YouTube Center is good software. It’s an unofficial browser extension to make YouTube work better. Works in most browsers; for Chrome you download the Opera .crx file and drag it into the Tools/Extensions page.
What does it fix? #1 thing is it lets you disable DASH playback, the nonsense YouTube implemented a couple of years ago. In theory DASH makes videos play faster and more efficiently; in practice it’s the crap that makes it impossible to pre-buffer a video or seek backwards while playing. YouTube Center also does a good job at resizing the video window to use more of the screen, so that a 720p video actually has a 720 row high window to play in. I also use it to prevent auto-play and to select the video resolution I prefer.
The main drawback is that there are too many configuration options, many of which you don’t need. Classic hackerware; the author lets you configure everything, so it’s up to the user to tune the few things they really need to set.
I’ve used a few “fix YouTube” extensions in the past that were flaky or broke when YouTube changed something. This one seems to be working for me. I don’t understand why Google’s let their video product get so crummy that it’s necessary to hack it like this.
Here’s something ugly, the whois response for pirate book site readanybooks.net. Below is an extract of the interesting parts that both MacOS and Debian’s whois display.
$ whois readanybooks.net Domain Name: READANYBOOKS.NET Registrar: XIN NET TECHNOLOGY CORPORATION Whois Server: whois.paycenter.com.cn Name Server: RICK.NS.CLOUDFLARE.COM Billing Contact: Name : li xiaoing Email : email@example.com <script src= "http://img2.xinnet.com/d/js/acmsd/thea178.js"> </script>
Huh? What’s an HTML tag doing in this whois response? And under what circumstances might that script tag be executed? I can imagine a naïve Web interface just injecting that script wholesale into my browser. Every way I load the referenced script it seems benign (right now), but that’s an attack vector waiting to happen.
The Elgato Game Capture HD is good hardware. For $150 it captures HDMI video and audio from a game console and writes it to your computer’s hard drive. I bought it because Grand Theft Auto V was so astonishly beautiful I wanted to capture some of what I was seeing. There’s nothing particularly game-specific about the product, I think it’d work to record any unprotected video source.
The device is an HDMI passthrough. HDMI in, HDMI passed through (no delay), video also compressed and sent via USB to a computer with (few seconds delay). The native output format is an MP4 container with H.264 video and AAC stereo audio. The capture software is remarkably good; simple capture controls and live streaming to sites like Twitch. There’s even an easy little editor for extracting excerpts and uploading to YouTube or whatever.
There are a few drawbacks. The device doesn’t seem to support surround sound and only allows stereo input, so no surround sound is possible via HDMI. Also it has to be powered even to pass through video. Between those two hassles I don’t feel like I can leave my game console plugged into it all the time, so instead I’m swapping cables when I want to use it. Also it can’t quite do 1080p at 60fps, not a problem quite yet but soon to be one.
Still for $150 it’s a pretty capable video encoder. If you need a cheap way to capture HDMI, it’s worth a look.
Every time I travel I refresh my apps designed to be used when the iPhone is offline. These apps all cache data so I can use Wikipedia or a map without a WiFi or cellular connection. I started doing this because international roaming data was so expensive but the apps are now good enough that I think I will use them even when I’m home. Cached data = fast! Here’s the best of the lot, I believe all these apps are available both for iOS and Android.
ForeverMap 2: OpenStreetMap. Download a few hundred megabytes and have a map of a whole country in your pocket. Routing too! Map data quality varies based on OSM coverage (it’s great in US and most of Western Europe). The rendering and usability of the app is fantastic. They also have a turn based navigation program I haven’t tried. I’m amazed Apple hasn’t yet bought Skobbler to help fix their maps problem.
Wiki Offline: Wikipedia. Download 4GB of English Wikipedia once, read forever. The formatting is finally good enough that most articles come through unscathed. Only thing missing is the pictures. Being able to wikidive without waiting for network is terrific.
Triposo: travel guides. Triposo scrapes open data sources like Wikipedia, Wikitravel, OSM, and Flickr and then compiles it into a usable offline travel guide on your phone. It’s great for answering the question “what are the three things I should see in this town, and where should I have lunch?”.
Ascendo dictionaries. There's a zillion low quality free translation dictionaries out there, this one seemed to have a decent German database and work well offline.
Another reason to end passwords as a method of authentication is the poor usability of strong passwords on mobile devices.
Sorry if this is stating the obvious, but the lack of usability of strong passwords on my iPhone and iPad is a big part of why I don’t log into sites on mobile devices.
