Tag Archives: Internet

The Smartphone Manifesto

This week I made the decision to get a smartphone. I’m heading off for college at the end of the month, and I thought it would be nice to have a phone that I actually carried. You see, I previously had an iPod Touch and a flip phone, which was nice because the phone was cheap to own by modern-smartphone standards ($15/month) and the iPod did almost everything an iPhone does. The problem was that I used the phone so rarely I stopped carrying it around, which meant that it lost almost all of its value as a cell phone. Besides, I figured, it would probably be nice to be able to text sensibly in the modern world, and having a mobile data connection is pretty useful too. And my grandparents graciously volunteered to pay for the phone and the connection throughout my time in college (thanks!), so there seemed little excuse not to go ahead.

But I recognize that for someone like me, who wants to maintain control of my life and not be interrupted and distracted constantly, I’m playing with fire. It’s too easy to let a smartphone get out of control. At least with my previous setup, it was relatively impractical to be texting people constantly while also trying to work, or to start browsing the Web while hanging out with other people. That’s changed now; as much as people say the iPod Touch is an iPhone without the phone, it’s different to have an always-on connection, even if you nearly always have wifi anyway. So that’s why I’ve written up this little manifesto for myself. It doesn’t have to be right for you as well, but maybe you like some of the ideas in it.

What a Phone Should Not Be
First and foremost, and really covering all the other points as well, no technology should ever be in control of me, whether a phone, a computer, or even a pencil and a piece of paper. I should remain in charge of my life and the way I choose to use my time.

#1. A distraction
I find that there is almost nothing in the world, no matter what people would have me believe, that truly requires my attention immediately. It can wait for a few seconds, fifteen minutes, an hour, maybe even a couple of days. Just because my phone or computer decides to beep or buzz does not obligate me to respond to it. Nobody is going to be in danger if I don’t answer an email as soon as it comes in. I’ve turned off notifications on incoming email on both my computer and my mobile devices; I still check my email fairly frequently, but I do it when I deliberately decide I am going to go check my email, not because someone happened to send me an unimportant message at that moment.

My phone should be similar. I believe there is no shame in using the “do not disturb” switch and ignoring other people for a while. If it’s truly an emergency, people can always ring me again immediately (which bypasses the function on my iPhone) or call someone else near me. Even if I decided not to be disturbed and it completely prevented someone from getting in touch with me in an emergency, it probably wouldn’t be the end of the world. After all, the person calling me has a phone, so they can always call someone else, or 911 if it’s really that bad. And before we had cell phones, the entire world dealt with being unable to reach each other at any moment for hundreds of years. Sure, sometimes it’s nice to be able to contact someone right away and get an answer to my question or get their help, but I believe what we’re giving up—our ability to concentrate and work undisturbed—is far more valuable in the long run.

So if you call or text me, I might answer and I might not. If I don’t, I don’t hate you and I’m not ignoring you, and I will get back to you if you can have a moment’s patience. Text messages don’t self-destruct if they’re not read immediately, and there’s this handy thing called “voicemail” that lets people talk to me and tell me what they need even if I don’t answer, and I can call them back soon.

Unfortunately, this is a hard thing to do in the modern world; people get upset when they call or text someone and they don’t answer right away. Because I’m trying to take charge of my own time and my right to refuse incoming messages until a better time comes, I will try to give other people more leeway here too. And even if I am annoyed at other people for not responding to me, it remains their right to do so (assuming they’re not being paid to answer people on time).

