A Lost Ball in High Weeds

A portmanteau to hold the random thoughts and musings gallivanting through this huge skull of mine.

Anatomy of Phishing Attack

Here we see a Gmail phishing attach that I received today. Luckily for me, Gmail intercepted this and it was in my Spam folder. I took it out of my Spam folder so you could have a little refresher about how to determine if an email is legitimate or not. Gmail isn’t perfect, so it’s entirely possible you wouldn’t see this attack land in your inbox, but you might see others.

Here are the notables:

A. Reply Address: looks legitimate. Just remember it is ridiculously easy to make any message look like it came from somebody else.

B. Gmail logo. Impressive. Just remember anybody can include any images in their email. Don’t be fooled by logos.

C. MALICIOUS LINK: When you hover over the link, it doesn’t go to gmail at all. Best practice: Never click links in an email. Enter the URL manually, or use a Favorite YOU created. I visited this link — Firefox wouldn’t let me go there because it had been reported as bogus site. Good browsers will do that, but it’s not 100% reliable.

D. More MALICIOUS LINKS: None of these links go to Gmail’s or Google’s social pages. What is our rule boys and girls? That’s right: don’t click links in emails.

E. Awkward grammar: Always a red flag.

F. Awkward spelling/captialization: Another red flag

G. Yet another error. In fact the whole paragraph is suspicious.

And there you have it. Phishing attempt thwarted.

Facebook's ticker privacy scare, and what you should do about it

Here’s the status you should be posting: “If you don’t want your actions broadcast to everyone via the ticker/News Feed please set your privacy to “Friends” and ask your friends to do the same. Pass it on.”

Don’t keep spreading that other status that keeps going around. It’s not much effective at doing at anything.

A Few Words about the new Facebook Ticker

Whether or not you like the new Facebook Ticker, this much-maligned feature does not make previously private activity public. The information shown in the Ticker is the same news previously lumped together w/other updates as ‘Recent News’ (remember a few days ago, when you could choose to see Recent Updates or Top News?)

The Ticker itself is not public. It shows the same information you were able to view if you only you had taken the time to visit each of your friends’ profile pages and walls. What FB has done with this latest update, is brought everyone’s wall to you in one place, now affectionately known as the Ticker, aka Update Bar from Hell.

There is a “chain mail” style post going around FB right now asking folks to change their subscription information to keep activity from being made public and showing up in the Ticker. There’s only one problem: Changing your subscription settings for a particular friend ONLY CHANGES WHAT YOU SEE IN YOUR TICKER! It doesn’t affect what other folks see about you, or, your friend.

Let’s look at a couple of issues more closely. First, you can examine the privacy of any post before you respond to it. Consider the image below from the author’s own Top News feed:

The top post has limited readership; it is not public. You could get more information about who can see that post by hovering over the symbol that is circled. Comments on this post would have the same privacy settings (i.e. they wouldn’t be public). The bottom post is public (notice the globe icon). Comments to this post (the one shown is from yours truly) may be public (I can’t verify it for sure), and may show up in the Ticker of folks who aren’t your friend or even a friend’s friend.

Now let’s look at Subscription settings. If you hover over any person’s name in Facebook, and click ‘Subscribed, you’ll be able to adjust the Subscription features for that person. Wow! So many options. First, choose How Many updates you want to see. Next, choose What types of updates you want to see. Now you can finally turn off all your friend’s annoying Farmville and other game updates! w00t!

IMPORTANT NOTE: This changes what you see in your Top News and your Ticker. It doesn’t affect what anyone else sees in their Ticker. Other folks would have to change their subscription settings about you to see changes in their Ticker.

Moral: Check the post’s privacy before you respond as that will determine the privacy of your comments. If you want to change what you see in your Ticker, and your Ticker only, change the Subscription options for your friends, but that won’t change what they (or anyone else) see’s in their own Ticker.

As always, your mileage may vary. Void where prohibited. Prices higher in Alaska and Hawaii. Cash value: 1/20 of 1 cent.

Zizzy Recommends: The Best Ways to Learn JavaScript

For all you budding web developers out there, here’s a great article on getting fluent in JavaScript. It’s the “language of the browser” so no matter what you use on the server, you almost always need JavaScript too. Enjoy!

tumblrbot said: WHERE WOULD YOU MOST LIKE TO VISIT ON YOUR PLANET?

New Zealand

Layperson’s guide to the new FB layout

Fall is in the air; and if the season’s changing, that means it’s time for annoying changes to Facebook’s layout. Sure they tell you a tiny bit about the new changes, but they never reveal the important things you need to know. But I will — here we go:

The main news feed now combines the previously separate “Recent News” and “Top Stories”. Top Stories will appear first, followed by everything else. Top Stories can easily be identified by a blue triangle in the upper left corner. On the right side of the page, where a lot of the annoying stuff used to appear, is “The Ticker”. This is probably where most of the stuff you’re used to seeing appears. Let’s look at each these parts individually. Of course there’s some secret algorithm to determine what’s a “Top Story”, but I think most of it depends on how you’ve classified and grouped your contacts, as well as your past interaction with them. As you classify (and declassify) items as Top Stories, FB should get better at making those determinations. I said “should”.

