<body><script type="text/javascript"> function setAttributeOnload(object, attribute, val) { if(window.addEventListener) { window.addEventListener('load', function(){ object[attribute] = val; }, false); } else { window.attachEvent('onload', function(){ object[attribute] = val; }); } } </script> <div id="navbar-iframe-container"></div> <script type="text/javascript" src="https://apis.google.com/js/plusone.js"></script> <script type="text/javascript"> gapi.load("gapi.iframes:gapi.iframes.style.bubble", function() { if (gapi.iframes && gapi.iframes.getContext) { gapi.iframes.getContext().openChild({ url: 'https://www.blogger.com/navbar.g?targetBlogID\758211560\46blogName\75Tech+Tips,+Tricks+%26+Trivia\46publishMode\75PUBLISH_MODE_BLOGSPOT\46navbarType\75BLUE\46layoutType\75CLASSIC\46searchRoot\75http://mvark.blogspot.com/search\46blogLocale\75en\46v\0752\46homepageUrl\75http://mvark.blogspot.com/\46vt\75-5147029996388199615', where: document.getElementById("navbar-iframe-container"), id: "navbar-iframe" }); } }); </script>

Tech Tips, Tricks & Trivia

by 'Anil' Radhakrishna
A seasoned developer's little discoveries and annotated bookmarks.

Search from over a hundred HOW TO articles, Tips and Tricks

This Week I Learned - Week #107

Sunday, April 26, 2015
This Week I Learned -

On 22 April 2015, Microsoft announced an extension to the Online Services Bug Bounty program to include various Microsoft Azure properties.The Online Services Bug Bounty program gives individuals across the globe the opportunity to submit vulnerability reports on eligible Online Services (O365 and Microsoft Azure) provided by Microsoft. Qualified submissions are eligible for payment from a minimum of $500 USD up to $15,000 USD.

The website Plain Text Offenders publicly shames sites which store plain text passwords.

You've heard of the hamburger menu. This is how the Kebab menu looks -

Navinder Singh Sarao trading from his home caused the flash crash of 2010 after asking someone to help him build a spoofing robot

A pox party (also measles party, flu party etc.) is a social activity where children are deliberately exposed to an infectious disease, supposedly to promote immunity. Such parties are typically organized by anti-vaccinationists on the premise of building the immune systems of their children against diseases such as chickenpox and measles (which can be more dangerous to adults than to children) or flu. Such practices are highly controversial and are discouraged by public health officials in favor of vaccination. In the third episode of the seventeenth season of The Simpsons, "Milhouse of Sand and Fog", Maggie gets the chicken pox. Inspired by Flanders' suggestion of purposely exposing the boys to the chicken pox, Homer invites all the neighborhood kids over to the Simpson house for a "pox party" (at $15 a pop).

Four Arab civil wars under way - in Iraq, Syria, Libya and Yemen. The current conflict in Yemen involves a Sunni coalition led by Saudi Arabia and Iran, which backs the Houthis, who are Shias - The Economist

With 395 articles the Constitution of India is one of the longest and most detailed in the world

Sony has a 30% value share in LED televisions in India & about 10% in smartphones

India is Xiaomi's largest international market outside China. It is launching Mi4i first in India.

"Either a man is happy or married"


End-user problems with native mobile apps

Saturday, April 25, 2015
With the proliferation of smartphones, there has been a huge growth of native mobile apps as well. One of the biggest advantages of a native app is that it can leverage internal features of the native mobile device's OS ("a closed ecosystem") that are not available to a mobile web app.  But are all native mobile apps as helpful as they look?

Troy Hunt makes some great points on security & privacy issues with native mobile apps. Highlights:

* In the browser world, there are tools to opt out of invasive tracking by websites. But in the mobile world, there is no equivalent, certainly not within a platform like iOS where third party apps can’t be used to intercept your traffic. gender, birth date and mobile number. mobile apps provide access to classes of data that are simply unobtainable in the browser and you can't block access to it like you can with anti-tracking tools in the browser

*  There are third party tracking services (like Gomeeki which calls itself euphemistically a “Multi-Screen Engagement Agency”) used by native mobile apps which transmit personally indentifiable customer (PII) data over a plain HTTP non-secure connection.

