that DNS changes are messy. As descibed in my previous tip, try to plan in advance and shorten the TTL (Time To Live). Or avoid DNS changes and just change the AWS "EIP (Elastic IP Address)" instead, for a clean instantaneous cutover.
--Fred
-
Multiple root name servers for scalability
Original version: 2/28/2021
Last Updated: 5/25/2021
Applies to: All browsers, all Internet protocolsThe benefits of redundant DNS servers (speed, scalability and reliability) are especially important at the very top level of the DNS hierarchy. That's why there are 13 different "authoritative" "root" name servers, managed by 12 different universities, government agencies, and corporations.
And why each of those 13 authoritative root name servers is replicated by many additional root name servers, for a total of over 1,000 root name servers. Here's a map of their locations around the world. Click the large dots to zoom in and see individual servers.
This is all to distribute the massive load of requests. And to avoid having a "single point of failure", where an outage at a single root server could affect the whole world.
If there were only one root name server, such an outage could bring the entire world-wide Internet to a halt. Especially if local DNS servers didn't cache info they'd previously gotten from other DNS servers.
If no Web browser could look up the IP address of any Web site, all browsing would halt immediately. And the same for all email, all file transfers, all remote logins, all financial transactions, etc., since they all use the same DNS mechanism.
--Fred
-
Multiple root name servers for security
Original version: 2/28/2021
Last Updated: 4/30/2021
Applies to: All browsers, all Internet protocolsIf there were only one root name server, there'd also be a "single point of vulnerability" where a hacker might break in to a root server and corrupt the DNS data. All users around the world would be sent to the wrong IP addresses for all servers. The hacker could intercept all Web server requests and deliver phony pages, or intercept all email, all file transfers, all remote logins, all financial transactions, etc.
If the hacker were clever enough to create realistic looking fake sites, and realistic looking email replies, acknowledgements of finanacial transactions, etc., this might go unnoticed for a long time. Especially if the hacker silently skimmed off info, and then quickly redirected the requests to the real sites.
For example, the hacker could collect your banking username and password, then direct your browser to your real banking site, having already logged you in. You'd never even notice! The hacker might collect hundreds of thousands of usernames and passwords with no one the wiser. And just to keep a low profile, the hacker could redirect some traffic directly to valid sites without skimming anything.
Later, the hacker could suddenly transfer all of the money from all of those bank accounts to his own account. Or only from those those accounts with high balances. Or only from those owned by people that were less likely to notice (elderly folks, or relatively idle accounts, etc.). Or only from people or institutions, or classes of people or institutions, that he specifically wanted to hurt. Then close his account and head for parts unknown.
Could also be after more than just money. After stealing money or sensitive data, could extort those people or institutions to do things he wanted in exchange for him returning some of the money, or not revealing the sensitive info. Could manipulate bankers, corporations, politicians, etc.
Here's how such an extortion scheme might work. It's a tip I wrote a while back about a common extortion scheme where the hacker hasn't even actually hacked anything. Just lies about it, to scare the victim into following orders.
Maybe it's already happening. Can you think of any powerful person who acts as though secretly under the thumb of some evil force? Explains a lot, eh?
The only workaround, if anyone even noticed, would be for users to use IP addresses in all cases instead of names, as described here. Or to create local name lookups via /etc/hosts, etc. as described here. But to do either of those, they'd have to know the IP addresses of all sites they wanted to visit. How would they find them without using DNS?
--Fred
-
Subdomains require permission of parent domains
Original version: 2/28/2021
Last Updated: 6/10/2021
Applies to: All browsers, all Internet protocolsYou can't create a subdomain without the cooperation of the parent domain. For example, you can't register MyOwnSpecialNewDomain.com without the cooperation of ".com".
To get permission, you have to pay a registration fee. That's good, because it pays for the upkeep of the root name servers and other DNS servers around the world.
Also, you can't register TheRealLoginPageTrustMe.RealBankingSite.com without cooperation from RealBankingSite.com. That's also good. It helps prevent "phishing" attacks where someone emails you a link to a site that looks like your banking site, and tries to trick you into clicking it and logging in there so they can collect your username and password.
But some phishers get tricky. Things start to get a whole lot more interesting in the next tip...
--Fred
-
Detecting phishing attacks
Original version: 2/28/2021
Last Updated: 6/22/2021
Applies to: All browsers, all Internet protocolsIf you receive a link in an email, it may be a "phishing" attack. Especially if it urges you to click to login to a web site. Typically a site for banking, or email, or other important or sensitive info.
The sender may be a "phisher", which is a low-skill type of hacker. One who's been unable to break into your computer. And unable to break into a DNS server to try the malicious things described in "Multiple root name servers for security".
Instead, the phisher sends you an email that looks like it might be from your bank. And tries to trick you into clicking a link to login so they can steal your username and password. And then quickly redirects you to your bank's real site and uses the stolen username and password to log you in so you don't realized you've been phished.
This form of "social engineering" can be very effective. It's VERY easy for the phisher to create a site that looks real. With just a click or 2 of their mouse, they can copy all of the images, text, fonts, colors, layout, etc., of your real banking site, to make their own fake site that looks identical.
[6/17/2021 Update 1]
Or they can show the real site and overlay an invisible frame to intercept your keystrokes. Or show their own smaller "login" popup on top of it. Don't be fooled! Here's a warning from 2003 about such an attack:
http://millersmiles.co.uk/identitytheft/citibank-email-verification-hoax.htmIt's best to NOT click any such emailed link. Instead, go to your banking web site as you usually do, by typing the URL, or using a browser bookmark. Then, do any action there directly, knowing you're at the real site.
If you ARE tempted to click such a link in an email, keep in mind that the text displayed in the email is entirely unrelated to the URL that it goes to when you click it. So you can't just look at it and decide if it's safe. For example, this link:
doesn't display a URL at all. It displays instructions telling you to click it. So you have no idea what web site it goes to. And this link:
looks like it would go to google.com, but it actually goes to bristle.com like the 1st one does.
To see where a link REALLY goes, hover your mouse (without clicking) over the link and look at the bottom left of your browser window to see the URL it would take you to.
[6/17/2021 Update 2]
On a phone or tablet, or any device without a mouse, long-press the link to see a popup showing the URL.
[6/22/2021 Update]
If neither of those works, view the raw headers and body of the message. Most email apps, even Microsoft Outlook, offer a way to do that. It's similar to doing a "View Source" of a web page. Instead of seeing the formatted email message, you see the HTML source code for it, including the real URLs of the links.
You can also see the email headers that show exactly where the email really came from -- your bank or someone else. And, if the body of the message is encoded so you can't see the URLs of the links, that's all the more reason to be suspicious. See:
Thanks to Warren Montgomery, retired security expert, and golfer extraordinaire, for reminding me to mention the "View Source" technique! And the possibility of the body being encoded.
Try any of these techniques now, and you'll see that both links go to bristle.com.
If your email app doesn't support any of these, click the link and immediately look at the URL of the site it takes you to.
When looking at the real URL to see if it's safe, pay close attention to the last 2 parts of the host portion of the URL (after the "//" and before the first "/"). They should be something you recognize like your bank's main URL.
For example, if it's supposed to be taking you to a Google site, URLs containing hosts like these (where the last 2 parts are "google.com") would be safe:
- login.mail.google.com/
- nasdaq.finance.google.com/
- malvern.pa.usa.maps.google.com/
But hosts like these (where the last 2 parts are NOT "google.com") would NOT be safe. They're not controlled by Google, and Google may not even know about them:
- google.com.xyzpdq.org/
- google.com.masterphisher.us/
- google.com.gonnagetcha.com/
Similarly, these would be real US government IRS sites:
- irs.gov
- irs.gov/refund
- refund.irs.gov/SendMyCheckNow
- secure.irs.gov/refund/SendMyCheckNow
But these are not:
- irs.com
- irs.com/topics/tax-refunds/
- irs.gov.xyzpdq.org/
- gov.irs.safe.com/
- www.irs.gov.trusted.org/
- irs.gov.secure.cn/getmyrefund
- get_refund.from.irs.gov.secure.ly/
Pay attention! It's always the last 2 parts before the first single slash ("/") that matter.
[6/17/2021 Update 3]
Actually, it's not necessarily the first single slash. Web servers typically tolerate extra slashes, so the first single slash ("/") may actually be a second double slash ("//"). For example, this is a valid URL:
The browser sends it to the Web server, which treats it exactly the same as:
The phisher may try to trick you with a URL like:
- http://secure.com//google.com/login
So, don't look for the last 2 parts before the first single slash:
- http://secure.com//google.com/login
Instead, look for the last 2 parts AFTER the first double slash and before the next slash (single, double, triple, or whatever).
- http://secure.com//google.com/login
But it gets worse...
--Fred
-
Beware funky chars in URLs
Original version: 2/28/2021
Last Updated: 6/10/2021
Applies to: All browsers, all Internet protocolsUnfortunately, looking carefully at the URL isn't enough to keep you safe. Even if you pay attention to all the details described in the previous tip Detecting phishing attacks, you can still be fooled.
That's because there are funky characters that look like normal letters and numbers. Not just the old familiar problem of "1" vs "l", or "0" vs "O". In recent years, hosts in URLs are allowed to contain non-ASCII chars . Can now contain any "Unicode" char. That creates security risks, with "spoofing" attacks, as shown in this example sent to me by Phil Hostetter:
Computers and the Internet were orginally created mostly by English-speaking Americans. Or at least stongly influenced by them, for better or for worse. So, they used the "ASCII" character set ("American Standard Code for Information Interchange"), which supports the "Latin" alphabet used by the English language.
But ASCII only contains a total of 128 characters. That's enough for 26 uppercase letters, 26 lowercase letters, and 10 digits. Plus a blank space character, and a couple dozen punctuation marks like period, comma, question mark, etc. Plus some characters reserved for special meanings to the computer, like backspace, tab, carriage return, line feed, etc.
ASCII doesn't have enough different codes to support all the characters used by people in other countries, like letters with accents, cedillas, umlauts, etc. So eventually the much larger "Unicode" character set was created as a replacement for ASCII. Unicode supports all the ASCII chars, plus all the others mentioned above.
It also supports all the non-Latin alphabets like Cyrillic (Russian, Bulgarian, Serbian, Ukrainian, etc.), Chinese, Hebrew, Greek, etc. Now web pages can be created in any language on Earth, so web users in various countries can read web pages that were created in their native language. Don't have to all learn English to communicate with each other and the rest of the world.
So far, so good...
But in recent years, Unicode chars are allowed not only in Web pages for people to read, but also in URLs that take you to Web pages. And many Unicode chars look VERY similar (or identical) to other ASCII chars. So, as shown in the example above, it becomes even easier for a hacker to spoof you, tricking you into going to a fake web site. What looks like a letter "a" might be an entirely different character from a different alphabet, or from no alphabet at all. When a URL contains such a character in place of a familiar letter, it can take you to a malicious web site.
Never click on links that were emailed to you! At least not for important web sites, like your on-line bank, where you're going to type in a username and password. Always go directly to any important sites as you usually do, by typing the URL, or using a browser bookmark. Then, do any action there directly, knowing you're at the real site.
Here's a partial list (there are MANY more) of Cyrillic and Greek chars that look VERY similar to ASCII chars. Some are identical, and others close enough to fool most of us. But technically, they're different from the ASCII char that they look like. So when they're used in a URL, they go to a different web site. Beware!
In the "ASCII" column, I show the same ASCII char 4 times, in 2 different fonts, and with and without italics, just to show some variety of how the valid character might look. In the other columns, I show each funky char 8 times. In 2 different fonts, and with and without italics. And those 4 combinations repeated in a slightly larger font size because some of them default to a size slightly smaller than the ASCII char. Hopefully, this makes it easy for you to see how easy it would be to get fooled. Substituting just one character in a domain name causes you to go to a fake web site.
ASCII Cyrillic Greek A A A A А А А А А А А А Α Α Α Α Α Α Α Α B B B B В В В В В В В В
в в в в в в в вΒ Β Β Β Β Β Β Β C C C C С С С С С С С С Ϲ Ϲ Ϲ Ϲ Ϲ Ϲ Ϲ Ϲ E E E E Е Е Е Е Е Е Е Е Ε Ε Ε Ε Ε Ε Ε Ε F F F F Ғ Ғ Ғ Ғ Ғ Ғ Ғ Ғ Ϝ Ϝ Ϝ Ϝ Ϝ Ϝ Ϝ Ϝ
ϝ ϝ ϝ ϝ ϝ ϝ ϝ ϝG G G G Ԍ Ԍ Ԍ Ԍ Ԍ Ԍ Ԍ Ԍ
ԍ ԍ ԍ ԍ ԍ ԍ ԍ ԍH H H H Н Н Н Н Н Н Н Н
н н н н н н н нΗ Η Η Η Η Η Η Η I I I I І І І І І І І І Ι Ι Ι Ι Ι Ι Ι Ι J J J J Ј Ј Ј Ј Ј Ј Ј Ј K K K K К К К К К К К К
к к к к к к к кΚ Κ Κ Κ Κ Κ Κ Κ
κ κ κ κ κ κ κ κM M M M М М М М М М М М
м м м м м м м мΜ Μ Μ Μ Μ Μ Μ Μ
Ϻ Ϻ Ϻ Ϻ Ϻ Ϻ Ϻ ϺN N N N Ν Ν Ν Ν Ν Ν Ν Ν O O O O О О О О О О О О
о о о о о о о оΟ Ο Ο Ο Ο Ο Ο Ο P P P P Р Р Р Р Р Р Р Р Ρ Ρ Ρ Ρ Ρ Ρ Ρ Ρ Q Q Q Q Ԛ Ԛ Ԛ Ԛ Ԛ Ԛ Ԛ Ԛ S S S S Ѕ Ѕ Ѕ Ѕ Ѕ Ѕ Ѕ Ѕ T T T T Т Т Т Т Т Т Т Т
т т т т т т т тͲ Ͳ Ͳ Ͳ Ͳ Ͳ Ͳ Ͳ
ͳ ͳ ͳ ͳ ͳ ͳ ͳ ͳ
Τ Τ Τ Τ Τ Τ Τ Τ
τ τ τ τU U U U υ υ υ υ υ υ υ υ V V V V Ѵ Ѵ Ѵ Ѵ Ѵ Ѵ Ѵ Ѵ W W W W Ԝ Ԝ Ԝ Ԝ Ԝ Ԝ Ԝ Ԝ X X X X Х Х Х Х Х Х Х Х Χ Χ Χ Χ Χ Χ Χ Χ
χ χ χ χ χ χ χ χY Y Y Y Ү Ү Ү Ү Ү Ү Ү Ү
ү ү ү ү ү ү ү үΥ Υ Υ Υ Υ Υ Υ Υ
γ γ γ γ γ γ γ γZ Z Z Z Ζ Ζ Ζ Ζ Ζ Ζ Ζ Ζ a a a a а а а а а а а а α α α α α α α α b b b b Ь Ь Ь Ь Ь Ь Ь Ь
ь ь ь ь ь ь ь ьc c c c с с с с с с с с ϲ ϲ ϲ ϲ ϲ ϲ ϲ ϲ d d d d Ԁ Ԁ Ԁ Ԁ Ԁ Ԁ Ԁ Ԁ
ԁ ԁ ԁ ԁ ԁ ԁ ԁ ԁe e e e е е е е е е е е f f f f ϝ ϝ h h h h Һ Һ Һ Һ Һ Һ Һ Һ
һ һ һ һ һ һ һ һi i i i і і і і і і і і ί ί ί ί ί ί ί ί j j j j ј ј ј ј ј ј ј ј ϳ ϳ ϳ ϳ ϳ ϳ ϳ ϳ l l l l Ӏ Ӏ Ӏ Ӏ Ӏ Ӏ Ӏ Ӏ
ӏ ӏ ӏ ӏ ӏ ӏ ӏ ӏι ι ι ι ι ι ι ι m m m m т т n n n n η η η η η η η η o o o o ο ο ο ο ο ο ο ο p p p p р р р р р р р р ρ ρ ρ ρ ρ ρ ρ ρ q q q q ԛ ԛ ԛ ԛ ԛ ԛ ԛ ԛ r r r r г г г г г г s s s s ѕ ѕ ѕ ѕ ѕ ѕ ѕ ѕ v v v v ѵ ѵ ѵ ѵ ѵ ѵ ѵ ѵ ν ν ν ν ν ν ν ν w w w w ѡ ѡ ѡ ѡ ѡ ѡ ѡ ѡ
ԝ ԝ ԝ ԝ ԝ ԝ ԝ ԝx x x x х х х х х х х х y y y y У У У У У У У У
у у у у у у у у0 0 0 0 О О О О О О О О
о о о о о о о оΟ Ο Ο Ο Ο Ο Ο Ο 1 1 1 1 Ӏ Ӏ Ӏ Ӏ Ӏ Ӏ Ӏ Ӏ
ӏ ӏ ӏ ӏ ӏ ӏ ӏ ӏι ι ι ι ι ι ι ι 3 3 3 3 З З З З З З З З
з з з з з з з з
Ӡ Ӡ Ӡ Ӡ Ӡ Ӡ Ӡ Ӡ
ӡ ӡ ӡ ӡ ӡ ӡ ӡ ӡ5 5 5 5 Ҕ Ҕ Ҕ Ҕ Ҕ Ҕ Ҕ Ҕ
ҕ ҕ ҕ ҕ ҕ ҕ ҕ ҕAnd many, many, many more... Details about Unicode chars in URLs:
More info about the spoofing problem:
- https://en.wikipedia.org/wiki/Internationalized_domain_name#ASCII_spoofing_concerns
- https://en.wikipedia.org/wiki/IDN_homograph_attack
Cyrillic and Greek alphabets:
- https://en.wikipedia.org/wiki/Cyrillic_alphabets
- https://www.w3schools.com/charsets/ref_utf_cyrillic.asp
- https://www.w3schools.com/charsets/ref_utf_cyrillic_supplement.asp
- https://www.w3schools.com/charsets/ref_utf_greek.asp
But there's no need to get so exotic. Aside from the Cyrillic, Greek and other alphabets, there are lots of non-ASCII characters included in our own Latin alphabet. They're mostly to support the umlauts, accents and such of European languages like French, Spanish, Dutch, Danish, etc. But some look very similar to normal ASCII chars. See:
- https://www.w3schools.com/charsets/ref_utf_latin_extended_a.asp
- https://www.w3schools.com/charsets/ref_utf_latin_extended_b.asp
- https://www.w3schools.com/charsets/ref_utf_modifiers.asp
- https://www.w3schools.com/charsets/ref_utf_letterlike.asp
See also my warning in 2013 to programmers that this change was coming, and that they'd need to update their web apps and web sites to tolerate Unicode.
--Fred
-
Avoid clicking shortened URLs
Original version: 1/31/2002
Last Updated: 6/17/2021
Applies to: All browsers, all Internet protocolsBeware clicking shortened URLs produced by "URL shorteners" like:
- tinyurl.com
- bit.ly
- t.co
- lnkd.in
- fb.me
- goo.gl
- etc...
They can be useful in cases like Twitter posts where the total number of chars is extremely limited. (Useful, that is, if you're willing to concede that Twitter itself is useful, which I have my doubts about!) But they hide the real URL, so you have no idea where it's going to take you. Phishers LOVE URL shorteners!
Spammers also love URL shorteners. When you click a shortened URL, it goes to the website of the "URL shortener" service to look up the real URL. That service can take the opportunity to collect info about your browsing habits and sell it to spammers and marketing companies, so they can target you more precisely with spam and ads.
Personally, I never shorten my URLs. I always use full-length URLs. As descriptive and informative as possible. So my readers can read the URL to know in advance that it's safe to click. And to decide whether the info at the other end of the link is likely to be interesting enough to bother clicking.
Unfortunately, many web sites like LinkedIn (owned by Microsoft), Twitter, Facebook, etc., shorten URLs automatically. They remove the long descriptive URL that you so carefully and thoughtfully provided to inform your readers and make them more safe. They replace it with a cryptic, meaningless, shortened URL that leaves your readers uninformed. And that trains them to automatically click such URLs without a 2nd thought. So they'll fall victim to phishing atacks in the future. Doh!
They do this for 2 reasons:
-
They assume their users are impatient, lazy, unwilling to
scan visually past a longer URL, and foolish enough to not
care about security risks.
-
They've written sloppy software that can't handle normal
full-length URLs:
-
Can't handle a few extra characters per post.
Some sites drastically limit the number of chars per post. For example, Twitter limits you to 140 chars per tweet. I have no idea why. To save storage space? To save transmission time to/from the Twitter servers? To simplify the job of formatting tweets for display? Because they think all of their users have too short an attention span to read more than 1-2 lines of text? Who knows?... In any case, allowing full-length URLs of up to 256 or more chars is impossible when the total char limit of an entire tweet is 140.
But 140 chars was just too small to be useful. So they started adding convoluted logic to not count all the chars of URLs towards the 140 limit, to not count the chars of multiple Twitter handles at the start of the text, etc. That didn't help much, and made it nearly impossible to predict how many chars you could put into your tweet.
After a few years they relented and changed the limit to 280. I have no idea why. 280 is still WAY too small a limit. Should be AT LEAST 10,000 chars.
Other sites have different limits for "articles" vs regular posts, for comments vs posts, for replies to comments vs comments, etc. For example, Facebook limits posts to 64,000 chars, but comments to 8,000. LinkedIn limits articles to 120,000 chars, but regular posts to 3,000.
Some sites allow you to type large amounts of text, but silently truncate it so your readers can't see it. Or "elide" the text, replacing part of it with an ellipsis ("...") or displaying a "More..." link, so your reader has to click to see the rest. For details and more limits, see:
Twitter users have rebelled. They've found ways to get around the limit, like posting an image file or video that displays all the words they were unable to include as plain text. Wow! That really backfired, eh? Now instead of storing a few hundred or thousand more chars, Twitter servers have to store and transmit an image which can easily be 5-10MB (equal to 5-10 MILLION chars), or a video, which can easily be 10 or 100 times bigger than that (50-1000MB, equal to 1 BILLION chars) or much more. Doh! Imagine trying to justify that bonehead decision to your boss or your shareholders!
Twitter users have also invented various clunky, awkward conventions to string together long sequences of short tweets for posts that won't fit into a single tweet. They number the tweets as 1/4, 2/4, 3/4, 4/4, etc. Or they create the 2nd and subsequent tweets as replies to the 1st tweet to form a "conversation thread". Or they do both, since neither works very well.
Twitter doesn't have features to handle these conventions well. No easy way to jump to the next or previous tweet in a thread. Or to jump to the beginning of a thread if you start with just the URL of one of the tweets. Or to re-tweet, like, share, or comment on, an entire thread. And so on... So Twitter comes off looking even more lame than it already was. Doh!
-
Can't handle blank spaces and other special chars that
are valid in URLs and handled properly by all other
Internet software throughout the world.
Instead of using the standard Internet solution of "URL-encoding" all such URLs (changing spaces to plus signs or to "%20", etc.), they delete the entire URL and replace it with a shortened URL. Doh!
-
Can't do a good job of formatting a post that
contains
long strings of chars like URLs, especially when
displaying it on a narrow screen like a phone.