Top Stories: When you hover over the upper right corner of a Top Story, a menu will be available. Click the menu button to re-classify that story, and also choose additional settings for that person (such as seeing all of their updates vs. only ‘top’ updates).

The Ticker: Once you realize that everything that used to be in the old feed is now in the Ticker, breathe a sigh a relief, and get ready to do a lot of scrolling. There are some cool things in here too, once you realize how it works. First, the Ticker is scrollable (as indicated in the image at the left). Hover over an item in the Ticker and you can grab the scrolling tool and see all the glorious posts you’ve missed. Or if you have a mouse w/a scroll wheel, just hover anywhere over the Ticker and use your scroll wheel to scroll the list.

One of (the only?) cool features in the Ticker is how it reveals more information about the update. For example, if you hover over an update that says “Keith commented about clowns”, a pop-up will review the post (or photo or whatever) that Keith commented on, so you can give your two cents as well. No more navigating back and forth between pages and losing where you were in reading your updates.

One interesting ‘feature’ of the Ticker is that the scroller gets tinier as you scroll further and further down your feed. Also once you go past a certain point, a handy link will appear at the top of the Ticker that immediately takes you back to the top of the list. Both of these features are indicated in the graphic to the left.

There you go. This isn’t everything that’s been changed, but it should bring some relief that you won’t be missing any important news. I wonder if my link to this post will appear as a “Top Item” on everybody’s feed?

P.S. If you use Fluff Busting Purity, you’ll need to update it to work with the new layout.

P.P.S. Thanks to those whose fabulous status updates appear in the graphics. I pixellated the names to protect the innocent. (Innocent? bwa ha ha ha ha ha!)

UPDATE (9-21-2011 11:45am EDT): People have been asking if you can hide the Ticker. I don’t think so, but the best alternative I can find is if you maximize your browser window, and enable FB chat, the ticker will be integrated in the chat tool, instead of on your page. There is also button that will be available to hide the sidebar, but when clicked, the Ticker goes back to its original location (see the graphic at left). If you don’t like the Ticker, be patient, I’m sure the capable programmer of Fluff Busting Purity will provide a way to hide it very soon.

A Plague of Problems with MARC

The Maryland Transportation Administration promised big changes after 2010’s infamous ‘Hell Train’ incident, which kept stranded passengers aboard a hot train in 100° weather for hours.

A year later, we’ve had an earthquake, a hurricane, and severe flooding, and about the only thing that has changed is that the trains now have cases of water on-board. Yippee.

The near-Biblical events of the last few weeks not only verify that little has changed since MARC management’s barrage of promises last summer, but they also continue to highlight serious flaws in the way MARC handles delays and how it communicates with its customers.

  • Problems at Union Station: There is insufficient space at Union Station to hold waiting passengers when trains are delayed. This is evident when only one or two trains are delayed, but borders on dangerous when one or more lines experience delays. Lately, the P/A systems inside Gates B,C have either been turned off, or aren’t working, making it impossible to hear what few announcements are ever made. Problems are further compounded by the use of barriers to block entrances, which is a clear violation of the fire code and would hamper egress in the event of an emergency. This is unacceptable.
  • Problems with Notifications: While the earthquake brought communication and data networks to a virtual standstill, it still didn’t explain MARC notifications that trains were running on schedule, and conflicting notifications regarding specific delays and specific trains’ status. Yesterday’s flooding did not hamper networks, yet still MARC had problems communicating delays through various outlets, and also had one particular late train status sent repeatedly after the train arrived at its destination. The email notification system seems particularly vulnerable to crapping out when it is most needed. This is unacceptable.
  • Problems with MARC Staff: Yesterday’s flooding highlighted a myriad of problems with the MARC staff at Union Station. There was miscommunication with regard the status of various lines. Some passengers were told MARC Penn line service was ‘shut down’ while MARC sent notifications that trains were simply being held. Terminology makes a huge difference when playing MARC Roulette (i.e. which train/line does one choose to get home and avoid being stranded). It’s just sad when commuters have better, and more correct information than the MARC staff. A rather recent phenomenon has been MARC staff holding passengers at the gate while trains leave with empty seats. MARC customers also continue to experience poor and belligerent attitudes from the MARC staff. This is unacceptable.

MARC customers don’t expect problem-free commutes where delays and cancellations never occur. They do expect timely, correct train information, delivered by a helpful friendly staff and/or a reliable notification system. They’ve grown weary of empty promises and apologies that never address core problems.

Until such a time as MARC decides puts actions to its words, customers should enjoy their bottled water while they play Maryland’s favorite commuter game of chance.

Examiner.com: Android in Baltimore

I am the Baltimore Android Examiner