#2. Indispensable
It’s fine for my technology to be useful and to give me abilities I wouldn’t have otherwise. I couldn’t talk to anyone I know at any time I desired or access the entire world’s collective knowledge without a phone or computer. I even have an app called Chromatic Glass that helps me see distinctions between colors I can’t see without it (I have fairly bad red-green colorblindness). I refuse, however, to let a phone be the only way I can possibly accomplish a task, and I want to be prepared so that I will never feel utterly lost without it. I once overheard a student behind me on the bus complaining to his friend that he had lost his phone, and so now he couldn’t buy more drugs because his only record of his dealer’s contact information was in the phone he’d lost. Obviously he had larger problems than dependence on his phone, but it is important for me to consider what would happen were I suddenly forced to work without my phone. I keep as much of my data as possible synced to different places so I can still access it elsewhere if necessary, and I try to have alternate ways of accomplishing roughly the same things that I can with my phone. I don’t want to feel like I would be lost without my phone (or even my computer, which I rely on far more). Even if nothing ever happens, I don’t believe it can be good for me to put all my trust in my devices.

I believe there is no shame in deciding I don’t need to be connected to the world for a while and leaving the house without my phone. Sometimes it’s good to remind myself that I’m not going to die or become helpless without my mobile device. (I don’t normally feel that way, either, but I have still panicked more than was warranted when I have temporarily lost my iPod, and this feeling tends to get subconsciously pressed into me by other people’s conceptions of mobile devices.)

#3. The default action
When I don’t know what to do, I don’t want to just pick up my phone and start playing with it. Technology has a way of becoming the first thing people think about, and sometimes therefore the only thing we think about. That makes it more indispensable and more in control of us, rather than the other way around. It limits our ability to think for ourselves and our ability to simply sit and be bored. Personally, when I bought my iPod Touch I tried downloading some games, and I found I really didn’t like it. The feeling of sitting down and having nothing else to do and therefore pulling out my iPod and zoning out was just something I found deeply disturbing. That doesn’t mean it’s wrong for everyone, but it means I don’t have any plans to do it again. A mobile device being my default choice when I have nothing to do, to me, means I would never have time to think. For people that choose to use mobile devices in this way, I think it is important to decide deliberately to do so when in a given situation rather than to do it automatically.

What a Phone Should Be
At first I thought I might write a list of attributes like in the preceding section here, but I hardly think it’s actually necessary. The difficult thing with a smartphone is not to envision possible uses or ways it could make your life better—there could hardly be anything easier (as evidenced by the hundreds of thousands of apps available for download at the touch of a button). You have a device with thousands of times the processing power of computers that only half a century ago took up an entire room, and it fits easily in your pocket. It has access to basically any information you could possibly want to look up. It can record the world around you and play it back on demand. It can listen to your voice and understand what you want it to do (well, sometimes). As Clarke’s Third Law says, “Any sufficiently advanced technology is indistinguishable from magic.” And it’s not hard to imagine what kind of mileage you could get out of magic.

No, the real challenge is figuring out what you shouldn’t do with it. And basically, I think that can be summed up by saying you should remain at a certain distance from it. Remember that your phone is supposed to be a helpful tool for you to use how you wish; that’s why you’re paying good money for it, after all. Smartphones weren’t designed to tell you what to do and interrupt you when you want to be working. But it’s easy to let it happen.

How to Prevent Compulsive Browsing

Guess what happened to me the other day? I had a big project to work on. Before I started, I figured, I would just check my email and my Facebook account “really quickly.” So I did. I still didn’t really want to start, so I checked my Google Reader feed. Then I read some things linked to that, and some things linked to that. Then I looked at the clock and noticed that I’d just wasted a whole hour.

Everybody has a different weakness; maybe yours is Reddit, or Memebase, or Google News. I have a huge problem with Wikipedia; I love learning about random stuff so much that I click any links that look interesting, and then I click some links in those articles, and eventually I notice that I’ve moved ridiculously far from my original topic.

Ironically, it was several levels of links out from my Google Reader feed that I learned of the program that has worked wonders for me. It was an article called “How to Quit Wasting Time on the Internet” that showed up in the related articles section of a website I’d reached after clicking a link on one of the pages I reached by clicking a link on Reader. Given that I was undeniably wasting time on the Internet at the time, I immediately clicked the link.