Text editors, word processors, and more recently Web browsers, have handled long lines of text for over 50 years. They typically give the user an option of whether to wrap long lines or truncate them at the edge of the window. To wrap by breaking at words or arbitrarily. To define which chars denote a word boundary. And so on.
Sites like Twitter should leverage such well-defined, decades-old techniques to format posts well, instead of limiting them to ridiculously short lengths. It's trivially easy in a Web browser. Don't even have to re-invent the wheel. A line or two of CSS does the trick across all devices. Did they not realize that? Doh!
-
Can't handle a few extra characters per post.
Some sites take a different approach. Instead of replacing a long URL with a shortened URL, they "elide" the URL when they display it, replacing part of it with an ellipsis ("..."). This is nearly as bad as shortening the URL. They still have to remember the full URL for use when you click on it, so they're making more work for themselves.
And you still can't see the entire URL, so you can't decide whether it's safe, whether it looks interesting enough to click on, etc. Worse, such elision often hides the most critical part of the URL -- the domain name that tells you whether you're being phished. They're just contributing to the dumbing down of their users, making us all more likely to fall for a scam. Doh!
You can check a shortened URL before clicking it. To see where it actually goes, you can:
-
Copy/paste it into a "shortened URL expander"
-
Copy/paste it into your browser's address bar and
change it slightly, adding a trailing plus sign or
inserting the hostname "preview" in front of the
domain name
- Install a browser plugin that allows you to right-click on it to see thew actual URL. Eventually, I think all browsers will be updated to do this automatically, or to just show the real URL of a shortened URL when you hover the mouse over it, but for now there are plugins.
For details on these and other techniques, see:
- https://safecomputing.umich.edu/be-aware/phishing-and-suspicious-email/shortened-url-security
- https://www.cmu.edu/iso//aware/dont-take-the-bait/shortened-url-security.html
- https://chrome.google.com/webstore/search/unshorten
- https://www.google.com/search?q=shortened+url+security
- https://www.google.com/search?q=shortened+url+decoder
--Fred
-
Beware email "security" software
Original version: 2/28/2021
Last Updated: 6/17/2021
Applies to: All browsers, all Internet protocolsSome "security software" used by email apps, especially Microsoft Outlook in large corporations, makes things LESS secure. Instead of showing you the actual URL that was sent in an email, they redirect the URL through a "security" layer. Much like a URL shortener, but they make the URL much LONGER instead. Doh!
The service they route the URL through can do checks for known malware sites, etc. Can warn the user to not follow the link. Or even block any user who tries. So far, so good...
The service can (and typically does) also monitor your Web history, tracking which sites you visit, when and how often, etc. Not ideal, but large corporations like to spy on their employees. Get used to it...
But instead of showing and using the original URL:
or showing the original URL and using the "security" URL behind the scenes:
the "security software" often displays the longer, extraordinarily cryptic security URL:
Why did they do that? What the heck is wrong with these people? Are they TRYING to make us less secure!?!!?
All 3 of the URLs above take you to the same place, and the second two both route you through the same "security" layer. Click them to see for yourself.
But the 3rd one is nearly impossible to read, unless you cut/paste it into an "URL decoder" tool like https://www.urldecoder.org to see:
And even then, you have to ignore the part that routes it through the "security" layer:
- https://na01.safelinks.protection.outlook.com/?url=
and all the crud at the end:
- &data=04|01||c007264345b148f39ff708d8fb4dc5d4|84df9e7fe9f640afb435aaaaaaaaaaaa|1|0|637535658729122889|Unknown|TWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0=|1000&sdata=4bdcSXVZ372e56yCzezCi4E7/JZepi55R1eDSRkPoMA=&reserved=0
in order to see the meaningful part that is all they should have shown you to start with:
They've caused all the same security problems as URL shorteners, but without the advantage of actually shortening the URL! Doh! How are you supposed to look at that insanely long URL and decide if it's safe to click? And if it seems interesting enough to bother clicking? Instead, they're training you to blindly click any link without thinking about it.
Furthermore, they've given you a false sense of security, by displaying a URL with the subdomain name "safelinks.protection.outlook.com", when it may not be safe at all. Such "security" software can only protect you from hackers that are so incompetent that they've already been discovered and added to a list of sites known to be unsafe. It provides absolutely NO protection against more skilled and dangerous hackers.
It's like hiring a bodyguard so that you'll be safe in any dangerous situation. But you've hired one who can only protect you from attacks with a fly swatter, or a plastic butter knife. Not from attacks with a real knife or a gun. And only from someone on the FBI's "Most Wanted" list, not from ordinary thugs. Meanwhile, with your false sense of security, you've stopped taking basic precautions. Doh!
--Fred
-
More info
Original version: 2/28/2021
Last Updated: 4/25/2021
Applies to: All browsers, all Internet protocolsFor more info about subdomains, see:
- https://en.wikipedia.org/wiki/Subdomain
- https://en.wikipedia.org/wiki/ARPANET
- https://en.wikipedia.org/wiki/Generic_top-level_domain#History
- https://en.wikipedia.org/wiki/List_of_Internet_top-level_domains#Original_top-level_domains
- https://en.wikipedia.org/wiki/List_of_Internet_top-level_domains#Country_code_top-level_domains
- https://en.wikipedia.org/wiki/List_of_Internet_top-level_domains#ICANN-era_generic_top-level_domains
- https://en.wikipedia.org/wiki/List_of_Internet_top-level_domains#Internationalized_country_code_top-level_domains
- https://www.ionos.com/digitalguide/server/know-how/what-is-a-root-server-definition-and-background
- https://en.wikipedia.org/wiki/Domain_hack
- https://en.wikipedia.org/wiki/Domain_name
If you want to test your knowledge of DNS, here's a handy quiz. Thanks to Bob Rodini for pointing me to it!
Thanks to Hans Hermans for prompting me to cover subdomains in this tip series! It's been an interesting journey.
--Fred
-
:port
Original version: 2/28/2021
Last Updated: 3/22/2021
Applies to: All browsers, all Internet protocolsA port number can be specified as part of a URL:
scheme://username:password@host:port/path?query-string#fragment-id
It's the "port number" to connect to at the remote computer. On a single server computer, it's common to have multiple different server apps: a web server, a mail server, an FTP server, an SSH server, a DNS server, etc.
Server apps listen on port numbers
The port number of a URL tells the server computer which app to pass an incoming IP request to. Each server app is "listening" on a specific port number, and the server computer enforces a rule that says only one app at a time can listen on each port. So the server computer just routes the request to the port number specified in the URL.
Port numbers specified by client apps
For most URLs, you don't bother to specify a port number. That's because you give the URL to a client app on your local computer, tablet or phone. The client app may be a web browser, an email client, an SSH client, an FTP client, etc. Each of these clients know the default port typically used for the type of server it needs to reach. So, it can fill in the port number for you.
Each URL "scheme" has a default port number
The default value depends on the scheme (80 for HTTP, 443 for HTTPS, 22 for SSH, 21 for FTP, etc.)
Client apps let you change the default
The default value may also depend on the tool processing the URL. For example, SSH typically uses port 22, but the config file for an SSH client allows you to override that with a different default port number for each remote server.
?? List of standard port numbers
No question of case sensitivity. It's always a number.
Omit the leading colon (":") when no port number is specified. Omitting it is generally a good idea. You rarely need to specify an explicit port number.
?? Can debug via telnet
--Fred
-
/path
Original version: 2/28/2021
Last Updated: 3/22/2021
Applies to: All browsers, all Internet protocolsA URL can contain a path:
scheme://username:password@host:port/path?query-string#fragment-id
The path is typically the "path" to a specific file on the remote computer. But it's different for some schemes. For example, with the "mailto" scheme it's an email address, and with the "tel" scheme, its a telephone number or dialing sequence.
It typically looks like a fully or partially qualified path (directory, subdirectories and/or name) to a file on the computer. But even then, it may get mapped by the web server to a piece of code to be executed (Java servlet, CGI script, Django view, etc.) on the remote computer. That's especially common with REST Web Services.
For now, let's assume it's simply a file to be delivered.
Unlike the host (which is always case-insensitive, the path is USUALLY case-sensitive. It depends on a couple of different factors:
-
The server's operating system
On Windows servers, paths are case-insensitive ("dir1" is the same as "DIR1"). But on all other operating systems (Mac, Linux, Unix, etc.), paths are case-sensitive ("dir1" is NOT the same as "DIR1"). So, for the majority of web sites, paths are case-sensitive.
-
The web server configuration
If the web server is configured to map certain URL paths to code, those paths are most likely case-sensitive.
You don't typically know how a path is being handled, or whether that handling may change in the future. So always assume the path is case-sensitive.
Omit the leading slash ("/") when no path is specified. It typically defaults to the "root" directory of the web server or FTP server, the "home" directory of a user, or some other useful value.
You can omit the filename if it's "index.htm", "index.html", etc. When a URL path specifies a folder but no filename, Web servers default to a ordered set of likely candidate filenames. It's better to NOT explicitly specify the filename in such cases because omitting it gives web page designers more flexibility. They can move things around in the future, add symlinks to files or folders, change a URL to execute code for a dynamically generated page rather than just load a static page, etc.
Advice for web programmers
Omit the leading slash ("/") whenever a "relative" path is specified instead of an "absolute" path. Any path with no leading slash refers to a file location relative to the current page. It can specify just a filename in the same folder as the Web page: "file1.jpg". Or can specify a subfolder and filename: "images/image1.jpg", "js/script1.js", "css/styles.css".
Can also use the Unix syntax "sub1/sub2/sub3" for nested folders. And "./" to explicitly refer to the same folder, "../" for the parent folder, "../../" for the grandprent, "../sibling", etc. All using the standard Unix path syntax.
Use relative paths whenever possible, for all URLs embedded in any Web page. Such a page can easily be moved to a new folder or even a new server, without having to edit each embedded URL, as long as the same secondary files exist in the same relative locations. Use absolute paths only when absolutely necessary. Web servers are typically configured to prevent a hacker from reaching outside the root tree of the web site.
Use the standard Unix syntax, with forward slash ("/"). Even on operating systems like DOS and Microsoft Windows where the native syntax uses colon (":") and backslash ("\"). And VAX/VMS where the native syntax uses colon (":"), square brackets ("[]"), period (".") and semicolon (";"). The standard Unix syntax is supported in all cases, and is much more portable Will still work when you someday move your web pages to a Linux server.
Fun fact:
Why is the standard Unix syntax supported in all web servers? It would have been more tedious, but would still have worked, if users were required to know the OS of the server and use the native syntax in their URLs. Did someone plan ahead for the convenience of user, and for the portability of Web pages?No, it happened mostly by luck, because web servers were all written in the "C" programming language at first. Even today, when some web browsers are written in other languages, the compilers and interpreters for those languages are typically written in C.
Fun fact (history of what happened):
The C pre-processor needed a syntax to use for #include files. And the C runtime library needed a syntax for files to be manipulated (read, written, deleted, renamed, etc.). Since C was written for Unix, it used the Unix syntax.When DOS and Windows were later created, they were written in C. Those operating systems needed a syntax for identifying options on the command line. They made the mistake of copying the VAX/VMS convention of starting options with forward slash ("/"). Instead of the Unix convention of starting them with hyphen ("-"). So they had to use something else for paths. They chose backslash ("\").
Fun fact (millions of Windows bugs):
That turned out to be an incredibly bad decision. It's caused millions of bugs in DOS and Windows programs over the years. Bugs in programs written by Microsoft, and by thousands of other vendors. Even bugs in the DOS and Windows operating systems themselves. Many of these bugs have never been fixed, and are still security holes in the latest versions of Windows.The problem is that backslash ("\") has always had a special meaning to C. In any character string, it acts as an "escape" character, giving special meaning to the non-special char that follows it, or removing special meaning from the special char that follows it.
For example, in a C string, you make a non-special char special when you specify a newline as "\n", a tab as "\t", etc. Or when you specify the NUL char (which ends a C string prematurely) as "\0". And you make a special char non-special when you cause a newline char to NOT start a new line by preceding it with "\". Or when you cause a backslash to NOT have its special "escape" meaning by preceding it with another backslash as "\\".
So every time a DOS or Windows programmer writes a program that refers to a file, or that parses data that might contain a filename, they have to remember to double all the backslashes in the paths of all the filenames. But they're not used to doing that at the DOS or Windows command line. So they almost always forget. So any path that contains a single backslash may not work properly.
It's easy for such a bug to go unnoticed during testing. The tester may have used only paths with no backslashes because they refer to simple filenames with ever specifying a folder. The bug finally appears when a real user or a real data stream uses a path containing a folder name.
Also, such bugs can be very subtle. There are only a handful of non-special chars that can be made special. For the rest, the backslash is silently removed and ignored. For example, "\m" is treated as simply "m", and "\s" is simply "s". That's true of most of the 26 letters in the alphabet, and almost all of the other ASCII chars.
The tester may not notice that a file specified as "\sub1\sub2\myfile.txt" is accidentally created as "sub1sub2myfile.txt" in the current working folder, instead of "myfile.txt" in the subfolder "sub2" of the root folder "\sub1". Or that the file specified as "archives\0\myfile.txt" has its name truncated by the embedded NUL char ("\0") and is accidentally created as "archives" in the current working folder, instead of "myfile.txt" in the subfolder "0" of the "archives" folder. Or that the configuration file containing the line "sub1\newfile" might have that intrepreted not as the file "newfile" in the folder "sub", but as the file "sub1" followed by an additonal configuration line "ewfile".
Fun fact (security issue):
The use of backslash in paths opened the door to one of the earliest forms of modern day "injection attacks". Imagine the harm that can be done when a program reads a filename to use in the previous command and then reads the next command to be performed. What if a malicious user enters a filename like "file1.txt\ndelete *.*"? What if the program uses "file1.txt" as the filename, and the next line "delete *.*" as the next command? I've used such tricks often over the years to break into various systems.Fun fact (useful side effect):
Here's one of the most useful side effects of all this, for me anyhow. DOS and Windows are written in C, and use the standard C runtime library for many of their file manipulations. That includes the DOS and Windows command line interpreters (COMMAND.COM) and (CMD.EXE). Also, the Windows crown jewels, the "registry" editor (REGEDIT.EXE, and REGEDT32.EXE).That's right! Not only do all web browsers and web servers, including those running on Windows and even those written by Microsoft, accept the standard Unix syntax for URL paths. The same is true for filenames specified at the DOS and Window command lines, in Windows Registry files, etc. All accidentally!
For years I've been able to use the standard Unix forward slash ("/") that my fingers know and love, instead of the DOS and Windows backslash ("\") when typing a filename at the DOS or Windows command line or into a registry file. Nice!
Disclaimer:
I may have mentioned this to Microsoft when they flew me out to Redmond in the 1990's to show them how I was able to do some things with their VB language that they didn't think were possible.So they may have "fixed" this by now. I'm not sure. I haven't used Windows in almost 20 years. But I wouldn't be surprised if it still works because changing it now would break a LOT of things for a LOT of Microsoft customers.
Also, they don't have a good track record of fixing bugs I've reported to them. Last time I checked, a few years later, REGEDIT.EXE was still unable to load REG files that had spaces in their names.
Thanks to John Moore for catching typos!
--Fred
-
The server's operating system
-
?query-string
Original version: 2/28/2021
Last Updated: 5/2/2021
Applies to: All browsers, most Internet protocolsA URL can contain a query-string:
scheme://username:password@host:port/path?query-string#fragment-id
The "query-string" is a set of name-value pairs, with an equals sign ("=") separating the name and value, and an ampersand ("&") separating the pairs.
- Example: name=Fred&age=29&state=PA
Values are optional, so some or all of the name-value pairs can be just names.
- Example: name=Fred&prepaid&age=29
Omit the leading question mark ("?") when no query-string is specified.
Values embedded in query-strings often contain blank spaces, but that can cause problems in any environment where a blank space is erroneously assumed to be the end of the URL. For example, a URL embedded in an email message without using HTML or any other syntax to identify it as a URL. Email clients try to recognize such URLs and display them as clickable links. But they often fail because they don't know where the URL ends and normal text resumes. To avoid this problem, replace each blank space with a plus sign ("+").
- Example: name=Fred+Stluka&age=29&title=Senior+Web+programmer
Values also often contain other special chars like ampsersand ("&"), equals signs ("="), and non-ASCII Unicode chars. These can cause all sort of problems with the various systems that have to display, process, transmit or interpet URLs. It's best to "urlencode" such values, replacing each special char with a percent sign ("%") followed by its hexidecimal Unicode value.
Examples:-
Instead of using plus signs for spaces:
- name=Fred+Stluka&age=29&title=Senior+Web+programmer
- name=Fred%20Stluka&age=29&title=Senior%20Web%20programmer
-
To avoid issues with ampsersand ("&"), equals
signs ("="), percent sign ("%"), etc:
- interest=10%&specialty=Odds&Ends&dislike=Might=Right
- interest=10%25&specialty=Odds%26Ends&dislike=Might%3DRight
?? Can find a complete list of urlencoded chars at: ...
Query-strings are typically used with the "http" or "https" scheme, to pass additional info to servers.
?? Examples for YouTube, Google Search, Google Maps, Google Finance, etc, using my scripts.
A query-string can also be used with the "mailto" scheme. The purpose of this scheme is to open your local email client so you can compose and send an email message.
Examples:- To simply open the email client to send email to me: but to also fill in the subject line and body, use a query-string, providing values of the special names "subject" and "body":
- To avoid issues with spaces, urlencode them (plus signs may not work here):
- To embed newlines or other special chars, urlencode them:
--Fred
-
#fragment-id
Original version: 2/28/2021
Last Updated: 12/21/2024
Applies to: Chrome 80+, Firefox 131+, Safari 18.2+, Edge 89+A URL can contain a fragment-id:
scheme://username:password@host:port/path?query-string#fragment-id
Unlike all of the URL parts discussed above, the fragment-id is not used to locate the server, or to connect to the server, and is not passed to the server as part of the page request. It is used by the web browser after the page is returned by the server. In fact, you can sort of think of the "#" delimiter as a comment delimiter in a programming language. The server never sees it, and therefore takes no action on it.
The most common use of fragment-id is to refer to an "anchor". An anchor is a name embedded in a web page at a specific location. It's added explicitly by the author of the page, typically to make it possible for a URL to refer not just to the page:
but to a specific location within the page. For example, to link to this specific tip within this Tips page:
That URL tells the server to return the Internet.htm page to the browser. And it tells the browser to scroll to the "url_syntax_fragment_id" anchor once the page is loaded. So clicking on that URL takes you directly to this tip in this Tips page.
This only works if the author of the page (me, in this case) anticipated that it would be useful for users to link directly to this location in the page. For that reason, when I wrote this page, I added an HTML "anchor" tag with a "name" attribute that has the value "url_syntax_fragment_id". That tag has no visual effect on the page. Its sole purpose is to create an "anchor" that a URL can link to.
So, how do you create a URL that links to a specific location in a page if the author didn't think to explicitly add an anchor tag at the location you want?
That has been a problem for many years. The fragment-id has been a part of the URL syntax since the very beginning, way back in 1991 or so. But so often, the page author doesn't think to add anchors in all the desirable places.
A common workaround has been to use "id" attributes of HTML elements as fragment-ids.
Originally, web pages were simple HTML to show text and images. But over time, they bacame more dynamic pages that reacted to user interactions. This was accomplished by the page author adding JavaScript code to the page. That code could respond to user actions (clicks, keystrokes, mouse moves, etc.) by operating on the HTML elements and making changes to them. This technque came to be known as "Dynamic HTML".
For the JavaScript code to operate on the HTML elements, it needed a way to refer to them. So, page authors started adding "id" attributes to the elements, to be referred to by the code. Gradually, more and more of the HTML elements in a typical web page were being assigned unique ids.
Eventually the browsers took advantage of this proliferation of ids, and started allowing the fragment-id of a URL to refer to the "id" attribute of any HTML element. Not just to the "name" attribute of an anchor element.
This made a huge difference. Suddenly, for millions of existing web pages, it was possible for anyone to create a URL that linked directly to a specific section of the page. They just had to do a "View Source" on the Web page to see its underlying HTML, find the id attribute of an HTML element near the desired location, and add that id as a fragment-id in their URL. Easy, peasy!
However, it was fragile.
The page author didn't know that you'd looked at his HTML and were now relying on that id. He might assume you only cared about the overall appearance of his page, not any of the behind-the-scenes details like values of id attributes of HTML element. So, he might change the id at any time, as he updated the page for some unrelated reason.
Furthermore, as web pages got fancier and did more things, they got more complicated. It got to be much more common for a page author to not hand-craft the page and specify meaningful ids. Instead, he might use an automated tool to generate the page from a higher level specification. Might generate the page on the fly, from content pulled from a database.
He might even be a non-programmer using a tool to create pages by pointing and clicking, choosing options from menus, etc. For example a blog writer, who's concerned only with the content and appearance of his blog article, and doesn't know anything about HTML.
Such tools generate unique ids so that the JavaScript works properly, but they do not typically generate them as meaningful names. Usually simple things like "id1", "id2", "id3", etc. Even worse, they typically assume that the ids are used only within the page by the JavaScript code. Not by any external thing like the fragment-id of a URL linking to it from another page or another site. So, they typically re-generate all of the ids each time the author makes any change to the page.
Very fragile!
Fragment-id as a search string
So the browsers added a new option that allowed a fragment-id to be not simply a unique "name" or "id" of an HTML tag in the page. Instead, it could now be a search for a string displayed by the page. The new syntax uses not only "#", but also a special new sequence ":~:text=".
So a URL like:
http://bristle.com/Tips/Internet.htm#:~:text=That has been a problem
still tells the server to return the Internet.htm page to the browser. But now it also tells the browser to search the returned page for the string "That has been a problem", and to scroll the page to make that string visible. And to highlight that string to make it easier to spot. So, clicking on that URL takes you directly to that phrase a few paragraphs above in this Tips page. Click it now, to see for yourself.
This was a safe change to make. It wouldn't break any of the now billions of existing web pages. Because the fragment-id had always been ignored by the web servers. And because the special characters ":", "~", etc, had never been valid chars in a fragment-id, so there wouldn't be any existing URLs that used them.
However, it was still fragile. What if the search text contains special chars that can't be used in a URL? It's better to "urlencode" the search string as:
http://bristle.com/Tips/Internet.htm#:~:text=That%20has%20been%20a%20problem
Or what if the web page author changes the wording on the page? Or what if the text to be searched and highlighted is really long? Even if it doesn't exceed the maximum length allowed for a URL, it gets more and more likely that the web page would change over time and no longer match exactly. So, the URL would no longer scroll to and highlight the desired text. It would just go to the top of the page.
It would be better to not have to include all of the text in the fragment-id of the URL. Better to be able to just specify the start and end of the search string. So, instead of a fragment id like:
you can specify the start and end by using a comma (","):
Worse, what if the author adds another occurrence of the search string earlier in the page? Now the URL finds and highlights the wrong occurrence. So, the browsers also allow you to specify a prefix and/or suffix by using hyphens ("-"):
Now the search string that starts with "start" and ends with "end" matches only if it's also true that the word(s) before "start" are "prefix" and the word(s) after "end" are "suffix".
