All posts by Kris

About Kris

Hardware hacker, technology integrator, and maker. He enjoys staring blankly at code, voiding the warranty, and touching things in the back. When not doing that he is building and racing a rally car.

Content (not surprisingly) is (still) King

Long time no post? Yeah… I was off building content on other sites instead of pushing content to my own. I spent some time with twitter and facebook. I did some advertising. I did some experiments, and I’m back to where I am the decider!

Monetization; Nothing is ever really free, and recently the squeeze of the all mighty dollar has been put on social media. Twitter was used to directly push eyeballs to NBC for the Olympics this year and Facebook has been slowly filtering out your feed. Now with fresh API’s and IPO’s respectively, social media is using every trick in the bag to get advertisers and it’s audience together.

Both sites control media, content, and make filtered decisions on your behalf. Remember when you saw EVERY post from your friends on facebook? They started to slowly show more of the people you interacted with. A year ago they implemented a subscribe feature that no one can figure out and opts everyone out of your feed. Soon you were asking your friends: “When did you post that?!” because FB decided that it wasn’t important. Facebook Pages are in even worse shape. Only 30% of the people that like your page will be shown any particular update from that page. “Will be shown” as in – 70% just won’t ever see it on their feed unless they directly go to your page, or you pay for that update to be promoted. Twitter has a similar model that suggests people follow you and pushes your tweets to their page.

One of my close friends liked Verizon on facebook. Or at least facebook told me that they did. Are you kidding me? Verizon has a pretty good network, but no one actually likes them. This made me suspicious and it turns out this is just another advertisement option trick.

Third party apps suffer: What I want is an app that will broadcast my words across multiple channels and outlets. I want an app that reads and parses everything from all outlets under my control. Post to facebook, twitter, wordpress, google+, etc. Show your entire timeline, all tweets, all posts. The reality is that those apps are being crushed or filtered so badly that no one will see the content when it gets there. Nothing is ranked higher then you typing an update directly into Hootsuite, Seesmic, Twitter, SMS, etc. will all be ranked lower (show up on less feeds) then your eyeballs on their site and their apps – looking at their ads. Google+ doesn’t even play the game. You just can’t post on G+ if you’re not on the page or using their app.

Why are we playing this game? It’s only going to get worse. We are social creatures, but at what (Buy Coke) point is the (Doritos) interaction going to be (Target) spoiled? Twitter just feels like a bunch of people yelling on mountaintops with no engagement happening. I have evidence to suggest that facebook just makes up demographic data. For example I ran an ad targeting anyone in the US that likes “rallying” OR “WRC”. It was over 250,000 people?! I can tell you that this demographic is more like 10k to 15k people on it’s best day – and that’s if I count the 25% of the population that is NOT on facebook!

Push them to the website: I’m retreating to safe waters. I pay for the server, I have a pro flickr account, my rally blog runs some ads to cover the $90 a year, and I get to post and promote whatever I want. I’ll still be on the social networks, but my goals have changed. I just want people to visit my sites and enjoy my work. If they’re interested they can sign up for updates via email or RSS. Google search loves unique content and is more likely to find viewers then a lousy facebook ad. I’m experimenting with and a microblog with microposts on Instead of content ending up there, content STARTS there, where it remains king.

WordSequence For KeePass 2 = XKCD Passwords

If you’re not familiar at all with the title, click here to check out the fabulous comic in question.

“Lolz” right? Well I completely agree with it – and I’m finding that my passwords are getting longer and longer and you really have no hope of remembering them. Take at look at this monster: !J$?e04uGh=eDP (89 Bits) You have no choice but to store this in a program like KeePass, never actually look at it, and hope that your password database stays backed up. 🙁

Password enforcement has gotten better, and worse at exactly the same rate. Here’s an example excerpt from Cal Poly’s password document. (This was discovered when my sister in-law tried 15 times to make a password that she could actually remember for her access):

Passwords must contain at least one character from three of the following lists:
1. Uppercase Alphabetic (A‐Z) 2. Numbers (0‐9) 3. Lower case Alphabetic (a‐z) 4. These Special Characters are allowed: ! $ % & , ( ) * + ‐ . / ; : < = > ? [ \ ] ^ _ { | } ~ These special characters are not permitted: # " @ and the space character

Passwords must not contain any of the following:
1. Your previous passwords used within the last two (2) years 2. Passwords less than 16 characters must not contain any of the following: a. Any words of three or more characters, including non‐English words b. Any groups of three or more characters of the same character type c. Any names, person, places, or things found in a common dictionary d. Any of your names (first, middle, last), any current Cal Poly username e. Repetitive characters (sequences)

The second part ensures that no password can be easily memorized. This string has to be written down. Once it’s written down, the whole reason for having passwords fails everyone, and after staring at the logic for 5 minutes I came up with something like this: 50Fu40Yo (42 Bits)

If you network admins are listening, you need to get over trying to corner users into crazy strings of letters and numbers. Dictionary words are easy to guess, but strings of dictionary words with random characters in there are just as good, if not infinitely better for users to actually remember. Lets look at this example: Wool+BladeFriction5 (105 Bits) A brute force attack is just going to go through every possible character in every possible position, and there’s 19 of them. Now for our ‘easy to remember’ Cal Poly password, the length is only 8 because I would never actually want to make it more then the minimum. Do you want a short useless password that gets written down? Or a long somewhat complex one that is memorized?

The challenge is to make a complex password that is easy to remember. The password should also satisfy usual requirements for length, capitalization, and numbers or uncommon characters. Here’s what I use:
KeePass 2 & WordSequence

Search the web and drop a couple thousand words (I used nouns and prepositions) into the window. I came up with some common substitutions (like @ for a, etc. – ‘b@ke m0re p1e’) and created complex easier to remember passwords like: Cheese4TigerDinner! (88 Bits) Most normal websites would accept this as a excellent password for the length and the special characters, and most humans could remember the phrase: Cheese for tiger dinner!