The article has a large number of suggestions, so if you’re interested in more options and tools, take a look at it. But what worked for me was a Chrome extension called StayFocusd. It has two modes:

  • A daily limit on browsing time for particular sites. You make a list of sites you often waste time on (I have Facebook, Google Reader, Lifehacker, The Onion, YouTube, Wikipedia, and for good measure even though I don’t often visit them, Reddit and StumbleUpon). You can also check a box that will count sites you access by clicking links on time-wasting sites as time-wasting sites as well (very important for sites that are primarily lists of links to others, such as Google News or Reader). Then you choose how long you want to give yourself to browse these sites per day (right now I have 20 minutes, but I’m still trying to find the best amount). After you’ve used up that time, you can’t visit those sites for the rest of the day, and you can’t increase the time either.
  • A complete block for a given amount of time. This is called the “nuclear option.” You choose the length of time you need to be distraction-free and whether you want to block just your blacklisted sites or the entire Internet, and after you click the button there’s no going back.

It’s quite possible to cheat if you want to; for instance, you can simply open a different browser in which the extension is not installed. But unless you have really serious self-control problems, you don’t really need to block things entirely, you just need to give yourself a reminder. As soon as the extension informs me that I’m not supposed to be visiting a website, I immediately realize what I’m doing and lose the desire to try. Having a timer also works wonders to remind me to scan lists of articles quickly rather than waste time reading unimportant ones.

I had no idea how much time I was wasting this way until I installed the extension. Since installing it, I find myself wondering what I should do much more frequently; though I wasn’t aware of it, apparently I had a tendency to just start browsing the Web and then get drawn into something that way.

If you’ve ever had a problem with compulsive browsing, this extension could give you time you didn’t even know you had.

Download StayFocusd for Chrome

(Note: There are similar extensions for Firefox; see the original article that I linked earlier for some of these.)

A Week Without the Internet

I’ve spent my last week mostly disconnected. It’s been a surprising week in a lot of ways, and a very good, relaxing, and productive one as well.

The Plan

  • For the first weekend, I did not touch any internet-enabled device.
  • Afterwards (weekdays), I used the Internet at school for an online class, to work during one meeting, and to research how to change the date format on an assignment I needed to print. I also glanced at my email twice to confirm nothing really urgent had come up (I read only two emails total further than the subject).
  • I also did not play any electronic games or use my iPod Touch for anything except looking up notes during that meeting and studying. I barely text at all, but if I did I would have refrained from that as well.

For most of the time I kept my Ethernet cable disconnected and in a drawer in another part of the house, which prevented me from connecting for something trivial. On my wireless devices, I used the “forget this network” option. (I still knew the password, but not having it immediately available was all the deterrent I needed.)

I spent most of the weekend and some of the following week picking up, deep-cleaning, and organizing my room. It’s better than it’s looked in years now (it remains to be seen whether I can keep it that way, but I’m going to try). I can’t say that I got a ton of other stuff done since I spent hours on that—I suppose I could try it again sometime and see how I fared.

I noticed that I got my homework (and other tasks I needed to do) done a lot more expediently. With fewer distractions and fewer of my customary things to do, I was much more likely to just sit down and do it.

Most noticeably, though, the way I reacted to my Internet connection being gone surprised me. If you use your computer a lot, you’re probably familiar with the feeling you get when you find your internet is down. (If you don’t use or like computers or the Internet too much, think of your electricity being out.) Do you sometimes go around expecting to do things, then realizing you can’t do them because the Internet / power is out? It’s easy to forget everything that the Internet does for us nowadays because we’re so used to it being there. I don’t feel that I’m completely dependent on or addicted to the Internet (and I should know, since I just spent a week without it!), but I’ve even been known to open a browser before I remembered that I didn’t have a connection.

Yet this week hasn’t been full of those “duh” moments. Indeed, I was surprised to find myself hardly missing my Internet connection at all. Sure, there were plenty of times when I realized I couldn’t do something (order an item from Amazon, look up the answer to a question, or research something I heard about and was interested in). When I had one of these moments, I added an item to my “List of Things to Do on the Internet,” to be handled when I got back. But I didn’t put things on the list after I tried to do them and couldn’t; I always knew I couldn’t do things before I tried them. I think it’s because my separation from the Internet was planned and intentional, rather than being a technical problem suddenly thrust upon me. Seeing the difference has been quite educational.