Note that the prefix and suffix only affect the search, not the highlighting. Once the matching string is found and scrolled to, it is highlighted from "start" to "end". The prefix and suffix strings are not highlighted.
Still fragile, but much less so.
Fragment-id as multiple search strings
You can also specify 2 (or more) different search strings and they'll all be highlighted. Like with multiple parameters in a query-string, use ampersand ("&") to separate multiple "text=" clauses:
#:~:text=prefix1-,start1,end1,-suffix1&text=prefix2-,start2,end2,-suffix2
Fragment-id as a search string with a fallback "anchor"
To make it even less fragile, you can use a fragment-id to specify both an anchor and one or more search strings. The page is scrolled to the first search string that is found. All of the found search strings are highlighted. If none of the search strings are found, the page is scrolled to the anchor.
#url_syntax_fragment_id:~:text=contain a fragment&text=Unlike all of, discussed above
So what if the colors and design of the target web page don't work well with the highlight color that the browser chooses? As the author of a web page, you can use CSS to specify the color, background color, font-size, and any other attributes, to be used for highlighting. Use the ::target-text CSS pseudo-selector.
This feature was first implemented by Google Chrome in 2020. Probably in support of Google Search, so that a link from a search results page could not only take you to the found page, but also scroll to and highlight the relevant part of that page. You may have noticed this in your Google search results for the past few years. The feature has since been copied by all other browsers. See this Google Chrome blog post for details.
What if you, as a user, don't want your browser to do such searches, and prefer to always start at the top of each newly loaded page? Or what if you, as a web page author, don't want to give users this ability to create URLs that search your web page? In both cases, there are ways to block it. See details in the Google Chrome blog link above.
--Fred
Running Javascript from Address bar
Last Updated: 6/16/2000
Applies to: Netscape 3+, IE 3+
You can run simple Javascript programs directly from the Address bar of the browser. For example, to find out the date that a Web page was last modified, type the following URL into the Address bar while viewing the page:
javascript:alert(document.lastModified)
For convenience, I added this URL to my Netscape Bookmarks.
--Fred
Changing font size in Web browsers
Original Version: 10/22/2004
Last Updated: 7/5/2007
Applies to: Firefox 1.0+, Netscape 3+, IE 6+
Hard to read the tiny font size at some Web sites? (Happens to me more and more lately, as I get older!) Even if you can read it okay, do you sometimes need a larger font during presentations and demos?
In recent versions of Netscape (6, 7, 8, 9, etc.), and in all versions of Mozilla Firefox, simply hit:
Ctrl-Plus or Ctrl-Minus
a few times to grow or shrink the text to the size you want, from absurdly huge with one word filling the entire screen (2000%) to nearly microscopic (5%). In older versions of Netscape (4, 3, etc.), grow or shrink with:
Ctrl-] or Ctrl-[
If you forget these key combinations, check the Netscape menu:
View | Text Zoom
which offers these same features, plus 7 preset sizes, plus the ability to type in a custom zoom factor directly. It also remembers the custom zoom factor you chose, so you can quickly revert to that exact zoom factor after a temporary zoom in or out.
In Firefox, it's the menu:
View | Text Size
which offers options to increase, decrease or reset to default size (Ctrl-Zero). In Firefox (and Netscape 8 and 9, which use the Firefox engine internally), you can also grow or shrink the text size via:
Ctrl-Wheel
That is, by holding down the Ctrl key and using the mouse wheel.
Internet Explorer 6.0 offers a limited version of this feature, but no shortcut keys, no custom zoom, and only 5 preset sizes, ranging from 100% to 175%. Use the menu:
View | Text Size
It also supports Ctrl-Wheel, but again only for the 5 preset sizes. It also remembers your current zoom setting and continues to use it if you close the browser and re-open it later.
I haven't tried it yet, but I hear that Internet Explorer 7.0 supports Ctrl-Plus and Ctrl-Minus in a different and perhaps better way. There is a problem with simply growing or shrinking the text on a Web page. Depending on how well the Web page was written, simply changing the text size may or may not cause other page elements to move out of the way to make room for the text. Therefore, poorly written pages may not look good at different text sizes. For example, text may grow to overlap other text or pictures, or things may get chopped off if they do move to avoid overlap. Also, images (GIF, JPEG, etc.) do not grow and shrink with the text. This can make the page look bad, and can also be confusing when what looks like text is actually a picture of text and so doesn't grow or shrink with the rest of the text on the page. Internet Explorer 7.0 solves these problems by growing and shrinking the entire page, not just the text. As I said, I haven't tried it yet, but it sounds good.
So, why haven't I tried it? Microsoft doesn't make it easy. I can install Netscape 3, 4, 6, 7, 8, 9, Firefox 1.0, 1.5, 2.0 etc. all on the same box for testing purposes, but I need a separate box (or at least a separate Windows installation) for each version of Internet Explorer. Each new install wipes out the older version. If I don't like the new version, there's no way to get back to the old version without re-installing the entire Windows operating system and reinstalling and reconfiguring all of my installed applications. I asked a friend at Microsoft about this, and he says their current answer to this problem, for testing a Web application on multiple browsers, is to download free temporary versions of Windows pre-installed with various versions of Internet Explorer. See:
Not exactly what I was after. What I'd really prefer is to be able to flip back and forth between versions, on the same PC, the same Windows installation, etc. With all of the other browsers, I can write a simple batch file to load a page into multiple browsers and do a quick manual test on each. Or I can write a full fledged regression test suite and run it on each browser. Having to stop the automated tests, boot to a new Windows installation, and resume testing on that Windows installation (where I would also have had to install all of my testing software) is a major bump in the road.
Anyhow, things seem to be changing fast in the browser world, with the various vendors copying each other's ideas, and leapfrogging each other with new and better features. Competition is good!
Thanks to the following for their contributions to this tip!
James Higgins
Alex Leshinsky
Tom Stluka
Joe McPeak
Mark Georg
P.S. I finally managed to get Internet Explorer 7.0 installed and tried it out. I decided to bite the bullet and take the irreversible step of upgrading a computer from IE6 to IE7. I went to the Microsoft site to download IE7.
Oops! It requires WinXP, not just Win2K. I prefer Win2K, so I decided to not upgrade that computer. However, I do have a WinXP computer around here somewhere, so I decided to install there.
Oops! It requires WinXP Service Pack 2, not just Service Pack 1. I did a full backup, just in case, then downloaded the 200MB SP2 for an hour and installed, and allowed it to reboot. Now, on to IE7.
Oops! It requires me to install the "Genuine Windows Validation Component" ActiveX control first, before it will let me do the download. OK, I guess... (What am I getting myself into? I've spent most of a day on this already, and I just keep getting in deeper. Yesterday, I installed and tested my software against Firefox 1.0, 1.5, and 2.0, and Netscape 3, 4, 6, 7, 8, and 9, all in one day, with no reboots and no problems.)
Finally, do the download, install it, and let it reboot.
Oops! Computer won't reboot. Totally black screen! Glad I did that backup! Tried a couple more times, powering off and on and eventually got lucky. I wonder what broke it? WinXP SP2, the ActiveX control, or IE7? It managed to boot OK during the WinXP install, but then the install continued. Who knows?
I wonder what else is now broken, or modified to suit Microsoft's interests, on that computer? Who knows... Things generally seem to be working. So, let's try out the Zoom on IE7.
Oops! Bugs. IE 7 does support Ctrl-Plus, Ctrl-Minus, Ctrl-Zero, and Ctrl-Wheel. However, on most pages, zooming in or out also jumps to the top of the Web page, so you have to page back down to find the thing you were trying to zoom in on. It doesn't happen with all pages though. It jumps to the top when viewing the main Microsoft page, for example, but not when viewing the AOL page.
Also, incompatibilities. For some reason, IE7 uses Ctrl-Wheel to zoom in the opposite direction from the other browsers that added this feature years ago. Up zooms in, and down zooms out. Oh well, back to Firefox...
--Fred
Mozilla Firefox
-
Intro to Firefox
Original Version: 4/15/2007
Last Updated: 6/6/2008
Applies to: Firefox 1.0+Firefox is a very fast, powerful, secure Web browser. I recommend it strongly over Microsoft Internet Explorer. It has much better features and much better security. With Firefox, it's very unlikely that your computer will become infected with a virus as you browse the Web. Also, it's more compliant with Web standards than any other browser, so it works at pretty much any Web site.
You can download and install it for free from:
Firefox is derived from the older browsers Mozilla and Netscape, sharing much of the source code with them, but adding lots of new features. Its popularity has been growing rapidly for the past couple years. According to the Web site:
http://www.w3schools.com/browsers/browsers_stats.asp
its share of the browser market has grown from:
5.5% in Jan 2004 (as Mozilla), to
16.6% in Jan 2005, to
25.0% in Jan 2006, to
31.0% in Jan 2007, to
36.4% in Jan 2008and still growing strong. I started using it in 2004 and have never looked back (and never had a virus).
Firefox is "open source", so anyone can look at the source code, find bugs, and add new features. Hundreds of people have written useful add-ons that you can download and install for free. There are plugins to support: Adobe Acrobat, Flash, RealPlayer, Shockwave, Windows Media Player, etc. There are also tons of extensions for searching, calendars, photo organizers, map lookups, debugging JavaScript code, etc. See the list of add-ons at:
https://addons.mozilla.org/en-US/firefox/
Try it! You'll love it!
--Fred
-
Firefox Shortcut Keys
Original Version: 4/15/2007
Last Updated: 1/14/2025
Applies to: Firefox 1.0+Here is a list of some of the more useful shortcut keys in Firefox:
Key Function Ctrl-Plus / Minus / Zero Larger/smaller/default font size Ctrl-Wheel Larger/smaller font size F11 Toggle full screen mode Shift-Click Open link in new window Ctrl-Click Open link in new tab Alt-Enter Open typed address in new tab Alt-F4 Close browser window Ctrl-N New window Ctrl-T New tab Ctrl-F4 Close current tab Middle Mouse Click Close tab Ctrl-Shift-T Re-open most recently closed tab (and its history).
For details, see Reopening a closed Web page.Ctrl-Shift-N Re-open most recently closed window (including all of its tabs and their histories).
For details, see Reopening a closed Web page.Alt-Left / Right Back/Forward Backspace / Shift-Backspace Back/Forward Alt-Home Home page Esc Stop loading page F5 Reload page Ctrl-R Ctrl-F5 Force reload page (bypassing cache) Ctrl-Shift-R ' (apostrophe) Incremental Find Link / Incremental Find Text Ctrl-F / Ctrl-G Find / Find Next F3 / Shift-F3 Find Next/Previous Arrow Keys Scroll down/up/right/left PageDn / PageUp Page down/up Space / Shift-Space Page down/up Home / End Go to beginning/end of page Ctrl-Home / End Go to beginning/end of page Tab / Shift-Tab Go to the next/previous clickable link, text input field, button, checkbox, etc., wrapping around as necessary. Enter Click the current link Space Click the current button, checkbox, etc. F1 Help Drag Select Ctrl-Drag Rectangular Select Ctrl-A Select All Ctrl-C Copy Ctrl-V Paste Ctrl-P Print Ctrl-O Open File Ctrl-D Bookmark this page Ctrl-Shift-D Bookmark all tabs Ctrl-B Manage Bookmarks Ctrl-K Select Web Search Bar Ctrl-E Ctrl-L Select Location Bar F6 Alt-D F10 Go to menu bar Shift-F10 Pop up right mouse menu Alt-Space Open the system menu (restore, move, size, minimize, maximize, close) Ctrl-Left / Up Move Tab Left (when tab is focused) Ctrl-Right / Down Move Tab Right (when tab is focused) Ctrl-Home / End Move Tab to Beginning/End (when tab is focused) F6 / Shift-F6 Next/Previous Frame Ctrl-Tab / Ctrl-Shift-Tab Next/Previous Tab Ctrl-PageDn / PageUp Next/Previous Tab Ctrl-1/2/3/4/5/6/7/8/9 Select tab 1/2/3/4/5/6/7/8/9 Ctrl-Z Undo Ctrl-Y Redo F7 Toggle "cursor browsing mode" (so you can move a cursor around the page via the arrow keys, follow links via Enter, etc.) Shift-Del Delete selected Autocomplete entry. Ctrl-U View Page Source Ctrl-I View Page Info Ctrl-Shift-I DOM Inspector F12 Show/hide Firebug pane Ctrl-F12 Show/hide Firebug window Note that these keys are defined for Firefox on Windows. The keys are similar but different on other platforms (Linux, Mac) to conform to the conventions on those platforms.
Also, Firefox on Windows supports other keys that are common to many Windows applications. See: Windows Shortcut Keys.
For a complete list of Firefox keys (tailored to your platform), see the Firefox on-line help: Help | Help Contents | Keyboard Shortcuts.
See also: Firefox Shortcut Keys.Many of these keys are also supported by other browsers. Even if you're not using Firefox, try them in your browser. You may be pleasantly surprised.
This list is far from complete. Please feel free to mail me your favorite shortcuts. I'll add to this list as time permits. Contributors so far include:
Andriy Palamarchuk
Vadim Storozhuk--Fred
-
Changing font size
Last Updated: 4/15/2007
Applies to: Firefox 1.0+Firefox allows you easily change font size. See:
Changing font size in Web browsers
--Fred
-
Multiple Home Pages
Original Version: 4/15/2007
Last Updated: 4/24/2007
Applies to: Firefox 1.0+, IE 7.0+Firefox allows you to have multiple Home pages, so that each page opens in a separate tab when you open the browser or click Home. To set this up, go to:
Tools | Options | General | Home Page | Location(s)
and put multiple names separated by vertical bars, as:
http://bristle.com|http://google.com|http://yahoo.com
Alternatively, you can open the pages as multiple tabs and then use:
Tools | Options | General | Home Page | Use Current Pages
Or you can choose a folder of your bookmarks to be the tabs via:
Tools | Options | General | Home Page | Use Bookmark...
You can also maintain multiple sets of tabs for easy access without making them your home pages. You simply group them as folders of bookmarks, and access them via any of the following:
Bookmarks | Manage Bookmarks... | Right-Click on a folder | Open in Tabs
Ctrl-B | Right-Click on a folder | Open in Tabs
Ctrl-I | Right-Click on a folder | Open in TabsI haven't tried it yet, but I hear that Internet Explorer 7.0 also supports multiple tabs and multiple home pages.
Thanks to the following for their contributions to this tip!
Mark Georg
Joe McPeak
Tom Stluka--Fred
-
View Live Source
Last Updated: 4/15/2007
Applies to: Firefox 1.0+Firefox allows you to view the "live source" of a Web page. See:
http://bristle.com/Tips/JavaScript.htm#firefox_view_live_source
--Fred
Google Chrome
-
Reopening a closed Web page
Original Version: 7/4/2018
Last Updated: 7/5/2018Want a way to re-open that web page you just accidentally closed? Especially when reading a long web page or when filling out a long form?
Hit Ctrl-Shift-T.
In Chrome, Firefox and Safari (and maybe other browsers too), this immediately re-opens the most recently closed browser tab. If it was the last tab in a browser window (so the entire window is now closed), this opens a new browser window to house the tab.
This capability is slightly different in the various browsers, but in general, it has the following features.
It also restores everything about the tab that it can, including:
- The full history, so the Back button works properly
- The current scroll position of the page in the tab, so if you had scrolled down while reading a long article, you're still scrolled to the same spot
- Any data you may have typed into forms on the page
- etc.
Hit it multiple times to go back to previously closed tabs.
Or you can use the browser's History menu, instead of this shortcut key.
Use Ctrl-Shift-N to reopen all tabs that were open when you accidentally closed an entire browser window. (Firefox, but not Chrome or Safari which use this key instead to open an Incognito or Private window for more private browsing.)
If you closed the entire browser app, re-open it manually and then hit Ctrl-Shift-T. (Chrome, but not Firefox which disables both Ctrl-Shift-T and Ctrl-Shift-N when you open a new browser.)
On a Mac, use Cmd-Shift-T and Cmd-Shift-N.
For more Firefox shortcut keys, many of which also work in Chrome and/or Safari, see:
Thanks to:
- Martin Segall for reminding me to write this tip
- Dave Weiss for reminding me it works in Safari
- Wayne Keyser for telling me Ctrl-Shift-N doesn't work in Chrome
--Fred
Microsoft Internet Explorer
-
Autocompletion of typed URLs in IE 4.0
Last Updated: 10/10/1999
Applies to: IE 4+Microsoft Internet Explorer has a feature that is usually, but not always, convenient. As you type a URL into the Address box, it searches the list of URLs that you have previously typed and completes the URL with any matching one it finds. This can be a problem, if you ever typed a URL that was slightly wrong. It keeps insisting on completing the URL incorrectly. For example, if a URL is case sensitive, and you once typed it with the wrong case, how do you get IE to leave the case the way you want it? Even if you type it exactly right and hit Enter, it converts it to match the incorrect one. One solution is to leave a space in the URL while typing it, then go back and delete the space just before hitting Enter. Tedious, but it works.
--Fred
-
History of typed URLs in IE 4.0
Last Updated: 10/10/1999
Applies to: IE 4+The list of "typed URLs" (the ones you have manually typed into the Address box) of Internet Explorer is stored in the Windows registry, at:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\TypedURLs]
At startup, IE reads named values from this registry key with the names url1, url2, url3, ... url25, stopping at the first one that's not defined. You can use the registry editor to delete or modify these URLs.
--Fred
-
Google Web Apps, no login required
You can run the following free applications directly at the Google Web site, using any Web browser. You don't have to download or install any software, and you don't need a Google login.
-
Google Search
You are probably already familiar with the basics of Google Search. Go to:
type in words, and see a list of links to Web pages containing those words. However, there may be more features than you realize.
-
Google Search Basics
Last Updated: 11/6/2007
At the Google Search web site, you can also:
-
Put multiple words in quotes to search for an exact multi-word
phrase, as:
"java programming language"
-
Do more complicated searches like:
(java OR j2ee) programming -island -country
to specify words where one or the other must be in the Web page, and other words must not be in the page.
-
Click the "Advanced Search" link to be prompted for
details of more advanced searches.
Or go directly there via: http://google.com/advanced_search
-
Click the "Preferences" link to specify personal
preferences like how many matches to show on each results page
(default is 10, but I prefer 100), whether to open a new browser
window (or tab) for the results instead of using the same
browser window, etc. These preferences are saved on your
computer and remembered next time you use Google Search from the
same computer.
-
Click "Language Tools" for language translation
(English to French, etc.)
Or go directly to the translation page via: http://translate.google.com
For more info, see:
http://google.com/help/features.html
http://google.com/help/cheatsheet.html
- Thanks to Thor Collard for pointing me to this last one!--Fred
-
Put multiple words in quotes to search for an exact multi-word
phrase, as:
-
Google Search Synonym
Last Updated: 11/18/2007
You can tell Google to search for synonyms of the word you specified, by prefixing the word with tilde ("~"),as:
~garden design
which finds pages containing "design", as well as any of "garden", "plant", "landscape", etc.
For more info, see:
http://www.google.com/help/cheatsheet.html
--Fred
-
Google Search Number Range
Original Version: 11/18/2007
Last Updated: 11/30/2007You can tell Google to search for any number in a specified range by specifying an ellipsis (with 2 dots or 3 dots), as:
2004..2007
2004...2007
DVD player $100..150This last one searches for the words DVD and Player, along with any dollar amount in the range $100-150, so it tends to find DVD players for sale in that price range.
For more info, see:
http://www.google.com/help/cheatsheet.html
Thanks to Carol Hebert for advice on clarifying this tip!
--Fred
-
Google Search Calculator
Original Version: 11/1/2007
Last Updated: 11/13/2007At the Google Search web site, you can enter an arithmetic expression instead of words to search for. Google evaluates the expression and shows you the answer. For example:
- 1+2 (shows 3)
- 2.5*1.9 (shows 4.75)
It also converts between different units and currencies as:
- 5 pounds in kg (shows 2.26796185 kilograms)
- 6 tsp in tbsp (shows 2 US tablespoons)
-
5 currency of Brazil in Malaysian money (shows 5 Brazil reais = 9.37128344 Malaysian
ringgits)
Note: The currency conversions are not guaranteed to be absolutely current. However, they are probably pretty good since Google pulls them from CitiBank.
It handles a wide variety of mathematical functions like sin(), cos(), sqrt(), log(), ln(), etc., and constants like pi, e, c, etc.
It supports decimal numbers, as well as octal, binary, hexadecimal.
For more info, see:
http://google.com/help/features.html#calculator
http://google.com/help/features.html#currency
http://google.com/help/calculator.html
http://www.google.com/help/cheatsheet.html--Fred
-
Google Search Movie
Original Version: 10/27/2007
Last Updated: 2/1/2009To limit a Google search to pages about movies, include the special word:
movie:
including the colon, among the search words. This is an easy way to find a movie when you can only remember what it was about, or an actor who was in it or something.
Alternatively, you can find show times for movies at nearby theaters, by including any of the special words:
movies
showtimesYou will be prompted for a zip code or city name, and can ask to have that saved for future searches. Or you can specify the zip code on the search as:
movies 19355
showtimes 19355You can also search for the name of a movie and get a list of show times for that movie at nearby theaters.
For more info, see:
http://google.com/help/features.html#movie
--Fred
-
Google Search Define
Original Version: 11/3/2007
Last Updated: 2/1/2009To use Google Search to find the definition of a word, include the special word:
define:
including the colon, among the search words. Google will show you a list of definitions of the term along with links to more detailed definitions in WikiPedia, various dictionaries, and other sites.
For more info, see:
http://google.com/help/features.html#dictionary
--Fred
-
Google Search Phonebook
Original Version: 11/2/2007
Last Updated: 2/1/2009You can use Google Search to look up phone numbers. Just search for any combination of:
- first name (or first initial), last name, city (state is optional)
- first name (or first initial), last name, state
- first name (or first initial), last name, area code
- first name (or first initial), last name, zip code
- phone number, including area code
- last name, city, state
- last name, zip code
Then click the Map link to see a map to their house. Then click the Satellite link to see a satellite photo of the house. Zoom in and you may even see them working in the back garden. :-)
You can also do reverse lookups. Search for a phone number and see who has that number.
For more info (and to remove yourself from the Google phone book, if you like), see:
http://www.google.com/support/websearch/bin/answer.py?hl=en&answer=9112
--Fred
-
Google Search Area Code
Last Updated: 11/2/2007
Search Google for a 3-digit telephone area code. It shows you a link to a map of the area covered by the area code. The link takes you to the right map in http://www.whitepages.com.
For more info, see:
http://google.com/help/features.html#number
--Fred
-
Google Search City
Last Updated: 11/2/2007
Search Google for a city name to see a link to a Google Map of the city.
Include a city name among your Google search terms to limit the search to the specified city. This is useful when searching for local businesses, schools, etc.
For more info, see:
http://google.com/help/features.html#local
--Fred
-
Google Search Zip Code
Last Updated: 11/2/2007
Search Google for a zip code to find out what city and state uses it, and a link to a Google Map of the area.
Include a zip code among your Google search terms to limit the search to the specified zip code. This is useful when searching for local businesses, schools, etc.