* The PayPal app tracks among other things the following key bits:
1. BSSID: This is the unique device ID of a router which is the same as the MAC address. Google got themselves into hot water for siphoning this up via their mapping vehicles a little while back because that one unique ID ties back to my precise device.
2. Device model and name: You could argue that comparable information is sent via your browser courtesy of the user agent, but that would only apply to the model and not the name of the device which is explicitly not passed in requests. This is private – it’s my device name.
3. Internal IP address: The internal address assigned to my iPhone via the router when it associated to the network. This can give a sense of how many devices are on the network.
4. Location: There’s my lat and long again and for all the same reasons I don’t really want to share it with Aussie Farmers, I also don’t really want to share it with PayPal.
5. SSID: We’re talking about the name of my internal network here. I name mine in a non-identifying fashion because frankly, I want to keep it somewhat private and that’s from those in my immediate vicinity, let alone those on the other side of the world.
6. Storage space: Ok, so it’s a 128GB iPhone, do they really need to know that? Back to the user agent comparison, this is not the sort of stuff that’s typically “leaked” by generic requests to the web because it’s an internal metric of no external consequence.

There are no agencies to certify whether an app follows good security & ethical practices & it can help if App Stores can also examine this area and approve

Labels: ,

This Week I Learned - Week #106

Sunday, April 19, 2015
This Week I Learned -

There are numerous learning videos on PowerShell on Microsoft Virtual Academy featuring the inventor of PowerShell, Jeffrey Snover

* In the US, 7 out of every 8 minutes on mobile devices is spent within apps

Google Handwriting Input allows you to handwrite text on your phone or tablet in 82 languages. By building on large-scale language modeling, robust multi-language OCR, and incorporating large-scale neural-networks and approximate nearest neighbor search for character classification, Google Handwriting Input supports languages that can be challenging to type on a virtual keyboard.

Jan Koum and Brian Acton's messaging app, Whatsapp is 50% bigger than global SMS with 800 million monthly active users

* Trivia - It is strange that the menu options in Word Online show up randomly on the right or left

* Flipkart generates about 75% of its traffic from the mobile app, while that number is 90% for Myntra. Myntra plans to close its desktop site on 1 May. Payment failure rates are significantly higher on the mobile because of inconsistencies in mobile Internet speed, which also hurts the user experience on the mobile. Flipkart claims to have 26 million registered users - Live Mint

* Tata Consultancy Services (TCS) has employees from 122 countries with women accounting for 33% of the workforce. Its utilization rate is 81.5% (including trainees)

Cockroaches in your home have the potential to lead to two health issues: First, the little buggers can contaminate your environment by leaving droppings and bacteria scattered around your home, including antibiotic-resistant strains. These bacteria, like salmonella, can cause issues such as food poisoning. Yikes! Second, cockroaches can leave behind tiny parts of their body that can settle in the dust in your home. These “cockroach allergens” are known as a major contributor to allergies, asthma, and other breathing problems...it’s estimated that if you see one roach, as many as 800 more could be hiding away somewhere nearbyGo Ask Alice!

The accelerometer is a built-in electronic component that measures tilt and motion. It is also capable of detecting rotation and motion gestures such as swinging or shaking. The most common use for it is to activate auto screen rotation on mobile devices when the user changes their orientation from portrait to landscape or vice-versa. Another modern application for the accelerometer is to control the mobile device music player with gestures. Accelerometers are also utilized for enriching the gaming controls (navigating by tilting the device instead of by pressing keys). Another popular mobile phone feature based on an accelerometer is turn-to-mute. It allows user to mute an incoming call, silence an alarm or pause the mobile music player simply by turning the device face down.

Form factor refers to the general look, or size and shape, of a mobile device. All mobile phones are similar at the physical style level. Most devices fall into one of the following categories: Bar, Clamshell, Flip down, Slide or Swivel. Mobile manufacturers come up with new designs, but the base they use is normally one of these form factors.

A budget calculator to track monthly expenses in the future

* In internet culture, an image macro is an image superimposed with text for humorous effect.