I also found that the need to be in touch with what’s going on is considerably less than I thought. (I’m speaking of the level of need perceived by people today and what society expects of us—the actual need is of course still lesser.) I looked at my email twice, as I mentioned earlier. I never found an email that actually required my attention until the last day (which I saw only after my break was done anyway). I left an autoresponse message giving people my phone number if they felt their message was time-sensitive; only two people took me up on it.

I’m happy to get back online (starting today). It’s nice to be able to look things up, read about what’s going on in the world, and communicate with others. But this week felt really good, too; it was a much-needed break from being in constant contact with our friends and the news of the world. Those abilities are certainly useful, but it’s also important to sometimes take a step back and remind ourselves that it isn’t the only thing that matters.

I’ll certainly look into doing this again, though I’m more inclined to go for a couple of days or a weekend rather than a full week. Nevertheless, the longer time span was definitely educational, and I’m glad I did it.

How to Set Up Your Own Break
I’d recommend that everyone give this a shot. A week is probably a little bit overkill at first, especially if your job depends on using the Internet (sure, you can make an exception for that, but if you’re connected during work every day, it’s not really the same). Many of these ideas are still useful for short periods of time, but they’re especially aimed at (and important for) longer breaks.

  • Decide on conditions. Having a plan for what you will and will not do makes it easier to keep going with it. List the dates you plan to be off and what exceptions you’ll make. Write it down and give it to someone else to create accountability.This may seem like a silly exercise—after all, the point of taking a break from using the Internet is not to test your willpower, it’s to give you a break. Unfortunately, we’re so used to having the Web right there that just saying “All right, now I won’t use the Internet” probably won’t work.
  • Visit networks and let people know what you’re doing. Post a status update, write an automatic vacation reply, whatever is normal for that network or method of communication to let people know you’ll be away for a bit. If you like, you can provide a phone number for urgent things. You don’t need to do this, but if you don’t, people will probably ask you what’s going on. Here’s my email autoresponse:
To the copyright holder/owner/writer of this email—
I am taking a break this week from my regular Internet connectivity. I will be back on February 9, 2013. If your email is time-sensitive and cannot wait until then, feel free to call me at [my phone number].
Thanks for your understanding.
Soren “scorchgeek” Bjornstad
  • Liberate digital data. If you have an electronic, online calendar, to-do list, or anything else that you expect to need during your break, get the relevant information on paper. There’s absolutely nothing wrong with using these normally, but if you have to keep connecting to access them, it’s much easier to justify doing other things “while you’re there.”
  • Make an “internet list.” If you write down things you want to do online, you won’t have to feel bad about not doing them—you can simply do them later (and by that point, perhaps some of them will have become irrelevant or uninteresting and you won’t have to do them anymore—always a nice feeling).

And most important of all, enjoy your break: get something done that you’ve been putting off, or get some much-needed rest.

Why Passwords Are Getting Easier to Crack

I’m going to do a security series over the next couple of weeks, inspired by last week’s post. This week I’m taking a look at an Ars Technica article I read today, called “Why passwords have never been weaker — and crackers have never been stronger.”

It’s a long article, but if you have a few minutes, I highly recommend it, especially if you’re interested in security. The most important thing to take out of it, though, is that password cracking is making extremely rapid advancements–the past couple of years have brought nearly as much new information to the field as all the rest of cracking history combined.

This is due primarily to an increase in password databases being stolen and cracked, which gives both security analysts and malicious hackers a prime opportunity to see what kinds of passwords people use in the real world. As a result of all the information, password dictionaries have gotten orders of magnitude more effective, making choosing a good password more important than ever.