For more info, see:
http://google.com/help/features.html#local
--Fred
-
Google Search Address
Last Updated: 11/3/2007
Search Google for a street address to see a link to a Google Map of the address and a button to get directions to/from the address.
Just type the address into the Google Search text box, in ordinary format, as:
1011 West King Rd, Malvern, PA
--Fred
-
Google Search Site
Original Version: 11/2/2007
Last Updated: 2/1/2009To limit a Google search to a specific Web site, specify the site name prefixed with "site:" among the search words. For example, to find all occurrences of the word "reload" in any of the pages at the Bristle Software site, search for:
site:bristle.com reload
You can also get a complete list of the pages from a Web site that have been indexed by Google. For example:
site:bristle.com
For more info, see:
http://google.com/support/websearch/bin/static.py?page=searchguides.html&ctx=advanced#domain
--Fred
-
Google Search Spell Checker
Last Updated: 11/3/2007
Google Search checks not only for the exact words you specify, but also for slight misspellings that occur more often than the spelling you used. Therefore, it makes a great spell checker. If you are not sure whether the word is spelled:
occurrence
or:
occurrance
try searching Google for each one. The wrong one (occurrance) will come back with fewer matches and prompt you:
Did you mean: occurrence
This is not based on a dictionary. It's based on the number of matches on all of the Web pages indexed by Google. Therefore, it's better than a dictionary in that it reflects common usage in the modern world, not only at the time a dictionary was written. It finds new slang terms before they are added to any dictionaries, and finds common misspellings that are becoming generally accepted, etc.
For more info, see:
http://google.com/help/features.html#spell
--Fred
-
Google Search Stock Ticker
Last Updated: 11/3/2007
Search Google for a stock or fund ticker symbol (like YHOO, HD, or GE) and it shows you a graph of the stock or fund value for the past day, along with links to the stock or fund at various financial Web sites, like Google Finance, Yahoo Finance, MSN Money, MarketWatch, CNN Money, and Reuters.
If you don't know the exact stock ticker symbol, search for the company name (like Yahoo, Home Depot, or General Electric). You'll get a brief description of the company, a link to its Web site, and a link like:
+ Stock quote for GE
that expands to the daily graph and links you'd have seen for the stock ticker.
For more info, see:
http://google.com/help/features.html#stock
--Fred
-
Google Search Weather
Last Updated: 11/3/2007
Search Google for the special word "weather" followed by a city name, like:
weather malvern
and it shows you the current temperature and weather conditions for that city, along with a 4-day forecast, all pulled from http://wunderground.com. If necessary to get the right city, throw in a state, zip code, or country name also.
For more info, see:
http://google.com/help/features.html#weather
--Fred
-
Google Search Travel
Original Version: 11/3/2007
Last Updated: 2/1/2009Search Google for the special word "airport" preceded by an airport 3-letter code, like:
phl airport
and it shows you the current conditions at that airport, pulled from http://www.fly.faa.gov.
Search for a flight name and number, like:
united 134
and it shows you links to track the status of that flight at various travel sites, like Travelocity, Expedia, etc.
For more info, see:
http://google.com/help/features.html#airline
--Fred
-
Google Search Date
Original Version: 11/13/2007
Last Updated: 12/11/2007Want a way to restrict a Google search to recent info?
According to the Google Cheat Sheet:
http://google.com/help/cheatsheet.html
you can add the special word "date:" followed by a number, to restrict a Google search to pages first found by Google within that many months of today. However, I can't quite get it to work. I've tried with and without a space after the colon. Instead, it searches for the word "date".
However, at the Google Advanced Search page, you can choose any of the following from the "Return web pages first seen in the" dropdown:
past 24 hours
past week
past month
past 2 months
past 3 months
past 6 months
past yearand it works just fine. If you look closely at the generated URL for the search results page, you'll notice a parameter added to specify the date range:
&as_qdr=d past 24 hours &as_qdr=w past week &as_qdr=m past month &as_qdr=m2 past 2 months &as_qdr=m3 past 3 months &as_qdr=m6 past 6 months &as_qdr=y past year Apparently, "as_qdr" stands for "advanced search query date range", and the values (d, w, m, m2, m3, m6, y) are obviously days, weeks, months, and years. I tried a few that were not available via the drop down, and they worked also, so it seems like a general purpose mechanism:
&as_qdr=d2 past 2 days &as_qdr=d3 past 3 days &as_qdr=w2 past 2 weeks &as_qdr=m4 past 4 months &as_qdr=y3 past 3 years Anyone know the syntax to do it from within the Google search box, instead of having to use the Advanced Search page or edit the URL directly?
Wait a minute! What am I thinking? Why ask all of you? Just Google it! Duh...
OK. Searching for:
google search date range
shows interesting results:
-
http://reviews.cnet.com/4520-10165_7-6206764-2.html
An article about how to restrict a search to a starting and ending date via the syntax:
daterange:startdate-enddate
Unfortunately, startdate and enddate must be expressed as "Julian dates" like 2454445 for 12/11/2007, and 2454438 for 12/4/2007. Julian dates (a counter of days since a specific day long ago) are great for computers, but not easy for people.
-
http://www.gmacker.com/web/content/gDateRange/gdr.htm
A page that offers a friendlier user interface and then uses the above syntax behind the scenes for you. You specify the number of days into the past or choose the start and end dates from a dropdown calendar, and it computes the Julian dates and does the Google search for you.
Still seems like there should be an easier way to do it directly with a Google keyword...
--Fred
-
http://reviews.cnet.com/4520-10165_7-6206764-2.html
-
Google Search Pics
Original Version: 10/27/2007
Last Updated: 2/1/2009At the Google Search web site, you can search for images without switching to the Google Image Search site, by entering a word like "images", "pictures", "pics", etc as one of the search words.
However, this is less useful recently since Google started including some images among regular search results by default. Also, you don't get as many images as at the Google Image Search site. Finally, since they've now added an "Images" link to the results page, it's easy to click that link to flip to the Google Image Search site, without even retyping your query.
When doing a Google Image Search, you can limit the search to images of an exact size. Specify the image size prefixed with "imagesize:" among the search words. For example to find pictures of sailboats that are exactly 1152 pixels wide and 864 pixels tall, search for:
sailboat imagesize:1152x864
For more info, see:
http://images.google.com/advanced_image_search
Thanks to Jim Gadrow for telling me about "imagesize:"!
--Fred
-
Google Search Link
Last Updated: 11/5/2007
It's supposed to be true that if you search Google for a site URL prefixed by "link:", it will show you a list of pages that link to the specified site. However, I can't quite get it to work. I've tried with and without a space after the colon. Without the space, I find very little. With the space, I find pages that mention the URL and the word "link". Anyone know how to make this work?
--Fred
-
Google Search Info
Last Updated: 11/19/2007
At the Google Search web site, you can ask for the information Google has stored about a specific Web page, by prefixing the URL with "info", as:
info:bristle.com
info:http://bristle.com/Tips/Internet.htm
info:bristle.com/Tips/Internet.htmThis shows you links to useful info about the page, like:
- Google's cache of the page
- Pages that Google considers similar
- Pages that link to it (doesn't seem to work any better than "link:")
- Pages from the same site
- etc.
For more info, see:
http://google.com/help/cheatsheet.html
--Fred
-
Google Search Shortcut
Last Updated: 11/3/2007
Want to save your most common Google searches?
You can include the search terms for a Google search in a URL, using the standard URL parameter syntax and the parameter name "q" (which I assume stands for query). For example:
http://google.com/search?q=Fred+Stluka
You can save such a URL as a Windows shortcut, or a browser bookmark/favorite, etc.
Since I spend most of my time at the Windows command line, I save many of my favorites URLs (for Google and other sites) as one-line batch files. I also have a one-line batch file called google.bat that I can use to quickly do Google searches, specifying the search terms as batch file parameters on the command line. The entire contents of google.bat is:
@start http://google.com/search?q=%1+%2+%3+%4+%5+%6+%7+%8+%9
This allows me to type things like:
google 5 pounds in kg
google showtimes
google define:altruistic
google 1-610-555-1234
google Malvern, PA
google 19355
google site:bristle.com reload
google occurrance
google 1011 West King Rd, Malvern, PA
google weather malvernat the command line, without having to start a browser and navigate to Google first. This makes it much easier to use Google for the various purposes mentioned in my previous tips, in one simple step without even leaving the command line.
In case you are not familiar with Windows batch files and/or the URL parameter syntax:
- The "@" sign causes the command in the batch file to not echo to the command window.
-
The command "start" causes your default browser
to be launched at the specified site.
For more info, see:
http://bristle.com/Tips/Windows.htm#START_File
http://bristle.com/Tips/Windows.htm#START_URL - The %1 through %9 values are replaced by the command line parameters of the batch file.
- The "?" and "=" are the standard way to specify a parameter on a URL.
- The "+" signs cause the entire URL, including parameters to be treated by Windows as a single parameter of the "start" command. Otherwise, it would search for only the first word. The "+" signs are treated like spaces once they are passed to the Web site.
--Fred
-
-
Google Maps
You are probably already familiar with the basics of Google Maps. Go to:
type in an address and see a map of the area. Then drag the map to scroll it left, right, up, or down. Click "Get directions" to get directions from one address to another. However, there may be more features than you realize.
-
Google Maps Navigation
Original Version: 11/11/2007
Last Updated: 1/27/2008At the Google Maps web site, you can navigate (browse around in) a map by doing the following:
-
Double-click to zoom in. The zoom is done
intelligently.
- Common zoom techniques: Whenever you zoom in on anything in any computer program, some stuff stays on the screen and other stuff gets pushed off the sides to make room. Many computer programs use a simplistic zoom algorithm that keeps the center of the screen fixed, pushing the edges out uniformly, or keeping the top left corner fixed and pushing the rest down and to the right.
-
Google's zoom technique: Google Maps does it
more intuitively, moving the point you double-clicked to the
center of the screen and then pushing the edges out
uniformly. Most people don't even notice exactly what
is happening. They just find it very easy to use
because it happens to do exactly what they want.
-
Zoom in and out with the mouse wheel. Again, it's
done intelligently. Move the mouse to the point of
interest and scroll in or out. No need to even click
the mouse button. The point stays put and the rest
grows or shrinks around it.
-
Zoom in and out with the Plus and Minus keys.
-
Zoom in/out quickly by dragging the displayed slider, not
just by clicking the displayed + and - buttons.
-
Scroll left, right, up, and down by holding down the
keyboard's arrow keys.
-
Page left, right, up, and down with the Home, End, PageUp,
and PageDn keys.
-
Zoom out with the Insert key. (Hey, why not?
If your hand is over there by the Home, End, PageUp, and
PageDn keys, the nearby Insert key may as well do something
useful too!)
-
Click the little arrow button at the bottom right of the
map to see a small overview map showing the mapped area in a
purple rectangle, in the context of the surrounding area.
-
Quickly scroll the main map by dragging the purple rectangle in the overview map.
-
Return to the location and zoom level you started with, by
clicking the small square with 4 tiny arrows that is
displayed in the middle of the displayed arrow buttons above
the zoom slider.
For more info, see:
http://maps.google.com/support/bin/answer.py?answer=68259
http://maps.google.com/support--Fred
-
Double-click to zoom in. The zoom is done
intelligently.
-
Google Maps Searching
Original Version: 11/11/2007
Last Updated: 1/27/2008At the Google Maps web site, you can search for a new map by doing the following:
-
Type 2 street names or highway route numbers separated by the
word "and" to find the intersection of the
roads. For example:
king street and us 30, malvern
-
Type 2 addresses separated by the word "to" to get
directions from one place to another without having to click
"Get directions" first. For example:
malvern pa to breeze way circle olney md
-
Type in a business name and city to find directions to the
business, like:
primavera pizza kitchen, downingtown PA
For more info, see:
http://maps.google.com/support
http://maps.google.com/support/bin/answer.py?answer=68474
http://maps.google.com/support/bin/topic.py?topic=10780--Fred
-
Type 2 street names or highway route numbers separated by the
word "and" to find the intersection of the
roads. For example:
-
Google Maps Routing
Original Version: 11/11/2007
Last Updated: 1/27/2008At the Google Maps web site, there are lots of ways to get more than simply the default route from one starting location to one final destination. You can also:
-
Drag the blue route line on the map to force it to take a
different route.
- Very useful if you prefer to use US 1 instead of I-95 to get from Pennsylvania to Maryland, for example.
- The distance and time estimate are constantly updated as you drag, so you can quickly consider and discard alternatives.
-
Use Alt-Left or the Web browser's Back button to
return to the previous route.
-
Click on a step number in the directions to see a blowup of that turn.
-
Click "Add destination" to add an additional
destination. You can use that to plan out an entire
delivery route or series of errands, with directions from each
stop to the next. Or just drag the blue route line to an
intermediate destination to insert another stop.
-
Drag a destination up or down in the list of directions to
change the order of your stops.
-
Click the Edit button next to the starting point or a
destination in the list of instructions to change to a
different address.
-
Type 3 or more addresses separated by the word "to:"
(with a colon) to quickly create a route from one place to a
second, to a third, etc. For example:
malvern pa to: breeze way circle olney md to: annapolis md
-
Click "Avoid Highways" to take the scenic route.
-
There used to be some fun things at Google Maps,
also. A while back, I was directed by my brother Tom,
and by Lorri Benyaker, and by Helen Loiacono, to check out
step #23 of:
http://maps.google.com/maps?q=new+york+to+paris
where it said:
22. Turn right at Long Wharf 0.1 mi
23. Swim across the Atlantic Ocean 3,462 mi (29 days 0 hours)
24. Slight right at E05 0.5 mi (2 mins)
However, someone has since removed that, and you now get a much more boring page that says:
We could not calculate driving directions between new york and paris.
For a complete copy of the old directions, see:
http://hubpages.com/hub/Driving_directions_to_Paris__France
Anyone know of any fun ones that are still in there?
For more info, see:
http://maps.google.com/support
http://maps.google.com/support/bin/answer.py?answer=68475--Fred
-
Drag the blue route line on the map to force it to take a
different route.
-
Google Maps Satellite View
Original Version: 11/11/2007
Last Updated: 1/27/2008At the Google Maps web site, you can:
-
Click "Satellite" to see a satellite photo of the
area.
- Click the "Show labels" checkbox that drops down from the "Satellite" button to hide/show street names and other labels superimposed on the photo.
For more info, see:
http://maps.google.com/support/bin/answer.py?answer=68476
--Fred
-
Click "Satellite" to see a satellite photo of the
area.
-
Google Maps Street View
Original Version: 11/11/2007
Last Updated: 1/27/2008At the Google Maps web site, you can:
-
Click "Street View" to see a draggable, zoomable,
rotatable view of what it looks like as you drive along that
route in your car.
- This is similar to Google Earth, except that it uses photos taken by an actual car driving around, not taken from a satellite, so the detail is much better.
-
Blue
outlines on the map show which areas have Street View data.
It's not yet available in all areas.
-
Use the regular Google Maps navigation features to drag,
zoom, etc.
-
Pivot to look in a different direction via the curved
arrow buttons above the zoom slider.
- Click the white arrows laid along the street to move along the street as though driving.
Note: Street View is not yet available in all areas. Blue outlines on roads in the map show where it's available. For Philadelphia, see:
http://maps.google.com/maps?q=phila&layer=c
For more info, see:
http://maps.google.com/support/bin/answer.py?answer=68476
http://maps.google.com/support/bin/topic.py?topic=11640--Fred
-
Click "Street View" to see a draggable, zoomable,
rotatable view of what it looks like as you drive along that
route in your car.
-
Google Maps Traffic View
Original Version: 11/11/2007
Last Updated: 1/27/2008At the Google Maps web site, you can:
-
Click "Traffic" to see color-coding of roads
based on current traffic conditions:
- Red = heavy traffic (0-25 25 mph)
- Yellow = slow traffic (25-50 25 mph)
- Green = normal speed (50+ mph)
- Gray = no traffic information is currently available
Note: Traffic info is not yet available in all areas. Small traffic light icons with red, yellow and green lights show areas where it's available. For Philadelphia, see:
http://maps.google.com/maps?q=phila+&layer=t
For more info, see:
http://maps.google.com/support/bin/topic.py?topic=11430
--Fred
-
Click "Traffic" to see color-coding of roads
based on current traffic conditions:
-
Google Maps Terrain View
Original Version: 11/11/2007
Last Updated: 1/27/2008At the Google Maps web site, you can:
-
Click "Terrain" to see a view that emphasizes the
hills, valleys, and other terrain.
So far, this view is pretty high level, and not all that useful, but stay tuned...
--Fred
-
Click "Terrain" to see a view that emphasizes the
hills, valleys, and other terrain.
-
Google Maps Search Nearby
Original Version: 11/11/2007
Last Updated: 1/27/2008At the Google Maps web site, you can search for restaurants or other businesses near a certain location. I do this often to choose a restaurant for lunch near where someone works, or any other location of interest.
You can:
-
Type a class of business, the word "near" or
"in" and a location. For example:
pizza near malvern pa
pizza in malvern pa
-
Or, click "Search nearby" or "Find businesses"
after viewing a map.
-
In either case:
- The list of nearby restaurants includes their addresses and phone numbers.
-
Each restaurant is shown on the map via a location
tag.
-
Click on the location tags or the listed restaurant names
to:
- See a link to their Web site, to find menus, hours of operation, etc.
- See reviews written by other people
- Write a review
- See Web pages (food magazines, etc.) that talk about the restaurant
- Get free printable coupons for discounts at the restaurant
- etc.
For more info, see:
http://maps.google.com/support/bin/answer.py?answer=17106&topic=10780
or the hokey video at:
http://google.com/help/maps/tour/
--Fred
-
Type a class of business, the word "near" or
"in" and a location. For example:
-
Google Maps Shortcut
Original Version: 11/11/2007
Last Updated: 1/27/2008Like my google.bat file described at Google Search Shortcut, I have a one-line batch file called maps.bat that I use to quickly access Google Maps, specifying parameters on the Windows command line. The entire contents of maps.bat is:
@start http://maps.google.com/maps?q=%1+%2+%3+%4+%5+%6+%7+%8+%9
This allows me to type things like:
maps king street and us 30, malvern
maps malvern pa to breeze way circle olney md
maps primavera pizza kitchen, downingtown PAat the command line, without having to start a browser and navigate to Google Maps first. I can use Google Maps in one simple step without even leaving the Windows command line.
I also have a batch file called traffic.bat that I use to quickly check traffic conditions. It looks like:
@echo off
rem Note: Need quotes to hide ampersand from Windows command line interpreter
rem that would otherwise interpret it as a command separator.
rem Note: Need quoted name ("dummy") to provide a dummy name to the START
rem command which always treats the 1st param as a name instead of a
rem command if it's enclosed in quotes.
start "dummy" "http://maps.google.com/maps?layer=t&q=%1+%2+%3+%4+%5+%6+%7+%8+%9"and it lets me type commands like:
traffic phila
traffic malvernAny other favorite Google Maps tricks to share?
--Fred
-
Google Maps Assorted Tips
Original Version: 6/23/2021
Last Updated: 6/23/2021Google Maps keeps adding new features. It's been over a decade since I wrote the above tips about it. They all still work, though some of the URLs and controls have changed a bit. Here's a PC Magazine summary of some great new features added since then:
It includes things like the following, with instructions for desktop/laptop, tablet, Android, iPhone, etc:
-
Add stops along a navigated route
-
Search for gas stations, charging stations,
restaurants, hotels, etc., along a route
-
Ask spoken questions about the route while driving,
like ETA, next turn, where's a gas station, traffic
conditions ahead, etc.
-
Download maps for offline access.
There are lots of places where your phone can still get
a GPS signal, but can't reach a cell tower to get
maps.
If you downloaded the maps in advance, it can still
show your position on the maps, do full navigation
with turn-by-turn directions, etc.
-
Measure distance along a path you draw
-
Measure enclosed area of a shape you draw
-
Augmented Reality walking directions -- show the real
world with directions superimposed
-
Drag/drop the route to change it
-
Street View -- see images of houses, businesses,
or scenery along the roadside
-
Historical street views -- see how a location has
changed over the years.
My house has been photographed 6 times since 2007,
so I can see the trees getting bigger, changes I've
made to the property, etc.
-
Mass Transit -- see the bus and train lines,
click on stations, see schedules, wheelchair
accessibility, etc.
-
Bicycle directions
-
Uber/Lyft support -- which services are available
at this location, how long till pickup, estimated
cost, etc.
-
Parking -- how hard will be be to find a parking spot
when you get there, save/find where you parked
-
Google Maps History -- show a map of where
you've traveled with your phone over time.
- See a year, month or day at a time
-
Mine shows:
- Small-scale things like where I walked, stores I stopped at, etc., when visiting a beach town
- Medium-scale things like the route I took on any given day for my daily 10-mile bike ride, when I started/stopped, how long it took, where I got that flat tire, etc.
- Large-scale things like the routes I followed on my various 5-week road trips to US national parks, with details of miles driven each day, sights I saw, where I stopped for meals, hotel, campground, etc.
- Even when not navigating, or explicitly running the Maps app
- You can block this data collection, or have it auto-delete every few months, if you're worried about privacy
-
Personally, I love that I can still go back, several
years later, and re-visit my road trips, seeing where
I went, what I saw, even using Street View to see it
again.
-
Incognito Mode -- navigate, or just browse maps, without
being tracked
-
Share your location with a friend, so you can see each
other moving on a map, find each other at a crowded
location, track each other heading to a
common destination, etc.
- Add your own Street View images
Any other favorite Google Maps tricks to share?
--Fred
-
Add stops along a navigated route
-
-
Google Voice
Original Version: 1/26/2014
Last Updated: 1/7/2019Google Voice is a great free phone service. Some highlights:
- Totally free service. No credit card. No charges.
- You get to pick your own new phone number (free), or can move an existing number to Google Voice (one time $20 porting fee).
-
You tell it where to send
incoming calls:
- To your existing cell phone
- To your existing home phone
- To your laptop, so you can use the built-in microphone and speakers, or a headset, or whatever
- To all of the above
- etc.
-
You can set up rules for incoming calls, based on
time of day, who's calling, etc:
- Ring my work phone till 5pm and home phone after that
- Ring my cell phone only for my wife and close friends
- Play the "The number has been disconnected" message for telemarketers
- etc.
- Any incoming call rings at all of the specified places, and the first place you answer stops the ringing at the others
- You can make outgoing calls too, from your laptop. Go to:
- Other incoming calls while you are on the phone can be joined to the current call to create a conference call
-
When you don't
answer, you get an email with an audio recording of any message
left by the caller, and a text transcript of what they said,
as best as Google's voice recognition can do. You can do these
things to such transcripts:
- View/sort/delete them like a list of email messages
- Click to call the person back
- Click to text the person back
- Edit the transcript, to corrrect whatever Google might have gotten wrong
- Add notes to the transcript
- Cut/paste from them instead of having to take notes
- Visually skim, jumping past the long chatty parts
- Block the caller
- Email the audio recording and transcript to someone
- Download the audio recording to your computer
- Embed the audio recording in a Web page, with an optional caption
-
You can screen
calls, exactly like you used to do on your old answering
machine, and as you can probably no longer do on your current
cell phone. When the call comes in on your laptop, you can
choose to:
- Answer
- Ignore (send to voicemail, so you'll get an email)
- Screen (listen in on the call, as the caller is leaving a message, and "pick up" at any time, or let the message go to voicemail)
- If you install the Google Voice app on your Android phone, you can make free US calls. Uses "data" (which I still have unlimited, grandfathered by Verizon), but no "minutes". Can also make cheap international calls (Michel van der List calls his mother in Holland for $0.02/min). Thanks for the tip, Michel!