This Week I Learned - Week #105

Sunday, April 12, 2015
This Week I Learned -

SLA for a single instance VM on Basic / Standard tier of Azure Website is 99.95%

* Microsoft's Office Lens native mobile app trims, enhances and makes pictures of whiteboards and documents readable. Office Lens can convert images to editable Word and PowerPoint files too.

* Microsoft’s own IT department, is taking measured steps in deploying the more than 1,300 line-of-business applications to the Cloud

* Google Store uses 32 digit order numbers.

* I read about PopChartLab twice in a single day from different sources. Their visualization work reminds me of GapMinder & Gramener

* Google Maps can help you find all petrol filling outlets in a city

* Private banks in India like ICICI & HDFC do a better job than public sector banks. The competition between the private banks is helping customers avail more features online. HDFC now makes it possible to file form 15G/H online to avail TDS waiver.

* Some banks in India offer their native mobile apps directly through their site instead of hosting it the app stores of mobile platforms where there is some security vetting. I feel the encouragement of native apps by  influential companies to lay users who cannot distinguish the official apps from phishing apps is a bad precedent. The Reserve Bank of India had to issue a public notice that a fraudulent bank account mobile app impersonating their branding was not actually built by RBI.

* Guruvayur temple in Kerala has 90 elephants

* The size of Africa = United States + China + Europe + India + Mexico + Japan

* The Hagia Sophia monument in Istanbul was constructed in the sixth century as a church, It was converted into a mosque and then into a museum.


This Week I Learned - Week #104

Sunday, April 05, 2015
This Week I Learned -

Azure Resource Explorer is a new web site where you can discover the Azure Resource Management APIs

* The majority of all functionality of the SQL Server is now available within Azure SQL Database v12. The list of unsupported functions and functionality are almost all directly related to stuff that is primarily about server and OS management, not things you worry about with PaaS (Platform as a Service).

The Heartbleed SSL vulnerability was a turning point for Linus's Law (Eric Raymond, in The Cathedral and the Bazaar, famously wrote "Given enough eyeballs, all bugs are shallow.". The idea is that open source software, by virtue of allowing anyone and everyone to view the source code, is inherently less buggy than closed source software. He dubbed this "Linus's Law"), a catastrophic exploit based on a severe bug in open source software affected about 18% of all the HTTPS websites in the world, and allowed attackers to view all traffic to these websites, unencrypted... for two years - Coding Horror

* Google made their bug-bounty contest Pwnium, their Chrome specific variant of Pwn2Own, no longer a yearly event but all day, every day and increased the prize money to "infinite".

Amazon product reviews can be funny too & have comic strips about them

* The so-called 'Paypal Mafia' consisting of distinguished alumni of Paypal (Elon Musk, Peter Thiel, Scott Banister, Max Levchin, Jeremy Stoppelman, Keith Rabois, Roelof Botha) backs start-ups like Uber, Airbnb, Palantir, SpaceX, Square, Pinterest, Stripe.

Digital Attack Map  displays DDoS attacks happening around the globe in real time. Google Ideas worked in partnership with Google's Big Picture Team to design and develop the Digital Attack Map. Google Ideas is a think/do tank at Google that explores how technology can enable people to confront threats in the face of conflict, instability or repression. The "Big Picture" team, a part of Google research, creates interactive visualizations by blending algorithmic, data-driven approaches with fluid design to make complex data more accessible.

McDonald’s founder Ray Kroc sold paper cups and milkshake mixers till he was 52 & John Pemberton invented Coca Cola at 55

* It takes Jeffrey Archer about 40 to 45 days to write the first draft of a book which is about 300 hours and 14 drafts or 1000 hours to complete a book - The Hindu

* At 1.8 million words, the Mahabharatha is one of the largest epics – roughly 10 times the size of the Iliad and Odyssey combined.  Using text analytics and text visualisation, Gramener's Mahabharatha browser provides a simple interface to browse the full text of the Mahabharatha and find where the characters appear - Gramener blog

* "It is believed that only 3 Lok Sabha MPs opposed 66A, the remaining 540 did not". Section 66A of the Information Technology Act 2000 which curbs the freedom of speech of Indians has been struck down by the Supreme Court of India after a 24-year old law student Shreya Singhal filed a Public Interest Litigation (PIL) in 2012.