Google has reduced itself to outright spamming users to promote its products. Here’s a screenshot of an email I got today about Google’s failing payments product, Google Wallet. Note the footer, the email is marked “You have received this mandatory email service announcement to update you about important changes to your Google Wallet account”. What are those important changes?
In summary: four ads for Google products, one ad for random other companies that happen to use Google Wallet, and zero important changes. I guess I should block firstname.lastname@example.org?
It’s cliché now to point out how disappointing Google, Inc. has become. But this seems bad even for the trend. All that’s missing is the “+1 on Google+” button.
One of the great failures of the Internet era has been giving up on end-to-end encryption. PGP dates back to 1991, 22 years ago. It gave us the technical means to have truly secure email between two people. But it was very difficult to use. And in 22 years no one has ever meaningfully made email encryption really usable.
A big part of the problem is the architecture of Internet services. Most of us host our email on a third party server like Gmail or Lavabit or whatever. That makes true end-to-end encryption very difficult. Instead we have to trust our hosting service with access to our email, and as we find the government can compel them to rat you out (or simply break in).
We do have SSL/HTTPS, the only real end-to-end encryption most of us use daily. But the key distribution is hopelessly centralized, authority rooted in 40+ certificates. At least 4 of those certs have been compromised by blackhat hackers in the past few years. How many more have been subverted by government agencies? I believe the SSL Observatory is the only way we’d know.
The cypherpunks movement foresaw all of this surveillance risk. It outlined principles and technologies to protect individuals from both evil hackers and overreaching governments. It failed to actually implement it.
originally a Metafilter comment
Rapportive is a good web service. It’s a browser extension for Gmail that puts information about correspondents in a sidebar. Here’s an example screenshot. It shows Tim’s face, his location, his jobs, and details from social media like Twitter, Facebook, etc.
The UI is quite nice, the way it sits next to my email without calling attention to itself. I regularly find helpful context on random people in my mailbox. The data mining is pretty good, I suspect they’re leaning heavily on LinkedIn for location, titles, etc. Gmail is the current application but the profiles they’re building on people could have enormous value in a variety of contexts.
Apparently I’m late to the party; they got all their press in 2010 and were bought by LinkedIn last year. Not sure why I hadn’t heard of it before. It’s a bit uncomfortable how deeply it links into Gmail, but it’s useful enough I’m giving it a try.
Last weekend I gave a talk about TopoJSON at State of the map US, the OpenStreetMap conference. TopoJSON is an extension of GeoJSON that encodes topology, enabling interesting visualizations and making for smaller files. The video of my talk is online, you can also see my slides.
The talk is an overview of what TopoJSON is. I also compared the sizes of TopoJSON files to the same data in GeoJSON and found TopoJSON files are about 25–50% the size of the equivalent GeoJSON after gzip. That’s without simplification and GeoJSON rounding comparable to TopoJSON quantization. You get space savings even when there are no shared boundaries, although obviously you get more with shared arcs.
One of the most exciting talks at SotM US was Dane Springmeyer’s talk on what MapBox is doing with their PBF vector tiles. They’ve done a lot of work on making high quality vector data available for cartography. They found they only need to prepare tiles to z=14 (about a square mile); at that scale you can just make the tile encode all features to full precision. They are able to render all of the OSM data for MapBox Streets into just 30GB of tile data in about 100 CPU hours. That’s quite manageable; very exciting.
Dane and I took a quick look and I think their PBF tiles are about the same size as TopoJSON tiles, maybe 15% smaller. OSM data doesn’t have many shared boundaries, so the main thing TopoJSON is doing is delta encoding of arcs. MapBox tiles also use delta encoding. Their PBFs also encode properties more efficiently than JSON, but after gzip I think the difference is less significant.
I no longer really use passwords to log into websites. Instead I use an authentication agent that lives in my browser and proves my identity to websites. Sadly, the authentication protocols of the Web require sending my secret token rather than doing some safer public key protocol. And the details of figuring out how to transmit the token to each website are needlessly complex.
To put it another way, passwords are completely broken; even strong passwords like “qeadzcwrsfxv1331” are crackable. With LastPass in my browser I literally do not know what my password is on pretty much every one of the 479 websites I log in to. I already run a complex authentication protocol. The stupid thing is that it’s a very bad protocol, involving stuffing secrets into random form elements on the web page.
Mozilla Persona is a strong proposal for how to end passwords in a better way, at least for desktop computers. And Tim Bray has lots of good notes on the authentication and identity. I still think OpenID is sufficient, or maybe the newer OpenID Connect system. Hell, at this point I’ll accept log in with Facebook or Google+ Sign-In. But whatever it is needs to be universal. And it really should be vendor neutral.