- Much better reception at my house than my cell phone
Check it out at:
https://www.youtube.com/embed/cOZU7BOeQ58/?rel=0&cc_load_policy=1&autoplay=1
It's been around for a couple of years, and is still free. I'm glad I finally signed up, at the suggestion of Brian Clapper.
Some caveats/warnings:
-
Be sure to explicitly enable SMS (text messages) to your cell
phone if you want them to go there:
- Google Voice | gear at top right | Settings | Phones | Receive text messages on this phone
- Support for MMS (pictures/video) is sketchy. See:
- Windows IE11 may require a plugin for outgoing calls. Steve Weitzman had to download one that was described at the Gmail page, but not mentioned at the Google Voice page.
-
Brian Meadows warns:
- Doesn't work well if you live in Maine -- no local numbers available when he tried.
- Don't try to register a cell phone when in a dead zone -- can't accept the confirmation call.
Any other Google Voice features or caveats/warnings to share? Contributors to this tip:
Brian Clapper
Michel van der List
Steve Pozun
Tom Stluka
Tim Harrison
Steve Weitzman
Brian Meadows--Fred
-
Google Finance
Original Version: 11/11/2007
Last Updated: 11/29/2007Google Finance is a great financial Web site. Lots of useful info, and the typical Google flair for making it interactive and easy to use. Go to:
The main page shows the day's graphs of Dow Jones, Nasdaq, etc, as well as recent news headlines, sector summaries, top movers, etc. It also shows quotes for specific stocks and funds you've searched for recently, as well as news headlines about them, etc. It's a great one-page summary of your personal financial interests.
Enter a stock or fund ticker symbol or company name to see the graph of its price, along with news headlines plotted along the graph to perhaps explain the ups and down. Also, financial summary, links to discussions, blogs, list of related companies and their prices, etc.
Drag the graph to see a larger, smaller, or different date range of prices. Or click the various presets (1 day, 5 day, 1 month, 3 months, 6 months, YTD, 1 year, 5 year, 10 year, max).
Click "Historical Prices" to see tables of price data, showing open, high, low, close and volume, daily or weekly. Click "Download to spreadsheet" to download the data in CSV (comma-separated values) format, saving it to disk, or opening it directly in Microsoft Excel or your favorite spreadsheet.
Click the checkboxes to see comparative graphs with various indexes, and with up to 4 other companies. Or enter multiple stock or fund ticker symbols in the main search box to see a comparative graph of more than 5 companies.
You can also log in with a username and password to create and edit portfolios of stocks and funds that you want to track.
Like my google.bat file described at Google Search Shortcut, I have a short batch file called finance.bat that I use to quickly access Google Finance, specifying parameters on the batch file command line. The entire contents of finance.bat is:
@if not "%1"=="" start http://finance.google.com/finance?q=%1+%2+%3+%4+%5+%6+%7+%8+%9
@if "%1"=="" start http://finance.google.comThis allows me to type things like:
finance
finance brk.b
finance goog
finance general electricat the command line, without having to start a browser and navigate to Google Finance first. I can use Google Finance in one simple step without even leaving the command line. I can also pass it multiple ticker symbols, as:
finance goog yhoo ebay cmcsa
to compare multiple companies.
Similarly, I can use this syntax in Unix scripts, Windows batch files, browser bookmarks/shortcuts, desktop shortcuts, etc. to do my favorite combinations of companies.
Any other favorite Google Finance tricks to share?
--Fred
-
Google Alerts
Last Updated: 11/18/2007
Google Alerts is a great way to keep informed about a particular topic. Go to:
Here you can enter the search words for any Google search. Instead of doing the search immediately and only once, it does the search continuously and e-mails you the results. Each time the Google search engine finds a new page that matches the search, it mails you a link to the new page.
You can specify whether such additional matches should be sent to you as soon as they are discovered, or batched up into daily or weekly messages. You can also limit the search to news sites, blogs, video, etc.
You don't need a Google account, and don't have to specify a Google GMail address. You can use Google Alerts with any e-mail address. Each arriving e-mail comes with a link to click if you want to cancel the alert. However, if you do create a Google account and log in to it, there are additional tools for managing your alerts: changing the frequency, switching between HTML and plain text e-mails, etc.
You can use Google Alerts to watch a developing news story, do a continuous "vanity search" (search for your name on the Web), monitor a local sports team, etc.
You may want to set up a filter for the incoming e-mail though, as it could be a lot of mail.
So that other people can't set up alerts for your e-mail address and flood you with unwanted messages, there's a confirmation step. When you create a new alert (or someone else creates one for you), it immediately sends you an e-mail containing a link you must click on to confirm that you really want the alert. Furthermore, once you have received 10 such confirmation messages for 10 different alerts, and have not confirmed them, it won't bother you any more.
For more info, see:
http://www.google.com/support/alerts/bin/static.py?page=faq.html
--Fred
-
Google News
Last Updated: 11/18/2007
Google News is a great way to see the latest news of the world, or one of 40-50 specific countries. Or you can search for news on a city or smaller region. I haven't compared it much with other news sites and news aggregators, but I'm impressed. Check it out, at:
The main page shows recent top stories, as well as categories like: World, US, Business, Sci/tech, Sports, Entertainment, Health, etc. It's offered in dozens of languages.
It also offers RSS and Atom feeds for those who prefer their news in that format. And a link to Google Alerts, which sends you e-mail when a new Web page is found that matches the Google Search criteria you specified.
Any favorite Google News tricks to share?
--Fred
-
Google Groups (coming soon...)
Last Updated: 10/27/2007
Coming soon...
--Fred
-
Google Suggest (coming soon...)
Last Updated: 10/27/2007
Coming soon...
--Fred
-
Google Trends (coming soon...)
Last Updated: 10/27/2007
Coming soon...
--Fred
-
Google Froogle (coming soon...)
Last Updated: 10/27/2007
Coming soon...
--Fred
-
-
Google Web Services, no login required
You can invoke the following services from your applications, pulling data from tem to use internally or to display in your own applications, etc. You access them directly from the Google Web site. You don't have to download or install any software, and you don't need a Google login.
-
Google Search API (coming soon...)
Last Updated: 12/12/2008
Coming soon...
--Fred
-
Google Maps API (coming soon...)
Last Updated: 12/12/2008
Coming soon...
--Fred
-
Google Chart API
Original Version: 12/12/2008
Last Updated: 6/13/2010The Google Chart API is a service that generates charts, graphs, plots, maps, etc. from your data.
You invoke it via a URL with the data as URL parameters. It returns a PNG image file of the chart. If the data is static, you can store the generated chart in a PNG file for repetitive use from a Web page later. If you don't want to store the file locally, or if the data is dynamic, you can have Google generate the chart on the fly as you display it. Generation of a chart takes a small fraction of a second.The base URL is:
http://chart.apis.google.com/chart
and you follow it with URL parameters that specify:-
Required parameters:
- Chart width and height, in pixels
- Chart type (line, bar, pie, 3D pie, Venn, Scatter, Radar, Geographic map, Speedometer, etc.)
- Chart data (one or more sets of data points to be plotted, etc.)
-
Optional parameters:
- Chart title text, font size, color, etc.
- Data labels, legend position
- Data colors
- Data scaling to fit the chart size
- Chart axes, ranges, labels, etc.
- Axis label font sizes, colors, alignments, etc.
- Background and data fill patterns, stripes, gradients, etc.
- Line widths and styles, dash lengths, blank lengths, etc.
- Data point markers (arrow, cross, x, diamond, circle, square, text, etc.)
- Priority of data, labels, markers, etc. (when overlapped, which hides which)
- Fill effects (fill with color or pattern above, below, or between data lines)
- Bar spacing, space between groups of bars, etc.
- Continents to show in geographic maps
- Countries to highlight in geographic maps
- States to highlight in US geographic maps
- etc.
- Note:
- There's a very similar product called the Google Visualization
API. Unlike the Google Chart API, it executes locally within
your Web page to generate the image, it allows the user to interact
with the image, and it can pull its data directly from a variety
of data stores. For more info, see:
http://code.google.com/apis/visualization/interactive_charts.html
For a comparison of the two APIs, see:
http://code.google.com/apis/charttools/docs/choosing.html
The Developer's Guide for the Google Chart API, with lots of examples, is at:
http://code.google.com/apis/chart/
Take a quick peek at the pictures on the following pages to get an idea of the types of charts it will do:
http://code.google.com/apis/chart/types.html
http://code.google.com/apis/chart/colors.html
http://code.google.com/apis/chart/labels.html
http://code.google.com/apis/chart/styles.htmlHere are some of the examples:
Right click on any of these examples and choose "Copy image location" to copy the exact URL used to generate the chart. (Or if you are still using Microsoft Internet Explorer, right click, choose Properties, and copy the text of the Address property.)
Since Google Chart API is a Web Service that you can call from a program, there are already lots of Web Apps out there that use it. Some of these exist specifically to provide a simple user interface for you to chart data with. These make it much easier to chart data on the fly without writing a program. They are also useful for experimenting, to decide the exact URL to use within any program you do write. See:
http://www.clabberhead.com/googlechartgenerator.html
http://almaer.com/chartmaker/There are also lots of sites doing cool things with it. You may want to browse these to get some idea of the power behind the simple URL interface:
50 cool things you can do with Google Charts API
http://www.collegeathome.com/blog/2008/06/05/50-cool-things-you-can-do-with-google-charts-api/Bullet graphs
http://dealerdiagnostics.com/blog/2008/05/create-bullet-graphs-with-google-charts-in-7-easy-steps/Calling Google Chart API from Excel (to do types of graphs that Excel doesn't support)
http://www.tushar-mehta.com/publish_train/xl_vba_cases/excel_google_chart_api/index.htmPie charts scattered across a world map
http://blog.thematicmapping.org/2008/04/using-google-charts-with-kml.htmlPie charts generated when you click on a state in a map of the US
http://www.tetonpost.com/sc/Here's a link to my own cryptic cheat sheet documenting (very concisely) many of the features:
GoogleChartAPICheatSheet.htm
Thanks to Matt Brophy for telling me about the new Google Visualization API!--Fred
-
Required parameters:
-
-
Google Web Apps, login required (coming soon...)
-
Google Apps (coming soon...)
Last Updated: 10/27/2007
Coming soon...
--Fred
-
Google Calendar (coming soon...)
Last Updated: 10/27/2007
Coming soon...
--Fred
-
Google Docs
-
Google Drawings
-
Google Drawings Keyboard Shortcuts
Last Updated: 9/28/2012
Here is a list of some of the more useful shortcut keys for Google Drawings:
http://bristle.com/Tips/GoogleDocs/GoogleDrawings/keyboard.lis
--Fred
-
-
-
Google GMail (coming soon...)
Last Updated: 10/27/2007
Coming soon...
--Fred
-
Google Talk (coming soon...)
Last Updated: 10/27/2007
Coming soon...
--Fred
-
-
Google Installed Apps
-
Google Now
-
Talking to Android, Chrome, or iPhone/iPad
Last Updated: 10/26/2014
Here's a quick explanation of how to talk to your Android phone, Chrome browser (phone, tablet, laptop, desktop), iPhone, or iPad.
I've been talking to my Android phone for almost 5 years now, long before "Siri" appeared on the iPhone, but no one seems to advertise the features of Android phones the way Apple does for the iPhone, so lots of people have Android phones and don't even know they can talk to them.
With older Android phones, you had to download and install an app to make it work, but these days it's pre-installed. Watch for the microphone icon to appear near a text box or in the keyboard. Press it and start talking.
If you have the "Google Now" app installed on your Android, or in your Chrome browser, or on your iPhone or iPad, it's even easier. Just say "OK Google" and then continue talking.
I've used these phrases for years:
- Call Mom
- Dial 800-555-1212
- Text Mike Stluka On my way
- Note to self Buy milk (sends me gmail)
- Navigate to 630 Lancaster Ave, Frazer PA
- Navigate to John's Pizza, Frazer PABut it knows tons of others, for setting reminders, checking voicemail, checking your calendar, checking the weather, calculating tips, translating to other languages, taking pictures or videos, finding nearby gas stations, identifying music, etc.
Here are some lists of other standard phrases it knows:
- https://www.google.com/search?q=google+now+phrases
- https://support.google.com/websearch/answer/2940021?hl=en
- http://trendblog.net/list-of-google-now-voice-commands-infographic/Also, it does the conversational thing where you can just ask a free form question and it speaks an answer back to you.
Try it out! Let me know if you discover any particularly cool or useful ones.
--Fred
-
-
Google Pack (coming soon...)
Last Updated: 10/27/2007
Coming soon...
--Fred
-
Google Desktop (coming soon...)
Last Updated: 10/27/2007
Coming soon...
--Fred
-
Google Earth (coming soon...)
Last Updated: 10/27/2007
Coming soon...
--Fred
-
Google SketchUp (coming soon...)
Last Updated: 10/27/2007
Coming soon...
--Fred
-
-
Google Phone Services
-
Google 1-800-GOOG-411
Original Version: 10/27/2007
Last Updated: 1/26/2020Ever hear of "Google 411"? About 15 years ago, instead of dialing 411 for paid directory assistance, you could dial 1-800-GOOG-411. It was free and fully automated. You spoke the names of a city, state and business. It did voice recognition and replied with "Did you say ...?". You confirmed yes/no, training its AI, and it spoke the phone number you wanted.
For the consumers, it was free, fast, and useful. And Google got free training for its voice recognition system. Soon, they released "OK Google" on Android phones, and it was already VERY good at recognizing the speech of all sorts of people, with all sorts of accents, in all sorts of noisy environments. Genius!
Eventually, Google shut it down. Their AI was trained well enough. And everyone was finding phone numbers on the web instead of calling 411 anyhow. Or didn't need phone numbers at all because they could just talk to their Andoroid phones (and years later, iPhones via "Siri"), sayings things like "Call the local movie theatre".
--Fred
-
-
Google.org -- The Philanthropic Arm of Google
Original Version: 12/4/2007
Last Updated: 2/27/2021Have you seen the "Philanthropic Arm of Google"? Check out the Google Foundation:
http://google.org
(.org, not .com)Founded by Google in 2004 with an initial grant of $90 million. By 2007, it was funded with $2 billion in Google stock. Gets 1% of Google/Alphabet's profit each year. Fits nicely with Google's corporate philosophy of:
Don't be evil
I find it amazing that Google has poured so much money into charities without any fuss. Other big companies name their charitable foundations after their CEOs and wives. And make a big fanfare each time the company gives money to the foundation, as well as each time the foundation gives that SAME money to a charity. Double-dipping!
You've been to http://google.COM tens of thousands of times by now, right? Had you ever even heard of http://google.ORG? Google quietly documents its philanthropic stuff. Donates $100 million here, $1 billion there, 1 million employee hours to the other, etc. All relatively quietly with few or no press releases.
Just like it keeps adding features to its free tools and Web sites, without patting itself on the back. Word gets around on the merits, not the marketing.
Very admirable!
In case you're wondering, yes I do own Google stock (and you should too), but that's not why I'm such a fan. I was a fan years before the stock became available. I wish I'd bought a whole lot more when I did buy.
Admirable and profitable both -- amazing in today's world!
--Fred
Mozilla Thunderbird
-
Intro to Thunderbird (coming soon...)
Last Updated: 10/31/2008
Applies to: Thunderbird 1+--Fred
-
Thunderbird Shortcut Keys
Original Version: 10/31/2008
Last Updated: 1/9/2012
Applies to: Thunderbird 1+Here is a list of some of the more useful shortcut keys for Thunderbird:
Did I miss any good ones? Let me know.
--Fred
-
Changing font size (coming soon...)
Last Updated: 10/31/2008
Applies to: Thunderbird 1+--Fred
-
Thunderbird RSS feeds
Last Updated: 10/31/2008
Applies to: Thunderbird 1+Like most advanced mail readers these days, Mozilla Thunderbird supports RSS and Atom feeds.
This is a relatively new (since early 2000's or so) way to subscribe to newsletters, blogs, tip-of-the-day services, etc. Instead of one person mailing ("pushing") a copy of each message to all subscribers, each subscriber configures his feed reader to occasionally check for new messages and "pull" them in to the reader. Typically, the message stored in the reader is just a link to the real message, not an actual copy, so if it gets updated before the subscriber sees it, he'll see the latest copy when he does see it. To learn more about such feeds, see:
http://en.wikipedia.org/wiki/Rss
Thunderbird makes RSS as easy as e-mail. Once you subscribe to a feed, it checks periodically for new messages posted to the feed, and shows them to you just as though a new e-mail had arrived, showing a one-line header for each message consisting of the name of the person who posted the message, the subject line, date/time, etc. You can see the full body of the message just like a mail message in the Thunderbird preview pane, or by double-clicking on the header line to open a new window.
To subscribe to an RSS feed in Thunderbird, simply create a new "account" of type RSS instead of type e-mail, and specify the URL of the feed. For example, to see the daily Dilbert comics from the official Dilbert site, as though they were being mailed to you, specify the URL:
http://feeds.feedburner.com/DilbertDailyStrip
BTW, yes, I have created RSS and Atom feeds for some (but not yet all) of my Tips mailing lists. A while back I took on a big project to convert all of my Tips pages from HTML to XHTML, and use XSLT to automatically generate the TOCs, as well as RSS and Atom feeds. It's mostly working, but I haven't yet converted all the pages, and switched to that mode. Hopefully, some day soon...
--Fred
-
View Message Source (coming soon...)
Last Updated: 10/31/2008
Applies to: Thunderbird 1+--Fred
-
Address Completion Speed
Last Updated: 1/29/2009
Applies to: Thunderbird 1+Is Thunderbird getting to be slow at auto-completing addresses?
I've used Thunderbird for years, but recently it's sometimes very slow (10+ seconds) to auto-complete an e-mail address that I've started typing. Here's the fix.
Apparently, there was a bug in Thunderbird 1.5 that is fixed in 1.5.0.8 and later versions, so I suggest you upgrade to the latest version at:
However, it may still be slow until you clean up your Thunderbird config file (prefs.js).
The bug was writing bogus lines to the config file. Over time, you may have accumulated hundreds of such lines. The delay occurs as Thunderbird (even the latest version) scans all of these bogus lines and tries to look up addresses in the non-existent address book files and LDAP servers they refer to. To speed it up, delete all lines in your prefs.js file that contain either of the strings:
servers._nonascii_
servers.user_directory_Ah... Much better... Now very snappy again!
Details at:
http://kb.mozillazine.org/Long_time_to_open_address_book
--Fred
YouTube
-
Link to a specific time in a YouTube video
Original Version: 2/18/2015
Last Updated: 3/21/2020Want to send someone a link into the middle of a YouTube video?
Instead of sending them a link to the start of a video, like:
send them a link to a specific time in the video by adding the t (time) parameter to the URL, as:
Thanks to Ricky Pifer for showing me this one!
Or better yet, send them a link to a specific start and stop time in the video via the start and end URL parameters (expressed as a count of seconds):
Note: For some reason, this only works with the "embed" form of the URL. So the following does NOT work. It starts at the right time, but plays all the way to the end:
Note: For some reason, this only works with the fully qualifed domain name "www.youtube.com". Not with simply "youtube.com". And not with "youtu.be".
Thanks to Alex Yankelevich and Danielle Capalbo for inspiring me to research this further!
--Fred
-
Interactive Transcripts, Speed, and Translation at YouTube
Original Version: 6/11/2017
Last Updated: 3/7/2021Looking for a way to watch YouTube videos more efficiently, without having to sit through the entire thing at normal speed? Want to see a transcript or subtitles showing the words being spoken? Want to see them translated to a different language? Check out these cool YouTube features:
-
Interactive Transcripts
This allows you to easily skip around to different parts of a talk on YouTube, backward and forward.
I started seeing it a few years ago, but then it seemed to vanish. Today I discovered it again, tucked away as an option that doesn't happen automatically.
When viewing a YouTube video that is largely one or more people speaking, look for the "... More" button below the video. Click it, then choose "Transcript" (which occurs on some, but not all videos), then click "English (Automatic Captions)" or "English - CC" or "English (auto-generated)" -- different videos seem to have different choices. If that doesn't activate the transcript, it may drop down a menu from which you have to choose "English (Automatic Captions)" again.
This causes a scrolling transcript to appear, with timestamps next to each line of text. You can watch it scroll by and read what the people are saying. But, much more powerful, if you get bored, you can scroll ahead, reading what they are going to say, find a more interesting part and click in it. The video will immediately jump to where the person is saying that line of text. It's a great way to get the most out of a talk without having to sit through the boring parts.
You can even search the text of the transcript via Ctrl-F on Windows or Cmd-F on Mac. Then click the line of text to jump to that part of the video. And can copy/paste from the transcript if you want to take notes. Nice!
-
Speed Controls
Want to listen to the entire talk, but at a higher speed? Click the settings cog icon below the video, and set the speed to 1.25, 1.5., or even 2. The speakers talk faster, but it's still easy to follow what they are saying.
-
Subtitles
Want to see subtitles (closed captioning)? Hit the letter "c" while watching the video. Or you can turn it on via the settings cog icon.
-
Translated subtitles
Want to see the subtitles in a different language? Click the settings cog icon, choose "Subtitles/CC", then choose "Auto-translate" and pick from one of the 100 or so languages offered. Note: You may have to switch from "Off" to "English" first, to get the "Auto-Translate" option to be enabled.
Any other cool YouTube features you want to share?
--Fred
-
Interactive Transcripts
-
Search LinkedIn
Original Version: 2/21/2020
Last Updated: 2/21/2020Want an easy way to search LinkedIn for someone by name? Or for a person that you know something about, but not their name? Or for anyone at a specific company?
I usually do it from the command line of my Mac via this script. I just type the following to pop up a new browser window at LinkedIn showing the results of a search for Fred Stluka:
- li fred stluka
And to find people who work, or used to work, at Raytheon, I type:
- li raytheon
But if you prefer to point and click, you can go to LinkedIn, click into the Search box, click "People", click into the Search box again, type "fred stluka", and click his name in the dropdown.
And for companies, go to LinkedIn, click into the Search box, click "Companies", click into the Search box again, type "raytheon", and click "Raytheon in People" in the dropdown.
Either way, command line or point and click, once you have some search results, you can can refine your search. Click "All Filters" for a screen where you can specify detailed search criteria. For example, on the People search page, you can optionally specify any/all of the following (scroll down on the search page to see all the text fields and groups of checkboxes):
- Person connected to
- Degrees of connection (1st, 2nd, and/or 3rd)
- Geographic locations
- Current companies
- Past companies
- Industries
- Languages
- Schools
- Interests
- Services
- First name
- Last name
- Title
- Company
- School
Hey! Now that you've found me, you might as well click "Connect"!