How to find and organize gmail lost archived items.

Since we started the 21st century, I use the week between Christmas and New Year’s Day to clean house digitally. A synchronization of clocks, time servers, updates, firmware, and yearly maintenance with all things containing zeros and ones. The deleting of old emails, spam, and the archival of a picture folder entitled “2011.”

This year I stumbled on an interesting thing that gmail doesn’t do. It won’t show you mail that doesn’t have a label. Any mail that you “archived” to get off your in-box, without any categorization, dropped into this pit mixed with thousands of other labeled emails. Looking for these orphaned emails would involve looking through hundreds of pages of “All Mail.” I archived them for a reason (to go through them one day) otherwise I would have deleted them. Little did I know that finding these orphans would prove to be a challenge.

“Why do I need to see those old archived emails? If I ever need anything I’ll search for it and find it. “ – you might say.
The answer is the same as why you need a photo album and still like pawing through SkyMall. We are nostalgic creatures and sometimes (at least once a year) like to reflect on the past. Plus, a full catalog of information can result in more discovery. I’ll give two examples: 1. After rescuing my archived items I found a webcam picture of my dad with a cast on his arm. I barely remembered he broke it and seeing this picture gave me the memories back. 2. Listing out every sub-domain for UCI one day resulted in – weird way to find out that the University had its own passport office 1/4 mile from your house and you didn’t need to trek all over Orange County for mini-pictures and wait in a Post Office queue. I never thought either of these things existed and certainly wouldn’t have searched for them.

Gmail ninjas know about the Gmail advanced search options, but even here it specifically states: “There isn’t a search operator for unlabeled messages” Further searches looking for a fix resulted in a cobbled-together list of all your labels with a minus sign in front to indicate “anything not labeled this or that or etc.” Example: -(label:Subscriptions OR label:Ebay OR label:Rally OR label:Receipts) For some of you that never adopted labels, or only use 3 of them, this is great and might just work! For the rest of us, I noticed that after typing 6 or so of them into the search box and tried lables that had “Two Words” or “funky-ch@ract3rs/” search started to break. I think that nested labels makes this worse, but I stopped the experiment as I currently use 20+ labels.

In order to find your (labeled items archived in-box stuff orphaned never) you’re going to have to make the LIAISON pledge:

I {insert name here} promise to never blindly press the gmail archive button. I promise to make sure that 1 or 2 labels have been attached by filter or by my own key-press AND furthermore I promise to guard the secrets and ways of the Gmail ninja, never using my powers for evil.

Alright ninjas…
Add the ZZZ label

  • Start by making a new label. Something that you can search for in the future like “ZZZ”.
  • You will repeat the next steps many times as you go through all your labeled email.
  • START: View all of the mail in one label and click on the check-box in the upper left to select all mail.
  • At the top of the mail items a message will appear:
  • All 100 conversations on this page are selected. Select all ### conversations in “{your label}”
  • Click the link and now all the mail in that label is selected (be careful here)
  • Choose to add the ZZZ label to you messages:

  • Google with respond with a message. Feel free to click OK.
  • Find the rest of your  labels and tag them with ZZZ. It took me 5 minutes and you’ll never have to do it again.
  • If you still have labeled email to tag with ZZZ goto START
  • See that wasn’t so bad. 😀 Unless you have like 500 labels. 😐
  • If you do have more than 100 labels, I suggest 43 Folders.
  • Done!

Now you can use this magical search string:

-label:zzz -from:me -is:chat -in:inbox

Go ahead and paste that into your email search box. This means: Show me everything that IS NOT labeled ZZZ, that IS NOT from me, IS NOT a chat, and IS NOT already in the inbox. Since you tagged all the email you know about with ZZZ, items orphaned with no labels were not tagged. Your long lost archived items will appear! I had about 150 items that I selected and placed back into the inbox for me to go through in the next couple days.

What’s next?

  • Delete the ZZZ label now that you have no further use for it.
  • Never blindly hit the archive button again. You promised! 🙂
  • Get Google to make a search parameter for “label = null”
  • Enjoy your discovered conversations from the last few years!

Have a happy and prosperous New Year!

mcafeesecure password security fail

I’ve been using KeePass at the office and have really started letting it manage the hundreds of passwords I need to keep track of as a systems admin. Out of all of the sites I use, this one surprised me. The default 20 character KeePass password has failed Really? Too long? For a website security company 16 characters is all you need apparently. Even their giant text box html can handle 40 characters! 🙁

Gap-less play in Winamp – really?!

File this under:Things I should have figured out in 1997.” Today I was listening to The Police – Zenyatta Mondatta very loudly. Between track 2 and 3 there was a dramatic gap that I could fit a truck into. Out of nowhere this made me think: It’s 2010 and I can’t listen to an album in mp3 without half second gaps? I know I tried to solve this problem once in Winamp and probably just gave up on it. Probably because it’s not THAT big of a deal, I missed the right buttons to get it working, or I should have stopped using Winamp 5 years ago. 😐

Well, I still use good’ole Winamp 5.0.5. Why? Because it plays MP3’s. It’s not a: download manager, media database, video player, encoder, weather bug, malware, virus, and it uses 1 process on my PC – not 5 and 3 applications plus 2 services that stay resident in memory should I decide to plug in my portable music player. /rant When it installs by default the gap-less play is not enabled. No time like 13 years later to fix something.

Fix this by going to Preferences (Ctrl + P) / Output / DirectSound / Configure
Set buffer ahead on track change to something more then ZERO. Five hundred worked for me.
Check ‘remove silence at the beginning – end of track’.