And get this: what you thought was a “good password” almost certainly isn’t. Here are a few things that the bad guys are onto now (mostly sourced from the Ars article, with a bit of personal opinion and other general consensus in security fields included):

  • You know those websites that make you include a number and a capital letter (and maybe a symbol) in your password? Turns out those requirements really do essentially nothing, except perhaps annoying users and making them more likely to write down their passwords or otherwise store them insecurely. Nearly all capital letters are the first character of passwords; nearly all numbers and symbols are at the end of passwords. Most of the time, people just capitalize the first letter and stick a ‘1’ on the end. If they’re feeling more clever, they might change an ‘e’ to a ‘3’ or a ‘t’ to a ‘1’–all those substitutions are in the dictionaries too.
  • Shifting your hands sideways on the keyboard or going around keyboards in patterns are in any good dictionary now, too. The same goes for spelling words backwards or both directions. If you’re not sure whether your password trick is secure, here’s my personal rule of thumb: If you think you’re being clever, you probably aren’t.
  • A $12,000 computer called “Project Erebus” can crack the entire keyspace for an 8-character password in just 12 hours when run on a database that has been stored poorly (which is, unfortunately, most of the companies involved in data breaches lately). That means if your password is 8 characters or less, this computer will always get it in 12 hours or less, no matter what it is. 8 characters used to be a secure password (it still was when I wrote about passwords in 2009); now 8 characters is a terrible password (though still a good sight better than 7 or 6 characters, since password strength increases exponentially with each additional character). This computer is not particularly special; anyone with a few grand to spare and a bit of computer smarts can put together a few graphics cards into a solid password-cracking machine nowadays.
  • Average desktop computers equipped with good graphics cards can test about eight billion passwords every second against a file of encrypted hashes (those are what you usually get when you steal a password database from a company).
  • The average Web user has 25 accounts but only 6.5 passwords. In my opinion, reusing passwords is even worse than using bad passwords. And that’s despite the fact that just about everybody reuses their passwords at least occasionally. That’s because if somebody gets your password from one site, no matter if it’s “hu!-#723d^*&/”!q4,” they can get into your other accounts as well. If you have a bad password and it gets cracked, at least the damage is confined to that one site (unless it’s your email account, as described at the very end of last week’s post).
  • A large number of passwords consist of first names (or worse, usernames) followed by years. There are now dictionaries of names pulled from millions of Facebook accounts which can be used with programs that try appending likely numbers (such as possible years of birth) until a match is found. A good graphics card can crack your password in roughly two minutes if you use this type of password.
  • A number of attacks depend on the companies that store your data being stupid. For instance, there’s an easily implemented method called salt that makes cracking password databases far more difficult (and one method called rainbow tables completely impossible). It’s been around for years. And yet Yahoo, LinkedIn, and eHarmony, among other major companies, were caught dead without it when they lost password databases recently. The same goes for using better cryptographic hashes for encrypting password databases–using a good hash can make a database essentially uncrackable (2,000 tries per second as opposed to several  billion), but most services still choose to use a poor one. Unfortunately, there’s not really anything you can do about this, other than contact technical support and boycott them if they don’t follow best practices (and given how bad the standards are, you can expect to not be using very many websites). You can, however, mitigate the possible damage by using a different password for every site so that you will have lost less if your password is cracked.

Now is a good time to remind yourself that two-factor authentication would help prevent anybody from logging into your account even if they cracked your password, isn’t it? Next week I’ll be back with some practical tips for making and using better passwords.

Security Advisory: You Should Use Two-Factor Authentication

Passwords are rapidly becoming less and less protective of your online information. And at the same time, we’re putting more of our lives online and standing to lose more from someone breaking that security. And don’t think it can’t happen to you: you probably heard about Wired writer Mat Honan, who recently had his Amazon, Apple, Gmail, and Twitter accounts hacked and his iPhone, iPad, and MacBook all wiped with no backup—because the hacker thought his Twitter username was cool.