2/21/2020 Update
Thanks to Phil Hostetter for asking whether this tip is useful for retirees! I'd forgotten to mention that. My answer is:Absolutely! As a retiree, you have tons of free time, and want to connect with old colleagues from years gone by, right? LinkedIn is much better at that than Facebook or other social media. You can specify the person's name, company name, etc., and find them. Also, people are more likely to post their real picture at a professional site like LinkedIn. At Facebook, too often, they use a picture of their cat!
I'm planning a road trip to Massachusetts, where I used to live and work. I just used this tip to find Bob France from 35 years ago! That's what inspired me to mail out the tip.
--Fred
-
Search Twitter
Original Version: 3/1/2020
Last Updated: 3/2/2020Want to search Twitter for a specific tweet?
I usually do it from the command line of my Mac via this script. I just type any of the following to pop up a new browser window at Twitter showing all tweets by Fred Stluka, in order of date, most recent first:
- tw fred
- tw -f fred
- tw --from fred
Or all tweets by Donald Trump on November 6, 2012:
- tw -f @trump -a 2012-11-06 -b 2012-11-07
- tw --from @trump --after 2012-11-06 --before 2012-11-07
For all tweets mentioning Fred Stluka:
- tw @FredStluka
Tweets with hashtag #DontBeATrump or #MakeAmericaHonorableAgain that mention Fred Stluka or Senator Schumer, and contain the phrases "pesky little", "critters from climbing", "razor wire", "pest strips" and the word wall or fence, but not the word moat:
- tw "#DontBeATrump OR #MakeAmericaHonorableAgain" "@FredStluka OR @SenSchumer" "pesky little" "critters from climbing" "razor wire" "pest strips" "wall OR fence" -moat
But if you prefer to point and click, you can go to Twitter, click the Magnifying glass on the left, click into the Search box that appears, type "FredStluka", click "Search for 'FredStluka'" in the dropdown that appears, click the "..." that now finally appears next to the search box, click "Advanced search" in the dropdown that appears, and you'll see a screen where you can specify detailed search criteria.
Then you can optionally specify any/all of the following (scroll down on the search page to see all the text fields and groups of checkboxes):
- All of these words
- This exact phrase
- Any of these words
- None of these words
- These hashtags
- Language
- From these accounts
- To these accounts
- Mentioning these accounts
- Tweets, replies, or both
- Tweets with links, without links, or both
- Minimum number of replies
- Minimum number of likes
- Minimum number of retweets
- Date range
And finally click "Search".
Hey! Now that you've found me, you might as well click "Follow"!
After you've filled out all the fields for your search and clicked the "Search" button, you can see the textual specification of your search criteria. The syntax is pretty obvious, with spaces between various clauses that are all required, "OR" used in parentheses for alternatives, "-" used for not, # for hashtags, @ for mentions, "from:" for tweets from a person, "to: for tweets to a person, etc. Once you get the hang of it, you can edit that syntax directly to do much more powerful searches then the form allows.
In fact, you kind of have to, unless you get your search criteria exactly right on the 1st try. If you go back to the form to make changes, the form clears itself and you have to start over. So it's much easier to edit the textual query directly, tweaking it till you get it right.
You can see the same syntax on the generated URL. I used that to create my tw script. It assembles the URL directly from the various search criteria specified on the command line. Then goes directly to the Twitter search results page, bypassing the form and all the clicks it requires.
Personally, I use this mostly to find my old tweets. And to find out whether Trump really did tweet a specific stupid, offensive or obnoxious thing on a specific date. It's useful to confirm that he DID, but not useful to prove he did NOT because he deletes a lot of his more idiotic tweets.
--Fred
Internal Revenue Service (IRS) documents
Original Version: 3/25/2008
Last Updated: 5/15/2021
Applies to: Internet, World Wide Web, IRS
You can directly download documents (publications, forms, and instructions) as PDF files from the IRS Web site. This is handy if you prefer paper to electronic filing. No more running to the Post Office or Library for paper copies of various forms.
Also, the forms are typically editable PDFs, so you can fill them out electronically, then print them and mail them in. This is handy if you prefer paper, but want to keep an electronic copy of the form you filled out, rather than just a paper copy. It also makes them more legible, and saves you from having to start over if you make mistakes that you can't erase.
Warning: Save your changes via the Adobe Reader toolbar button, not the browser File | Save Page As menu. See details below.
If you know which documents you want, you can choose from the sortable, searchable list at:
http://apps.irs.gov/app/picklist/list/formsInstructions.html
Otherwise, you can browse by category at:
http://www.irs.gov/forms-instructions
You can search for forms for previous years (past 100 years or so, plus 1864) in the sortable, searchable list at:
http://apps.irs.gov/app/picklist/list/priorFormPublication.html
You can view the instructions as regular Web pages (HTML) instead of PDF, at:
http://www.irs.gov/instructions/
The filenames of the PDF files are mostly systematic, with prefixes "p", "i" and "f". For example:
p526.pdf Publication 526: Charitable Contributions f1040.pdf Form 1040 i1040.pdf Form 1040 -- Instructions f1040sa.pdf Form 1040 Schedule A i1040sca.pdf Form 1040 Schedule A -- Instructions (OK, some inconsistencies...) f1040sb.pdf Form 1040 Schedule B i1040sb.pdf Form 1040 Schedule B -- Instructions f8889.pdf Form 8889: HSAs i8889.pdf Form 8889: HSAs -- Instructions etc.
Therefore, you can bypass the list pages and create bookmarks, favorites, desktop shortcuts, etc. that link directly to specific documents, via URLs like:
http://www.irs.gov/pub/irs-pdf/f1040.pdf
http://www.irs.gov/pub/irs-pdf/i1040.pdf
etc.
See the complete list of filenames at:
http://www.irs.gov/pub/irs-pdf/
and the complete list of forms from previous years at:
http://www.irs.gov/pub/irs-prior/
Since I generally prefer to work from the command line, I wrote a batch file called irsdoc.bat that I use as:
irsdoc f1040
irsdoc i1040
etc.
You can download it here.
When I moved from Windows to Mac in 2009, I re-wrote and enhanced it as a Unix shell script called irsdoc.
You can download it here.
I've used TurboTax for the past 2 years, so I don't need to download forms anymore. But I still always use my irsdoc script a few times to quickly view a form or its instructions. It's sometimes easier to look up a detail that tells me to not bother going down the path where TurboTax is leading me.
If you're interested in the history of income taxes in the US, you may also enjoy this link -- the tax form used in 1864:
http://www.irs.gov/pub/irs-prior/f1040--1864.pdf
Looks like it was the first year of income tax. It cites a law passed in 1863. Much less complicated than today's form, but surprisingly similar -- graduated tax, personal exemption ($600), lower rate for tax on US bonds, married filing jointly or separately, marriage penalty, orphans get a break, expenses deductible, etc.
There's a big gap in years from 1864 - 1913. According to:
http://www.infoplease.com/ipa/A0005921.html
and:
http://en.wikipedia.org/wiki/Income_tax_in_the_United_States#History
that's because the tax was enacted to support the war effort during the Civil War, but later challenged and dropped until the 16th Amendment in 1913.
Both of the above are interesting to read. Wars have typically caused higher tax rates -- sometimes over 90%. Wow!
-
Thanks to Brian Clapper for showing me the complete list of previous year
forms.
-
Some forms not printable
Thanks to Wayne Keyser for reminding me that there are a couple of forms that you cannot get this way. For some reason, they use special ink and/or paper, and you must order them from the IRS by telephone two weeks before you need them. For example: Form 5500 and Form 1096. You can download copies, but you are immediately warned that you are not allowed to use them. What a drag!
[2012 update: Form 5500EZ is now downloadable and usable. Form 1096 still says you can't use it.]
[2021 update: Form 1096 still says you can't use it. Now tells you about a web site where you can order paper copies of the form, and about how to file the form electronically. I have no idea what's so special about this form that they won't let you print it and file it like other forms.]
-
Don't save edited PDF from browser
Thanks to Geoff Rhine for the warning about saving from the browser menu instead of the Adobe Reader toolbar.
[2012 update: Still a problem on any browsers or operating systems? I haven't tried it in years. The details below are from 2008.]
If you have the Adobe Reader plugin installed, the PDF document may open directly in the browser instead of prompting you to open it with Adobe Reader or save it to disk. In that case, after making your changes, be sure to save via the Adobe Reader toolbar button, not via the browser's File | Save Page As menu or Ctrl-S, because that may save only the original page, not the edited version, so you may lose your edits. This seems to be a problem with browsers like Firefox and Netscape that go back to the server for a fresh copy of the page before saving. Internet Explorer saves the local copy, which does include your changes.
I didn't notice this problem myself because I generally download a file first, put it in a known location on my hard drive (where it will be found by my backup software), then edit it outside of the browser. It is generally a good idea to take these explicit steps when working with Web stuff because you're not safe till you have a local copy in a known location. Otherwise, things sometimes save back to the Web cache, where you may not be able to find them, and where they are subsequently deleted without warning to make room for new temporary files. Or they try to save into a readonly e-mail attachment, or the temporary file created for that attachment. Always save the attached file or downloaded file first, then re-open the file directly, and edit it.
--Fred
Audio/Video Tips
-
Pause while downloading to fill the buffer
Last Updated: 4/26/2008
Problem: Tired of having audio or video streams start and stop during playback?
Solution: Pause it until the buffer is full, then resume playing.
When you are playing streaming audio or video from a Web site like YouTube, the data begins downloading and is buffered locally. Meanwhile, the playback begins immediately, playing the buffered data. If the download is too slow, the playback runs out of buffered data and pauses for a while, until the buffer begins to fill up again. This can lead to an erratic, annoying, start, stop, start, etc. during the playback.
If this happens, click the pause button that most players display on the screen, and watch the graphical indicators. Often there are two. On YouTube, there's a slider that shows haw much has been played, and a red bar underneath it that shows how much has been downloaded. Pause until the red bar gets well ahead of the slider. Then resume for a smooth and continuous playback.
--Fred
Internet Music
-
Pandora.com custom streaming radio
Last Updated: 11/14/2008
Pandora.com is a Web site that allows you to easily create and listen to your own music mix. It's like having your own custom radio station, for free.
Check it out at: http://www.pandora.com/
No special software required. Use any browser that supports the Adobe (was Macromedia) Flash Player.
You start by seeding it with the names of a few artists and/or songs you like, and it starts guessing what else you'd like, and playing it while showing you the title and artist. As it's playing, you can give each song a thumbs up/down to tune your preferences.
You can create multiple stations with different preferences, for your different moods.
You can share your radio stations with other people, so they can listen to them, browse your initial seeds and your thumbs up/down. When they start voting, it offers to let them create their own station which is initially a clone of yours. They can not vote on your copy of the station.
You can search for a station created by a friend, and listen to it, browse their initial seeds and their thumbs up/down, and make your own copy, even if they never explicitly shared it with you. For example, under the Share menu, you can search for a shared station, and enter my e-mail address to see my stations. Right now, I'm starting to tune a clone of a friend's station, so it doesn't necessarily reflect my tastes yet, but hopefully soon...
You can search for existing stations that contain a specific artist or song, browse the settings of that station, and make a copy.
Pandora does keep track of which songs it plays, so that it can make the appropriate payments to the artists, but they claim to not sell any personal info about you. They are supported by the ads they display in their window, which I typically have minimized, except when I'm voting on a song.
According to James Higgins (I haven't tried it yet), you can use a free Pandora iPhone app to stream the same stations to your via cellular or WIFI network.
For more info, see:
http://blog.pandora.com/faq/Thanks to Jim Gadrow for pointing me to Pandora, and sharing his station with me!
BTW,
--Fred
Internet News Sites
-
US Newspaper Front Pages
Last Updated: 2/2/2009
Want to see the local news in a US city?
By now, everyone knows the URLs of USA Today, the Washington Post, New York Times, etc. Also, most of us read our news at Web sites like CNN.com that have no printed newspaper, or at other sites more focused on our specific interests. But, what if you want to see the headline news in a specific city and don't know the URL? Sure you could Google it pretty quickly, but the following link is even easier, especially if you are interested in a general region of the country, not just a particular city:
http://www.newseum.org/todaysfrontpages/flash/Click on the cities in the US map to see the front page of the printed newspaper of each city.
All you get is a JPEG image, so you can read the front page, but can't flip to other pages to finish the articles, can't copy/paste text, etc. Still it's a quick way to see what's going on in a specific city, and the front page usually contains the URL of the newspaper, where you can probably see more.
Thanks to Frank Stluka for this tip!
BTW, if you don't know the URLs of the papers mentioned above, they're on my links page:
http://bristle.com/~fred/#news--Fred
Internet Automation Services
-
If this, then that -- IFTTT.com
Original Version: 1/1/2012
Last Updated: 1/1/2012Ever wish you could automatically get notified by an e-mail or text message when something happens that you care about?
Ever wish you could automatically post to Facebook or Twitter when something happens?
IFTTT.com ("If this, then that") is a free service to do exactly that and more. It can monitor things like clock time, weather, stock prices, incoming e-mail, Facebook status updates, Twitter posts, RSS feeds, etc., and cause them to trigger actions like e-mails, text messages, phone calls, Facebook status updates, Twitter tweets, Google Calendar updates, etc.
You can link any trigger with any action, so it's easy to do things like:
- Get e-mail when the temperature drops below freezing
- Get e-mail the day before the temperature is predicted to drop below freezing
- Get a text message when a stock price hits a target value
- Get a text message when a certain person sends you e-mail.
- Post to Twitter whenever you update your Facebook Status
- Add all your tweets to Google Calendar to keep a record of them.
You can sign up for free at IFTTT.com. You'll have to choose a username and password, and give it your e-mail address. This activates some of the "channels" (E-mail, Stocks, CraigsList, RSS Feeds). You can then activate other channels, but may have to give some info. For example:
- SMS -- Have to give cell phone number to receive text messages
- Weather -- Have to give town and state where weather is checked
- Date & Time -- Have to give time zone
- Facebook -- Have to authorize access to your Facebook. I haven't tried yet.
- Twitter -- Have to authorize access to your Twitter. I haven't tried yet.
- LinkedIn -- Have to authorize access to your LinkedIn. I haven't tried yet.
- etc.
For more info, see:
- http://ifttt.com
- http://www.makeuseof.com/tag/connect-automate-web-apps/
- http://gadgetwise.blogs.nytimes.com/2011/09/23/7-ways-to-automate-your-life-with-ifttt/
- http://www.makeuseof.com/tag/10-great-ifttt-recipes-automate-web-life/
- http://techcrunch.com/2011/12/28/ifttt-triggers-loyal-nerdy-following/
--Fred
Webinar, Video Conference, Screen Sharing Services
-
join.me
Original Version: 2/10/2012
Updated: 2/9/2013
Last Updated: 4/26/2020 (no longer free)Looking for a free and easy way to share your computer screen with someone over the Internet?
There are lots of paid services like WebEx and GoToMeeting. But what if the people you want to share with are not subscribers? What if you want a free service?
I use join.me.
It's free, requires no install by the viewers, and uses no special ports. That's huge!
-
[4/26/2020 update]
No longer free. Now $250/year. Bummer! I'm looking into Jitsi Meet instead:
On a whim, without having to install any software or open any firewall ports, up to 250 invited viewers can just click a link to see your screen, watch your mouse move, ask you to let them control your mouse and keyboard, hear your voice, talk back to you, etc. Each viewer sees the screen in a browser window, with no extra software required -- just Adobe Flash running in any Web browser.
The presenter must allow join.me to install a browser plugin, which it offers to completely uninstall at the end of the session. After a few sessions, I chose to keep mine installed to make it even easier to launch future sessions.
For the shared audio, there's a free conference call number set up for you and your 250 viewers as soon as you begin sharing your desktop. Each participant can use his computer microphone and speakers/headphones (VOIP), or a regular telephone.
Update: In June 2012 or so, they moved the regular telephone option into the "Pro" (paid) version. The free version now does voice only via VOIP, so you need microphone and speakers, or a headset.It's great for:
- Presenting
- Support
- Training
- Collaboration
As they say at the Web site (http://join.me), join.me is "ridiculously easy to use"
-
As a presenter
- Launch it by going to the Web site, clicking "Basic" and then "Share"
-
To tell someone else how to connect:
- Click on the link that appears and choose "Send viewer link by e-mail"
- Fill in the e-mail addresses of the viewers, and send the e-mail
- Or just tell the other person the 9-digit number shown in the link
-
As a viewer
- Receive e-mail from the presenter, click the link in the e-mail and immediately see the shared desktop
- Or just go to the Web site, type in the 9-digit number and click "Join".
Privacy Notes:
-
The "Send viewer link by e-mail" link opens your local
e-mail program with a message already composed, containing
instructions on how to connect to your desktop and how to
use the shared conference call for those viewers that
want to use a standard telephone instead of VOIP.
Update: Standard telephone now only in "Pro" (paid) version. - You do NOT have to enter their e-mail address into a join.me screen, only into your own local e-mail program
- So join.me doesn't learn their e-mail address and cannot spam them later
Features:
-
Desktop Sharing
-
With all viewers seeing your desktop
-
With all viewers seeing your desktop
-
Shared Control
- Any viewer can request control of your mouse and keyboard, and you can choose to share control with them
- You can both use the mouse and keyboard simultaneously until you revoke the shared control
-
You can choose to share control without the viewer having to
request it
-
This is useful when the presenter is requesting help and the
viewer is teaching, or when the viewer wants to say "You
mean, like this?"
-
Supported Devices
-
Your computer can be Mac, Windows (Linux not yet supported)
-
The viewers can be Mac, Windows, Linux, Android phone/tablet, or
iPhone/iPad
-
Your computer can be Mac, Windows (Linux not yet supported)
-
250 People
-
Up to 250 people can connect to the same session, seeing the same
desktop and sharing the same conference call
-
Up to 250 people can connect to the same session, seeing the same
desktop and sharing the same conference call
-
Conference Call
-
Each person can use a regular phone, or his computer's microphone
and speakers/headphones (VOIP) -- Everyone hears the same thing
-
If no one is really interested in viewing a shared desktop, you
can still use a mix of phones and VOIP (or even all regular phones
and no VOIP) for a regular audio-only conference call
-
It's not a toll-free number, but there's no charge other than
long distance bills for those who don't have free long distance and
choose to not use VOIP
- Does not directly share any sounds generated by your computer (no sound effects, WAV files, etc.), but your microphone may pick them up and send them
-
Update: Standard telephone now only in "Pro" (paid) version
-
Each person can use a regular phone, or his computer's microphone
and speakers/headphones (VOIP) -- Everyone hears the same thing
-
Invitations
-
You can invite someone to view your desktop via the e-mail technique
above, and you can edit the pre-composed e-mail before you send
it
-
Any viewer can similarly invite others to view
-
You or any viewer can bypass the e-mail and invite additional
viewers by telling them the 9-digit session number and having them
go to the Web site to join in
-
You can invite someone to view your desktop via the e-mail technique
above, and you can edit the pre-composed e-mail before you send
it
-
Textual Chat
-
Also includes a textual chat, if you want to send text
messages instead of all talking on the single audio channel
-
Can send text messages to the presenter only, or to all participants
-
Also includes a textual chat, if you want to send text
messages instead of all talking on the single audio channel
-
File Transfer
-
You can send files to/from the presenter
-
You can send files to/from the presenter
-
Firewall
-
Uses only port 443 (SSL/HTTPS), so it would get past corporate
firewalls if you ever need to share with someone at their work
computer
-
Uses only port 443 (SSL/HTTPS), so it would get past corporate
firewalls if you ever need to share with someone at their work
computer
-
Privacy
-
It always shares your entire screen, never just one window.
Update: As of 7/26/2012, the "Pro" (paid) version offers the option to share just one window.
-
If you have multiple physical displays, it only shares one, so
you can keep your notes and other private stuff on another screen
-
If you use multiple virtual displays (Mac "Spaces"),
it shares the one you are currently seeing, so that's not a way
to keep private stuff
-
Has a Pause function, so you can pause the sharing while you do
something private, with the viewers seeing the screen as it was when
you paused it
-
It always shares your entire screen, never just one window.
-
Reliable
-
It's from the makers of LogMeIn, a widely used and well trusted
remote control app that you can install on your desktop to allow
you to connect to it and control it remotely
-
One big difference is that LogMeIn allows you to seize control
of the machine (useful to control your work PC from home and vice
versa) while join.me always requires someone at the shared machine
to say OK
-
It's from the makers of LogMeIn, a widely used and well trusted
remote control app that you can install on your desktop to allow
you to connect to it and control it remotely
-
Security
-
Uses 256-bit SSL encryption so no one can sniff the data being
sent across the wire
-
No password is required, so anyone could theoretically eavesdrop
on your shared desktop if they guessed the 9-digit session number
-
However, you or one of the viewers might happen to notice that
the displayed number of participants is higher than expected
-
For better security, buy the paid version
-
Uses 256-bit SSL encryption so no one can sniff the data being
sent across the wire
-
Video Sharing
-
There's no video sharing -- it doesn't use the cameras of the
computers, so it's not a full videoconferencing product
- However, you can use Mac's "Photo Booth" or any similar Windows app to get your live image from the camera onto your screen, and join.me will share that part of the screen also, so you can get shared video
- To get two-way video sharing so you can both see each other, you can use 2 join.me sessions, one in each direction. However, at least one of you must have 2 physical monitors. Otherwise, you each share your screen which contains a window showing the other person's screen which contains a window showing your screen, etc., etc., etc. Suddenly, gets very, very slow...
-
There's no practical way to do multiple video sharing with
more than 2-3 people
-
There's no video sharing -- it doesn't use the cameras of the
computers, so it's not a full videoconferencing product
-
Session Recording
-
There's no option to record the shared session
-
There's no option to record the shared session
Competing products:
- WebEx (not free)
- GoToMeeting (not free)
- Skype (not free)
- Yuuguu (not free)
- Mikogo
- Others?
More info:
- http://join.me
- https://join.me/welcome/webhelp/joinme/join.me/jm_faq_header_top10.html
- http://www.macworld.co.uk/macsoftware/reviews/?reviewid=3253777
- http://www.macworld.com.au/help/macworld-masterclass-screen-sharing-with-join-me-24293/
What do you think? Useful? Any pros/cons compared to other products?
Thanks to Ron Wilhoite for pointing out that Linux isn't yet supported as a sharable desktop, only as a viewer.
--Fred
-
[4/26/2020 update]
-
Jitsi Meet
Original Version: 4/26/2020
Last Updated: 5/28/2020Jitsi Meet is a great tool for:
- Online meetings (aka webinars, video conferences, video chats, etc.)
- Screen sharing (aka screen casting, desktop sharing, etc.) with or without audio or video
- Teleconferences (audio-only conference calls) on regular telephones
Meetings have multiple "users" -- a "moderator" to start the meeting and "participants" who join.
Similar to:
- Zoom, but without the security/privacy concerns
- join.me, Crowdcast, WebEx, GoToMeeting, etc., but free of charge.
- Apple FaceTime, but free of charge, no app required, supports screen sharing, more people per meeting, and supports non-Apple devices
- Microsoft Skype, but free of charge, and no app required even for Firefox and phones
See:
Pros:
-
Free (in both senses of the word)
- Gratis -- No cost to use, for moderators or other users
-
Liberty -- FOSS (Free and Open Source Software),
Apache license.
- Anyone can read the source code, make changes, fix bugs, add features, etc. Submit changes for inclusion in the main product, or keep your own private version.
- You can use their server, or run the code on your own server and bypass them entirely.
-
Various orgs are hosting Jitsi Meet servers that you
can use for free.
See:
Jitsi Meet Servers
-
Private
- Each user enables/disables microphone for audio
- Each user enables/disables camera for video
- Each user shares entire screen, one window or nothing
- Pause/resume sharing at will, to safely enter passwords, view sensitive info, etc.
- Doesn't collect/sell info about you
- No signup/login required
-
Moderator can require password to join
-
Secure
- Encrypted
- No incoming connections required
- No installed app or browser plugin required
-
No Adobe Flash required
-
Easy
- One click to view any user's shared desktop or video, and to hear audio
-
Uses only port 443 (SSL/HTTPS), so it safely bypasses
corporate firewalls.
You can use it from your work computer to connect with
someone on their work computer.
-
Portable
- Works on Mac, Linux, Windows, Android, iOS
-
Supports dial-in (audio only) from phone
using phone numbers in various countries, with a
10-digit PIN to avoid eavesdroppers
-
Well supported
-
Like most FOSS projects, it has an active user support
forum:
I had a problem. Posted a question. Got a reply within 24 hours that told me exactly how to solve the problem, and make sure it never happens again. From user "MagicFab" (aka F. Rodriguez), in Canada. A volunteer Jitsi Meet contributor since 11/2019. Mostly involved with QA, localization and forums volunteer support, and also provides training and user support for Jitsi Meet self-hosted deployments. Also gave me a list of hundreds of other Jitsi Meet Servers I can use for free. Thanks, MagicFab!
-
Like most FOSS projects, it has an active user support
forum:
Cons:
- No shared control of desktop
- Is there direct support for transferring files between users?
To start a meeting:
- Go to: http://meet.jit.si
- Enter any unique name (meeting id) for your meeting
- Ignore/close any popups about installing a plugin or add-on for your browser. Or about allowing incoming connections. Feel free to click "Don't ask again" checkbox.
- Choose whether to enable camera (can enable/disable later)
- Choose whether to enable microphone (can enable/disable later)
- Click "i" (info) icon if you want to require a password. Or to see meeting details (URL based on meeting id, password if any, phone number and PIN to join by phone, other phone numbers for other countries, etc.). Click "copy" to copy fully formatted invite to paste into an email to send someone.
To join a meeting:
-
Either:
-
Click the link someone emailed you
or - Go to: http://meet.jit.si and enter the meeting id someone gave you
-
Click the link someone emailed you
-
Same as moderator (see above):
- No plugins, connections, etc.
- Enable camera or not
- Enable microphone or not
- Click "i" to invite others
Features:
- Click to toggle sharing of your screen/window
- Click to raise/lower hand for attention
- Click to view/hide text chat
- Click to mute/unmute your microphone
- Click to enable/disable your camera
- Click to toggle tile view vs viewing one person/screencast
- Up to 35 users before performance lags. More soon.
- All users can be concurrent presenters. Each user can share his audio, video, and/or screen/window. Each can choose which presenters to view. Several tiled on screen at once, or one at a time. Hear merged audio of all unmuted microphones.
- On screencast, can see mouse move, characters typed, etc.
- If no one shares screencast or video, or if all users join via regular phones, its just a regular audio-only conference call. Not a toll-free number, but if each person calls the number for their country, there's no international long distance charge.
- Does not directly share any sounds generated by your computer (no sound effects, MP3, WAV files, etc.), but your microphone may pick them up and send them
-
Click "..." icon to specify:
- Everyone starts muted
- Everyone starts hidden
- Everyone follows me
- Language to show options in (default: English)
- Video quality: HD, standard, low, lower (low bandwidth)
- Toggle fullscreen
- Start YouTube live stream
- Start/stop recording to be uploaded to Dropbox
- Share a YouTube video
- Blur my background
- Mute everyone
- Show speaker stats (minutes each user has spoken)
-
View keyboard shortcuts
- f = show/hide thumbnails (or click ">" icon at bottom right)
- m = Mute/unmute microphone
- v = Enable/disable video camera
- a = Manage call quality
- c = View/hide text chat
- d = Switch between video of you and screenshare
- r = Raise/lower hand
- s = Toggle fullscreen
- w = Toggle tile view
- ? = Show/hide keyboard shortcuts
- space = Push to talk
- t = Show speaker stats
- 0 = See your own video/screencast
- 1-9 = See someone else's video/screencast
Uses:
- Meetings
- Presentations
- Support
- Training
- Collaboration
Since Jitsi Meet is FOSS (Free and Open Source Software), anyone can set up their own server. The following servers are free for you to use for your meetings:
-
Public (anyone can host, anyone can join):
-
Jitsi Meet itself
http://meet.jit.si -
Sangoma Meet
https://meet.sangoma.com - https://visio.ecloud.global
-
Hundreds of others around the world...
https://framatalk.org/accueil/en -
Others?
-
Jitsi Meet itself
-
Members only (member must host, anyone can join):
-
Free Software Foundation
https://jitsi.member.fsf.org - Others?
-
Free Software Foundation
If you're new to tools like Jitsi Meet, see my 2012 writeup on join.me. It was my favorite while it was free.
--Fred
-
Zoom
Original Version: 4/14/2020
Last Updated: 5/14/2020Want to use Zoom more safely? With no app install and no browser plugin?
I use Jitsi Meet instead. Has pretty much all the same features (screensharing, audio, video, etc.).
But Zoom has become enormously popular during the Coronavirus lockdown. Despite all the scary news about data gathering, privacy violations, security holes, etc. If a meeting's hosted in Zoom, you need Zoom to join. Can't join a Zoom meeting via Jitsi Meet.
Web browsers are designed to avoid such privacy/security concerns. With Chrome, Firefox, Safari, etc. (anything not written by Microsoft), you're generally safe going to any web site. As long as you don't download any files, allow it to install a browser plugin, or manually enter any private info. Even Zoom is safe and private if you follow those rules.
Here's how to run Zoom without downloading and installing the app, and without any browser plugins. When someone sends you a link to a Zoom webinar:
-
Change the URL from something like:
- https://zoom.us/j/123456789
- https://zoom.us/wc/join/123456789
Note: If you got the URL in an email, or in a text message on your phone, the easiest way to do this may be to forward the email or text to yourself, and change the URL before sending.
-
Click the updated link.
-
Click "Join Audio by Computer".
- Watch/hear the webinar.
Thanks to Sam Domonkos of ETE and JP Vossen of PLUG for showing me this! Thanks also to Louis-Philippe Veronneau for documenting it at:
which is where JP and maybe also Sam found it.
If that doesn't work for some reason, or stops working in the future, try this:
-
Click the original link, which should look something like
the 1st one
in technique 1:
- https://zoom.us/j/123456789
-
If it doesn't happen automatically, click
"download & run Zoom" (trust me!)
-
If prompted again (different browsers behave differently), click
"download & run Zoom" again.
That causes the server to start sending the download file to your browser, which may cause your browser to automatically download the file (ZIP, EXE, or whatever) to a temporary location like your "Downloads" folder or something. Or the browser may prompt you for whether to Open or Save. Different browsers and different user preferences.
-
If prompted, click Cancel. NOT Open or Save.
If not prompted, just delete the downloaded file.
Do NOT open it.
-
Note that just before starting the download, or prompting
you, the web page gained a new "join from your browser"
link. Click it.
That should take you to a URL like the 2nd one in technique 1:- https://zoom.us/wc/join/123456789
-
Enter any name you like, to identify you to others
in the meeting.
-
If the meeting has a password, enter it.
-
You may be prompted to enter a name again.
Enter whatever you like.
Doesn't have to match the one you already entered.
-
Click "Join Audio by Computer".
- Watch/hear the webinar.
While trying to join a Zoom meeting, via either technique 1 or technique 2 above, you may get prompted to login, sign up, etc. You can probably just ignore the prompt. I used to get prompted like that, but it's not happening any more. They're updating the software a lot lately, to try to deal with all the bugs and security holes. So maybe they changed that?
To join an existing Zoom meeting, you shouldn't need an account. But to start a new meeting, you currently do. That may change in the future, but for now, I haven't found a way around it. If you do, please let me know.
If you ARE forced to create a Zoom account:
-
The signup screen requires a valid email, so it can mail you
a confirmation link.
It also asks for a birth date, but fake is fine.
Don't make yourself too much younger than you really are.
Under 18 years old may lead to restrictions.
You'll have to specify a password for the new account too.
-
Click the link in the email it sends you, to authorize the account.
- You now have a Zoom account and are logged in. Go back and click the link for the meeting again. Or whatever you were doing when you got detoured to the signup screen.
You may also get prompted to "register" for a meeting. I sometimes got prompted for that, but it's not happening any more. I've tried different browsers on different computers, and never get prompted to register, so it's not a question of cookies, or anything. Maybe they changed that too?
If you ARE prompted with a "Webinar Registration" page:
-
Enter name, email, etc.
As in
technique 2
above, the name can be anything you like.
I'm not sure if the email gets validated by mailing you a
link to click on, what else it might be used for, or whether
it has to be a valid email.
- Click "Join Webinar In Progress"
Why to NOT install the Zoom app or plugin:
Did you notice in the above how easy it is to bypass Zoom's attempts to make you install the app? And to register, sign up for an account, login, etc? Seems like they don't really have a security mindset. I'd be leery of installing their software on my phone, tablet or computer.
Also, you may have seen all the scary headlines recently about privacy and security problems with Zoom. You can read all the details here:
Basically, here's what's happened so far:
3/26 - Zoom caught sending user data to Facebook
3/27 - Zoom fixes app
3/30 - Zoom caught lying -- doesn't use end-to-end encryption
- Hackers can steal Windows passwords via Zoom
- Hackers can turn on microphone and camera via Zoom
- Hackers can gain root access to macOS via Zoom -- can do anything they want to an iPhone, iPad or Mac
- Class action lawsuit #1
- FBI investigates Zoombombings that showed swastika to students in class
4/1 - SpaceX bans Zoom
- Zoom bug leaks user email addresses and photos to strangers
- Zoom apologizes
- Plans to adds passwords to meetings
- Plans to adds "waiting rooms" for moderator to approve each person joining
4/2 - Automated tool can find Zoom meetings to try to hack
- Hacker group 8chan plans to hijack Zoom calls of a Jewish school
- Zoom bug allows mining of user LinkedIn data
4/3 - Recordings of private Zoom video calls are visible publicly -- therapy sessions, telehealth calls, business meetings, grade school student info
- Hackers plan mass Zoombombings with racism and porn
- Zoom caught using weak encryption
- Class action lawsuit #2
- Congress requests info
4/4 - Zoom apologizes again
4/5 - Zoom calls are accidentally routed through Chinese servers
4/6 - School districts ban Zoom
- Zoom user account info found on dark web -- email addresses, passwords, meeting IDs, host keys and names -- for people, schools, hospitals, businesses
- Zoom hires more lobbyists
- Senator asks FTC to investigate
- Class action lawsuit #3
4/7 - Taiwan bans Zoom
4/8 - Google bans Zoom
- Zoom bugs sold to highest bidder -- $5K-$30K each
- Zoom hires security advisor Alex Stamos, forms security council
- Passwords enabled by default in K-12 classrooms
- "Waiting rooms" enabled by default in K-12 classrooms
- Only teacher can share content in K-12 classrooms
- Teaching K-12 teachers how to use Zoom safely
- Zoom promises to START putting security/privacy first -- had previously focused only on making it easier to user, with fewer mouse clicks. Doh!
- Zoom stops showing meeting ID at top of screen to slow hacker spread of meeting IDs via screenshots
- Zoom starts weekly YouTube webinars to keep public informed
- Zoom usage has grown from 10M/day to 200M/day from Coronavirus
- Plans for better "waiting rooms"
- Plans for better encryption
- Zoombombing with fake AI-generated version of Elon Musk
4/9 - Senate warns to avoid Zoom
- Singapore bans Zoom for schools after too much porn shown to students
- Germany bans Zoom
4/10 - Pentagon bans Zoom except "Zoom for Government" version
4/13 - 500,000 Zoom accounts sold on hacker forums
4/14 - Facebook and LinkedIn sued for receiving user data from Zoom
- New Zoom option (for paying users only) to avoid Chinese servers that can obtain encryption keys
4/15 - Hackers can spy on Zoom calls on Windows, selling exploit for $500,000
- Zoom now "takes user security extremely seriously", investigating
4/16 - Recordings of private Zoom video calls are still visible publicly even after the user deletes them
- Zoom rolls out updates to slow hackers access to recordings
- Zoom changes option to suggest putting a password on recordings and adds rules that passwords must be stronger when used
- Old recordings still visible publicly
- Zoom hires Luta Security, plans to revamp bug bounty program
4/20 - Zoom knew about security flaws for several months
- Zoom plans button to report abusive users
4/21 - UK Parliament continues using Zoom
- Holocaust memorial service Zoombombed with Hitler images
4/22 - Zoom 5.0 with security updates planned by May 30
- Hackers can silently record Zoom sessions and text chat, even when moderator has disabled recording for all users
4/23 - Zoombombings in CA, GA, OK, etc. show child porn and racism to elementary, middle, high school and college students, and to school board, city council, etc.
4/28 - Homeland Security says Zoom is vulnerable to foreign spies, despite fixes
- Zoom denies it
5/7 - NY Attorney General closes inquiry into Zoom, CT still ongoing
- Zoom buys security company Keybase, promises draft plan by May 22 to kick off discussions about their 90-day plan to improve security/privacy (for paying users only).
Note from the events above:
-
Each time Zoom fixed a bug in the app or plugin, it was only
fixed for users who upgraded to the new version.
For example, April 7 required a manual update, which many
users never heard about or didn't bother to do.
-
May 30 will be a forced update.
What happens if you're in the middle of a meeting?
-
Many of the security/privacy fixes are offered only to paying
customers -- not to users who installed the free versions.
- Fortunately, many of the fixes were to Zoom server software. So, all users benefit from them automatically.
If you use Zoom, I suggest:
-
If possible, switch to
Jitsi Meet.
-
Or some other product:
-
If not, uninstall it and use the browser-only option
- If not, apply all available patches and consider buying a paid version to get the rest of the patches. That also gets you other "Pro" features. For example, the free version limits meetings to 40 minutes when 3 or more participants.
One last thought: Why so much zoombombing with porn and racism? What's the motivation? Is it all just hate? Yes, since November 2016, racists and haters have been normalized, validated and emboldened, but this seems extreme. Is there something more behind it?
-
A security firm using scare tactics to drum up business?
-
A competing commercial product?
Doesn't Microsoft have a product trying to break into this
space?
"Teams" or something?
Also, they bought Skype a few years back.
Is anyone looking at them, or WebEx, or GotoMeeting, or
join.me (LogMeIn), or any of the other commercial products
losing market share to Zoom?
I'm glad that Jitsi Meet is free -- no profit motive there.
-
Hackers proving they can, so they can start extorting money
to not?
- Who else has something to gain? Follow the money...
--Fred
-
Change the URL from something like:
-
Crowdcast
Original Version: 4/21/2020
Last Updated: 9/21/2020Crowdcast is a great tool for broadcasting presentations to a large remote audience (over 1,000 people). And for recording them for people to watch later. It's a paid service, but free for attendees. I haven't used it to host a meeting, but I've attended a few.
Similar to:
- Jitsi Meet, but not free, handles larger audiences, focused more on presentations than on-line meetings or group chats
- Zoom, but without the security/privacy concerns
- join.me, WebEx, GoToMeeting, etc.
See:
Pros:
-
Private
- Attendees don't share their cameras, microphones or screens. Mostly just watch, listen, type questions and use the text chat. Up to 4 attendees can be "invited on screen", but most are not.
- Host can require password to join
-
Secure
- Encrypted
- No incoming connections required
- No installed app or browser plugin required
- No Adobe Flash required
-
Easy
- One click for an attendee to join. Plus enter an email address and a name to display.
- Uses only port 443 (SSL/HTTPS), so it safely bypasses corporate firewalls. You can use it from your work computer to connect with someone on their work computer.
-
Portable
- Works on Mac, Linux, Windows, Android, iOS
Cons:
-
Not free
- Paid service for host (but free for attendees). $20-$140/month with different limits on number of attendees, length of talk, hours used per month, etc.
-
Privacy
- Requires attendees to enter an email address (fake is OK). I don't know what they do with it. You do NOT have to click a link in a received email to authenticate. I don't know if they spam you later, sell the address, etc.
- Other?
To host a meeting:
- I don't know. Haven't done it.
- Click the link someone emailed you
-
Enter email address (fake is OK).
Warning: Do NOT use an email with a dot (".") in the username part before the at sign ("@""). On 4/21/2020, that caused an error at Crowdcast, preventing you from joining the meeting. Strip out any such dots. For example, change "John.Q.Public@gmail.com" to "JohnQPublic@gmail.com". Gmail and some other email providers treat addresses the same with and without those dots anyhow. Also, since a fake email is OK, it doesn't matter what you enter. - Enter any name you like, to identify you to others in the meeting.
-
Click to view/hide text chat
-
"Ask a Question":
- Everyone (speakers, hosts, attendees) can always see an "Ask a Question" button with a count of the number of unanswered questions.
-
Attendees can:
- Type in a question
- See all questions asked by others
- Upvote specific questions so the speaker will answer them sooner
- See who asked each question. If the name isn't displayed, hover over the person's icon to see a popup with their name and @handle, plus Followers/Following counts and Follow button.
- Click the titlebar of the popup "Ask a Question" window to grow/shrink that window
- The question currently being answered is highlighted, and moves to the separate "Answered" list when done (probably done manually by a host)
- This is separate from the text chat feature
-
On screencast, can see mouse move, characters typed, etc.
-
Recording
- Can be published IMMEDIATELY after the talk. I stayed at the same Web page and started interacting with it via links from questions and from text chat. Didn't even refresh the page in the browser. Switched over seamlessly from live talk to recording.
-
When watching the recording, users can:
- Play at different speeds: 0.5x, 1x, 1.25x, 2x, 3x
- Pause, rewind, fast-forward
- See the questions. Can click the "View Answer" button of any answered question to hear the host read the question aloud and see the video clip of the speaker's answer. Nice!
-
See the text chat.
Can click the Play button ("Jump to moment") that
appears on hover over each entry.
Jump to that point in the recording.
Nice!
Very useful for 2 reasons:
- Can see/hear what the speaker was saying when the text comment was made
- If the speaker saw a question in the text chat (or a host read it to him), those watching the recording can click to see/hear his answer.
-
Picture-in-Picture
- Click the "Picture-in-Picture" popup icon at the right edge of the screencast
- Moves the speaker video and screencast into a new always-on-top window
- Leaves behind the text chat window, and all the controls, headers, footers, titlebar, toolbars, menu, and other browser "chrome"
- You can move and resize that window
- Tuck it small into a corner while doing other work
- Or grow it to fill the entire screen, to better read the text in the screencast
- Works in Firefox, but not Chrome or Safari.
- "Clip moment" while watching live or watching the recording. I'm not sure of all the details. It pops up a window that allows you to save a snippet of the video to the Crowdcast server, and gives you a URL to access that snippet ("moment"). Seems useful, but I couldn't figure out how to control the start/stop times of the snippet. Anyone know?
-
Over 1,000 attendees at once
-
Up to 4 people broadcasting at once: speakers,
hosts, etc.
Attendees see each in a separate window tile and hear
merged audio.
-
Does not directly share any sounds generated by the
computer (no sound effects, MP3, WAV files, etc.), but
the microphone may pick them up and send them
-
Very simple for attendees to use.
Very few options.
-
Optionally register and charge paid attendees (via Stripe)
-
Polls of attendees
-
Integrate (via Zapier) with tools like
Slack, Salesforce, MailChimp,
Google (Drive, Docs, Forms, Sheets, Analytcis, etc.),
HeySummit, XING, Meetup, Eventbrite, PayPal
WordPress, Patreon, Zendesk, Zoho,
LinkedIn, Facebook, Twitter, Instagram, YouTube,
MySQL, PostgreSQL, Amazon DynamoDB,
etc.
-
Embed presentation in a web page at your site
-
Multistream to Facebook Live, YouTube Live,
Twitter Periscope, etc.
-
Export attendee data, poll answers, etc to CSV
- More features at:
-
Can't pause, rewind, fast-forward while streaming a live
talk.
If you want that, wait for the recording.
But then you lose your chance to interact and ask questions.
-
Attendees have no control over the screen layout they see:
- Can't tile/un-tile video feeds of speakers, hosts, etc.
- Can't zoom the screenshare to fill the screen, making the font bigger and more readable
- Can't hide the video feed of the speaker
-
Problem 1: Overlay
In one talk I attended, the video feeds of the speaker and hosts overlaid and obscured the screencast of the text that the speaker was typing during a live demo -
Problem 2: Giant talking head
In another talk, the speaker's video feed filled the left half of my screen at all times, leaving only the right half for the screencast - When I showed the text chat, my screen went to 3 equal columns, making the screencast even smaller
- Since the screencast was wider than tall, limiting it to a vertical column of my screen made it REALLY tiny
- If I could have rearranged my screen myself, I'd have put the text chat in a narrow column at one side and used most of the screen for the screencast
- Hide the speaker entirely, since I could hear him talking, or drag him to a small corner window, and make the chat column shorter
- Perhaps even overlay him over part of the screencast, if I could drag him away at will to see what's underneath
-
Attendees have no control over the video resolution
(HD, standard, low bandwidth).
Problem 3: Video resolution too high
Can't lower it, to use less bandwidth, reduce phone data costs, and especially make it less choppy/erratic, etc.
Problem 4: Video resolution too low
Can't raise it, to reduce pixelation of small fonts.
-
In the recording, the questions list doesn't change like
it does in the live presentation:
- No highlighting of the current question
- All questions that were ever answered are already in the "Answered" tab
- Displayed count of questions is always the number that were eventually answered, not the number that remained unanswered at that point in time
- If you rewind or fast-forward through the video and then stop to watch, there's no way to know which question is currently being answered.
Think ahead and be prepared.
In a regular in-person talk, lots of problems occur, but everyone adjusts as necessary. Hosts and speakers can usually spot a problem right away and find a way to deal with it. If not, an attendee will often speak up.
All attendees are fully committed to the meeting. They're there in person (though perhaps distracted by their phones). Not usually coming and going. Not dealing with distractions that no one else knows about.
All attendees have the same environment. Same lighting. Same projector. Can all hear the speaker and each other equally well. Except those in the back, who can move forward or ask the speaker to adjust volume, font size, etc.
None of this is true in a remote distributed talk. Therefore, hosts and speakers have to plan ahead more. Specifically:
-
Pay attention to screen layout
Problem 1: Overlay
Don't let your video feed overlay and obscure your screenshare.
Problem 2: Giant talking head
Make the screenshare big enough to be readable. Attendees may not need to see your face if they can hear you. May want the screencast bigger. Especially on a small phone or tablet.
-
Set the lowest acceptable video resolution
Problem 3: Video resolution too high
Don't really need HD to see your face and slides. Especially if it causes choppy/erratic reception for some attendees. Or increases their phone data costs.
Problem 4: Video resolution too low
Want higher resolution for screencasts to avoid illegible pixelated text. But only if you use a tiny font. Or if you allocate too little attendee screen space to the screencast of your entire screen.
-
Consider tablets and phones
Problem 5: Tablets and phones
You don't know what devices your attendees will use. May be small 11-inch laptops or tablets. 8-inch mini-tablets. Or even 4-inch phones. Your face and slides will probably look fine. But make sure any detailed screencast is big enough to be useful on small screens. Or warn people in advance to use a larger screen.
-
Consider poor lighting conditions
Problem 6: Bright light
You don't know where your attendees will be. Indoors, outdoors, in full sun, etc. They may be stuck where they are, unable to move into a dark room, but still want to attend your talk. Make sure your screencast is big and bright enough to be useful in such poor lighting conditions.
-
Use a large font
Problem 7: Font size
Make sure your font is big enough for everyone to read, especially on a small screen, or in poor lighting.
-
Pay attention to screen contrast
Problem 8: Contrast
At one talk, the speaker was showing a dark background, with slightly darker font. He could read it fine, but most of us could not, due to various combinations of problems 2 (screenshare too small), 4 (resolution too low), 5 (small device screen), 6 (lighting), and 7 (font size).
Also, remember that as many as 10% of your attendees (especially male) may be red-green color blind. And above age 40-50, many may be developing cataracts or other vision problems. More contrast is better!
Thanks to Geoff Rhine for this link to specific color recommendations for good contrast: -
Make your mouse pointer big
Problem 9: Invisible mouse
If you're going to be pointing at things on the screen often, increase the size of your mouse pointer. Or at least use the Mac setting that makes it temporarily huge when you wave it around. You can't point at the screen with your finger, or with a laser pointer. Want the mouse to be visible to everyone.
-
Beware setting your own screen to show your screencast
Problem 10: Recursive screenshare
Can cause attendees to see a "recursive" effect of screen within screen within screen, etc. One speaker I saw recently did this often during the Q&A session after his talk.
-
During Q&A, the host should read each question aloud
Problem 11: Wait, what question is he answering? (Part 1)
Some attendees may have gotten distracted. Or gotten pulled away from the meeting briefly. Or may have arrived late. May not know to pop up the "Ask a Question" window to see the highlighted question.
-
If the host reads the question aloud, make sure his audio
is broadcast
Problem 12: Wait, what question is he answering? (Part 2)
In a talk I recently attended, we all watched as the speaker listened to the host asking the question in his earbuds. But we couldn't hear it. We just heard the speaker say "That's a great question. The answer is no ...". Interestingly, in the recording later, I COULD hear the host asking the question. Just not during the live talk.
-
Ask your attendees if they can see and hear everything OK
Problem 13: No feedback
Without body language and other feedback, you don't know if people are fascinated, engaged, bored, confused, frustrated, or have left the room entirely. At recent talks I've attended, the speakers didn't realize we were having problems 1-12 above until someone spoke up in the text chat. And sometimes not at all until after the talk was over.
-
Have 2 hosts
Problem 14: Host loses connection
At a recent talk, the host lost is connection suddenly. Fortunately they had 2 hosts, so the other jumped in until the 1st one was able to re-connect. Good planning!
-
Have 2 speakers, or other Plan B
Problem 15: Speaker loses connection
Be prepard for the speaker to lose connection suddenly. Due to WiFi or other local network problem, local power outage, ISP problem, etc. What do you do then? Have an alternate speaker jump in to continue the talk? Or to give a different talk instead? Reschedule the meeting for another time? Cut over to a pre-recorded talk on a related topic?
--Fred
File Sharing Services
-
Dropbox
Original Version: 11/12/2012
Last Updated: 11/12/2012Dropbox is a great site for:
- Sharing files with other people
- Synchronizing files among multiple computers
- Synchronizing files across computers, phones, tablets, etc.
-
Backing up your files
Do a quick install onto one or more of your computers, phones, tablets, etc., specifying which folders to share and you're done.
Every time you update a file on any of the devices, it gets backed up to the Dropbox site and updated on all of the other devices within a couple seconds. You can edit the file locally on the device, drag/drop it as usual, right click to see other operations, etc. On each device, it's just a regular local file, but the Dropbox software notices the change and updates the other devices.
I use it to synchronize files among my devices. This also keeps a copy at the Dropbox site as a backup in case I have a disk crash on my computer or something. It also keeps older copies of each file for me, so I can recover from an accidental change to a file.
I also use it for sharing with other people, by creating subfolders of my DropBox folder and clicking to share them with specific other users. For example, when sharing files with my colleague Hans, I create a FredAndHans folder, and give us both the right to read/write files there. Then I create ToHans and ToFred subfolders, with the understanding that Hans should delete from ToHans when he finds and copies a file from there, and I should delete from ToFred when I find a file there. We each have an Inbox, effectively. Separately, I create a FredAndXXX folder for each other person I want to share with.
You can also share with more than 2 people at once, and can share readonly, and can make files available to people who are not Dropbox users. You can create a link to a Dropbox file, making it public for anyone to read, and e-mail the link or Tweet it, or post it to your FaceBook page, etc.. Anyone can click the link to see the file. If you update the file on any of your devices, they'll see the latest version.
Dropbox also does notifications. For example, whenever Hans adds/updates a file in the ToFred subfolder or removes a file from the ToHans subfolder, I get a popup message on my devices.
If you haven't already signed up, please do so via this link. That will give me credit for referring you, which means that you and I each get more free space at Dropbox:
https://www.dropbox.com/referrals/NTU1NzQ1MjQxOQ?src=global9
For more info, see the tips below.
--Fred
-
Dropbox Camera Upload
Original Version: 10/18/2012
Last Updated: 2/14/2020You may already be using Dropbox (if not, check it out: http://dropbox.com). However, did you know that it can be configured to automatically upload pictures from your Android or iOS phone or camera, as soon as you take them? This of course immediately downloads them onto your Mac, PC, or other computer and any other devices you have synchronized via DropBox. Nice!
For details, see:https://www.askwoody.com/newsletter/dropbox-makes-the-easiest-way-to-send-photos
--Fred
Adobe Acrobat Reader
-
Single Page Continuous
Original Version: 1/26/2013
Last Updated: 1/26/2013Tired of Adobe Acrobat Reader jumping to the next page every time you try to scroll down a bit?
To scroll normally via the mouse or arrow keys, you have to change from "Single Page" mode to "Single Page Continuous":
View | Page Display | Single Page Continuous
To avoid having to do this for each document you open, you may want to change the default setting:
Preferences | Page Display | Page Layout | Single Page Continuous
But if the author of the PDF file specifies a different setting, Adobe Acrobat Reader ignores your preference. To override the author's setting:
Preferences | Accessibility | Override Page Display | Always use Page Layout Style = Single Page Continuous
Thanks to "dgitlpnetrtionbyadobe" for posting the override tip at http://forums.adobe.com/thread/514696!
--Fred
Unicode domain names (gTLDs)
Original Version: 10/26/2013
Last Updated: 10/26/2013
Applies to: Internet, World Wide Web
A warning to programmers, and to a lesser extent, all software users -- the new Unicode domain names will break your software.
As you may know, new Internet domain name extensions are rolling out this week. I hadn't been paying too much attention, but I just realized that it will likely break a lot of software. It's a mini-Y2K problem. Why? Unicode vs ASCII.
Details:
I knew that the domain name extensions (or "gTLDs" - Generic Top Level Domains) would no longer be limited to the original seven:
- .com
- .edu
- .gov
- .int
- .mil
- .net
- .org
or even to the new ones added in the past decade or so:
- .biz
- .info
- .name
- .pro
- .aero
- .coop
- .museum
- .asia
- .cat
- .jobs
- .mobi
- .tel
- .travel
- etc...
So, I knew that any software that assumed the gTLD was 3 chars or less would break, but I figured most programmers would be smart enough to not build such an assumption into their software.
However, I saw an article today that says 4 gTLDs are rolling out that are Arabic, Cyryllic, and Chinese words. So they consist of Arabic, Cyryllic, and Chinese (Unicode) characters.
Oops! We can no longer assume that e-mail addresses and Internet domain names consist entirely of ASCII chars -- we have to support Unicode in all of them now.
Start reviewing your software for places where this will cause problems. And start thinking about software packages, services, and servers you use that may break as a result.
BTW, business owners should also start thinking about whether to register their own custom gTLDs before someone else grabs them.
For more info, here are some links to info about the new gTLDs:
- http://www.1and1.com/new-top-level-domains
- http://www.godaddy.com/tlds/gtld.aspx
- http://www.pcpro.co.uk/features/384958/gtlds-what-your-business-should-know-about-new-domain-names
And here's the press release that got me thinking about it:
--Fred
Hour of Code -- Fun Intro to Computer Programming
Original Version: 12/21/2013
Applies to: Internet, World Wide Web
Programmers, programmer wannabees, parents, etc.,
You may have heard about the "Hour of Code" campaign in the past couple weeks.
There's been a major push to make it easier for us and our kids (and our parents, and grandparents, etc.) to learn computer programming. The idea is to have everyone try it for an hour and have fun learning what it's all about.
Lots of Web sites, tools and languages are springing up to make it really easy and fun to learn to write computer programs. I've added a new "Easy Computer Programming" row to my links page:
Check it out! Try out some of the links. Tell me about others you've found, and I'll add them to my list. Tell your friends, and your kids, and your parents, aunts, uncles, nieces, nephews, grand parents, etc. No one is too old or too young, or too non-techie, to learn a little computer programming. It can be really fun and easy.
Invest an hour over the holidays! You won't regret it. Or at least watch the 2-minute video that is the first link in the "Easy Computer Programming" row of my links page.
Even if you have no real interest in computer programming, it's useful to see what the possibilities are, so you know what you can and cannot reasonably expect computers to do for you.
Or, if you are already a skilled programmer, this may be a way to learn a new language or technology. Or a chance to mentor someone by doing some of the tutorials with them.
Thanks to Stephen Lafredo for telling me about the "Hour of Code" campaign!
--Fred
Internet Shortcuts
Original Version: 11/9/2014
Last Updated (entire tip): 11/24/2014
Last Updated (WhatsForDinner): 1/16/2019
Applies to: Internet, World Wide Web
If you go to the same Web site often, you may like to create a shortcut to get there.
You probably already know how to create a "bookmark" or "favorite" in
your browser. And you probably already know that on Mac, Linux and
Windows, you can create a "shortcut" icon on your desktop to
take you directly to a site.
Since I spend most of my time at the command line (Mac, Unix, Linux, or
Windows), I've created many command line shortcuts. Such shortcuts
are more powerful than mere bookmarks, favorites, or desktop shortcuts
because they can take parameters to help you drill deep into a web
site to the exact page you want.
Each shortcut on Unix (including
Mac OS X and Linux) is an "alias" (see Aliases)
or a "shell script" (see Writing
a shell script) and typically uses the "open" (Mac) or "xdg-open"
(Linux) command to open a URL. Each
shortcut on Windows is a "batch
file" (see
Batch File Tips) and typically
uses the "start" command to open a URL. Most of the names
are very short and easy to type (g, o, ff, ...) but with command line
completion, even the long names are convenient. The scripts
and batch files can be used directly at the command line or called from
other scripts and batch files.
Here are some Mac examples:
- General:
- Search/Social:
- Music/Entertainment
- Financial/Business:
- Weather/Transit
- Computer
- Job/Technology Trends
-
Computer Programming
- Network Solutions
- Amazon AWS web console
- Amazon AWS status page
- GitHub
- Git Pro book
- Git community book
- Git docs
- HTML docs
- CSS docs
- CSS selectors
- JavaScript docs
- jQuery docs
- CoffeeScript docs
- Python docs
- Python testing docs
- Python testing assertions
- Python/Django docs
- Python/Django book
- Python/Django testing docs
- Python/Django testing assertions
- Android docs
- Java docs
- Groovy docs
- Groovy Java docs
- Groovy/Grails docs
- MongoDB docs
- MongoDB Java API docs
- MongoDB manual
- Puppet docs
- Salesforce docs
- Salesforce ERD
- Sauce Labs
- Authorize.net
- Authorize.net Credit Card API docs
- Authorize.net eCheck API docs
- Authorize.net response analyzer
- py-authorize docs
- py-authorize bugs
- Fred
-
HelpHOPELive (Fred's client)
- Bitbucket commits in specified browser
- Check every specified number of secs to see if the web site is up
- Search wiki for specified words, in specified browser
- Open Glossary page at the wiki, in specified browser
- Download a local copy of the wiki
- Search local copy of the wiki for specified words, in specified browser
- Open specified ticket number, or search for specified words in a ticket, or show all tickets, or create a new ticket at Jira repo, in specified browser
- Open the Fred Release Notes filter at JIRA repo, in specified browser
- Open the specified Axure UI/UX mockup
-
WhatsForDinner (Fred's client)
- Bitbucket in specified browser
- Bitbucket commits for mobile app in specified browser
- Bitbucket commits for REST API in specified browser
- Search wiki for specified words, in specified browser
- Open specified ticket number, or search for specified words in a ticket, or show all tickets, or create a new ticket at Jira repo, in specified browser
- Trello in specified browser
- Uberconf for specified channel in specified browser
Try them out! Download the scripts to your Mac, Unix or Linux computer,
or write the equivalent Windows batch file.
These are some of the web sites I use most often, which is why I bothered
to create scripts for them. For thousands of other useful links,
see my links page: http://bristle.com/~fred.
Any others you would recommend?
--Fred
Slideshow Presentation Software
Original Version: 10/23/2009
Last Updated: 12/4/2014
Applies to: Internet, World Wide Web
Want to give a presentation with simple HTML pages as your slides?
In 2009, I was asked to give a guest lecture on Cloud Computing at Penn State. I was faced with the horrible prospect of having to use Microsoft PowerPoint -- the world's worst presentation software. I wanted just a few simple features:
- Scale the font if the people in the back of the room ask me to
- Scroll down if the scaled slide becomes too long to fit on a single screen
Since PowerPoint can't do either of these (and is expensive, and runs only on Windows, and is hard to use, and limited and clunky, etc.), I decided to write my own, with each slide as an HMTL page and a little JavaScript and CSS to tie them together. It turned out to be really easy to implement the above features, as well as:
- Runs in any browser, on any computer, tablet, or phone
- Each slide is a URL to a local or remote HTML page, so you can mix demos, live Web sites, etc., into the slide deck seamlessly
-
Manual advance:
- Next/Previous slide with Right/Left arrow key
- Next slide with mouse click or Enter key
- Enable/disable mouse click with "m" key
- First/last slide via Home/End key (fn-Left/Right on Mac)
-
Auto-advance:
- Auto-advance on a timer
- Enable/disable auto-advance with "a" key
- Disable auto-advance if user does a manual advance (mouse or arrow keys)
- Auto-advance faster/slower with Plus (or Equals) / Minus keys
- Shared background image, scaled to fit any window
- Shared header/footer on all/some slides
- Current/Max page counter shown in footer
- etc.
and of course, all the basic slideshow stuff:
- Bullet/number lists nested to any depth
- Tables
- Graphics
- Sound effects
- etc.
I wrote it over the weekend, just in time to give my talk. As a mental exercise, I did it all with old-fashioned HTML <div> and <frame> elements, manipulating the src attribute, and using onload events and timers. These days it would be even easier to write, doing the Ajax via XmlHttpRequest or jQuery, and using callbacks, promises, etc.
I open-sourced the whole thing and put it at my Web site along with the CloudComputing talk. See:
-
My Cloud Computing talk:
http://bristle.com/Talks/CloudComputing/current/
-
The Presentation.js file from my reusable Open Source JavaScript library:
http://bristle.com/opensource/jslib/com.bristle.jslib.Presentation.js
-
A sample empty presentation using Presentation.js:
http://bristle.com/opensource/jslib/com.bristle.jslib.Presentation.Example.htm
-
Other parts of my Open Source JavaScript library:
http://bristle.com/opensource/jslib/
-
My other Open Source libraries:
http://bristle.com/opensource/
-
Javadocs for my Open Source Java library:
http://bristle.com/opensource/javalib/docs/api/public/
In the years since 2009, lots of other people have created similar HTML/JS/CSS presentation tools. Many of them are much fancier than mine, but they are all the same basic idea -- JS and CSS driving HTML pages as slides. So you can create your slides in any one of them without getting locked into it. If you prefer another, simply cut/paste the HTML into it. See links to a dozen or so in the "Slideshow Presentation Software" row of my links page:
--Fred
Wearables
-
Jamming Cell Phones
Original Version: 5/30/2016
Last Updated: 5/30/2016Jamming cell phones is illegal, but here's an interesting article on how and why various people did it anyhow. Also the author's comments on better ways those people could have solved their real problems.
- http://www.itworld.com/article/3076098/mobile-wireless/what-are-phone-jammers-trying-to-tell-us.html
Interesting ideas:
- Jammer in car to make drivers around him hang up and drive more safely
- Jammer carried on commuter train to make passengers around him hang up, for peace and quiet
- Performer required audience to put cell phones in individual locked radio-proof Yondr bags
- Smart Earbuds (see next tip)
-
Prevent cheating on exams:
- Phone in underwear, microphone in shirt, earbud -- whispered to buddy
- Glasses w/camera -- sent picture of questions to buddy, answers texted back
- Should just do open-book ("open smartphone") exams since the people taking the tests will realistically always have the Web available to them in the future anyhow. It's not so important to know stuff, as to know where to find it.
--Fred
-
Smart Earbuds
Original Version: 5/30/2016
Last Updated: 7/4/2016Here's a cool idea. Smart wireless earbuds that connect you to the Internet, cancel out unwanted noise around you, and give you super-hearing.
Interesting ideas:
- Stream music from local storage, phone, or direct from Internet
-
Cancel noise:
- Sound of crying baby
- Traffic noise
- Crowd noise at concert
- Loud annoying music in public places
- Hear only within 10 feet
- Cancel all noise to concentrate on a task
-
Focus sound:
- Place paired wireless microphone near TV to hear it better
- Point directional mike at friend in noisy restaurant
- Hear speaker better in a noisy lecture
- Eavesdrop across the room
- Tivo-style instant replay -- No more "what did you say?"
- Record conversations, take notes
- Entire cell phone embedded in earbuds, not held in hand
- Hear phone calls in noisy places, cancelling background noise
- Digital Assistant like Google Home, Amazon Alexa, Apple Siri
- Fitness monitor: heart rate, oxygen, calories, pace, distance, etc.
- Natural Language Translation (English, Spanish, etc.)
-
Other "disappearables"
- Smart contact lenses
- Smart tattoos
- Implants
- Dental crowns
Some early products:
- Doppler Labs' "Here One"
- Bragi's The Dash
- The Pilot
--Fred
Phones
-
Use Airplane Mode to reset your phone
Original Version: 2/11/2020
Last Updated: 2/19/2020Here's a great tip I got from Marc Canonica at the Verizon store in Frazer PA:
Use Airplane Mode to reset your phone's communication subsystem.
I told Marc that I'd been having intermittent problems with my aging Android phone. Sometimes, it can't find a nearby cell tower, even though other Verizon phones can. Sometimes, it can't find a GPS signal when my car's GPS and other people's phones can.
Some of this may be related to the fact that I generally get really lousy cell reception at home, since I'm in somewhat of a dead zone. And because my aluminum siding may block the signal. And because my 1960's "rock lathe" walls have a wire mesh in them that blocks the signal. Yes, my entire house, and each room in it, is a "Faraday Cage"! WiFi from room to room is weak, so it pays to line up with doorways. And cell reception is better outside the house than inside.
After a while, my phone seems to give up, and show zero bars. And then when I drive away into areas with strong cell reception, it stays at zero. Until I power it off and back on. Bummer!
I've had the phone for 5 years, and I've had the SIM card replaced twice, which has always made a big difference for a few weeks or months. But the problem comes back after a while.
And now the GPS is getting flaky too. While driving and navigating, it often says "GPS signal lost" and stalls out for a while. Or runs really slow, telling me to make turns after I've already missed them. Useless! Again, powering off and back on fixes it.
Marc's first thought, quite reasonably, was "Buy a new phone!" But I said I didn't want to do that yet. Especially since my previous phone had the same problems. And because I'd been tempted to do that a few years ago, until a Samsung employee at Best Buy tried a bunch of things and then suggested I go to the Verizon store for a free new SIM card. That idea has kept this phone going for another couple years. Maybe he has a similar good idea for me?
So Marc helped me check the storage on the phone and we discovered that the 32GB was almost entirely full. Flushing the cache for the apps recovered almost 16GB, so the storage was now half empty. Brilliant idea! As a computer guy, I should have thought of that myself! But, shouldn't a temporary "cache" have been getting flushed as needed anyhow, to make room for other storage needs?
In any case, in the 3 days since then, that hasn't helped any. Bummer!
Marc also mentioned that both problems (zero bars, and GPS) were communications problems. So, he offered to show me how to reset the Communications Subsystem of the phone. Great idea! Let's try that! Even better, he said, if you just put the phone in Airplane Mode, it turns off the entire Communications Subsystem. And when you turn Airplane Mode back off, it restarts and reinitializes the Communications Subsystem.
Just like re-starting your phone, but faster and easier. And any ongoing navigation should resume immediately. Nice! I love it!
I've done that a couple times, as needed, in the past few days, and it's worked pretty well. So, yeah, I'll have to get a new phone soon. But not today!!!
Maybe you can extend the life of your aging Android or iPhone in the same way.
Thanks, Marc!
--Fred
Spam
-
Chain emails
Original Version: 4/1/1989
Last Updated: 5/16/2020Tired of "chain emails"?
- Emails from friends and family, asking you to forward some cute or funny saying, or your favorite recipe, or a prayer or something to at least 20 people and see how many you get in return
- Pyramid schemes to send small amounts of money and get rich
- Threats of bad luck or disapproval if you "break the chain" or miss the deadline
- Stories of some new threat like having all your organs harvested and waking up in a bathtub full of ice, telling you to warn all your friends before it happens to them
- Feel-good items like sending a greeting card to a dying child to help him break the Guiness World Record for most cards
What to do when you get one:
- Delete it
- Reply to the sender saying that you don't do chain emails, perhaps with a polite explanation of why not
- Forward them this link (the article you're reading now):
What to say if you silently delete it, but the sender asks later:
- Must have gone to spam
- I forwarded it to Google in case they didn't have it -- now everyone can see it
- I posted it to Facebook but people unfriended me, so I deleted it
- Go all Tom Mabe on them, with a truly elaborate scheme, like asking them to send you more and more info to include when you forward it:
- Other ideas? I'll add them here.
What to do now:
-
Quick!
Forward this email to everyone you know with the subject line
-
Fwd: Fwd: FWD: Fwd: Fwd: Re: Fwd: Really cool!!!!!
- Or not
Here's an interesting (but long) New Yorker article on the topic:
--Fred