Two-factor authentication is an easy way to add a great deal of security to accounts that support it without really losing much. In Mat’s case, he would never have lost all his data had he had two-factor authentication enabled on his Gmail account, and he urges everyone to turn it on. Here’s why (and how do to it).

What exactly is two-factor authentication? In its most common usage, it means that logging in requires not only a password (in security speak, “something you know”), but also an item with some sort of cryptographic key or other code (“something you have”). This item can take the form of specialized hardware such as a smart card or a device that displays randomly changing numbers, a flash drive, or a decidedly low-tech sheet of paper with one-time-use numerical codes printed on it. It can also be a smartphone app or a server that distributes codes via text message or phone call, which is the simplest to implement for average users and the method I’m focusing on in this article.

Two-factor authentication works really well with very little sacrifice on the part of the user. If you’re using two-factor authentication, if somebody gets your password, you’re not screwed yet—they still have to get hold of your phone. In the case of Mat’s recent hack, the hacker never knew him personally, so he would have had no chance at his phone or list of backup codes—both physical objects—making the rest of the damage he did impossible. (Furthermore, depending on his settings, Mat might well have received a random text message with an authentication code—a dead giveaway that somebody had tried to access his email account.) And it’s not a major inconvenience to you. With many services, like Google, you don’t even have to do anything different on computers you use regularly; you just use them once and check a “remember” box. On other computers, you simply have to take fifteen seconds to pull out your phone and type a number into the computer. It’s a pretty small price to pay for making it nearly impossible for a random stranger to destroy your online life.

I was one of the first wave of people who signed up for two-factor authentication at Google when it was first released. I’ll freely admit I thought it was a gimmick and paranoia when I did, but I thought it couldn’t hurt. But with the latest batch of password database cracks and now this widely-publicized Mat Honan business, I think the world is changing. Passwords just aren’t enough anymore, even good ones—a good portion of breakins now don’t even involve cracking a password, they involve stealing passwords from somewhere, using weak password reset or security question vulnerabilities, or tricking customer service into letting you into someone else’s account. Those are all things which you can’t control, except with two-factor authentication.

Nowadays I think everyone should enable two-factor authentication right now. A few minutes now just might save you an awful lot of trouble later!

With Google accounts, you can have codes texted to you or delivered by voice call when you need to log in, or you can install a smartphone app called Google Authenticator which works even when you’re offline. In case you need to log in when you have a dead battery or no service, you can print out a list of single-use backup codes and keep it in your wallet (you could even memorize one in case you’re stuck without even your wallet). They’ve really covered just about everything at Google.

Here’s how to enable two-factor authentication on your Google account.

  1. Log into your Google account if you’re not already logged in.
  2. Visit http://accounts.google.com. If it’s been a while since you logged in, you may have to confirm your password.
  3. Click the Security link on the left.
  4. Next to “2-Step Verification,” click Edit.
  5. Click “Start setup” and give your phone number if it’s not already on file in your account. You’ll receive a text message (or call, if you’re using a landline or SMS delivery isn’t working) with a code to confirm your phone.
  6. Check the box if you want to “trust” the current computer, which means that you won’t need to enter codes on it. This way, you only have to bother with verification codes if you’re on a computer other than your own, safe computer.
  7. Click Confirm to activate two-factor authentication.

Here are a couple of things you may want to check (and things to keep in mind now):

  1. On the overview page, it is wise to provide a backup phone number and print (or write down) the list of backup codes. The codes are useful, as mentioned, if you’re without your phone or without use of it. It’s a good idea to make the backup phone a landline, as you can lose a cell phone for a while and be stuck locked out, but it’s pretty hard to lose a landline number.
  2. If you have a smartphone or iPod Touch, you can investigate the “mobile application” (Google Authenticator in your device’s app store) to make logging in even easier.
  3. If you use apps that access your email, you may need to set up “application-specific passwords,” as many apps can’t accept two-factor verification. Google simply generates a special sixteen-letter password for use with only that app; if someone gets into that account or steals that device, you can simply revoke the password from your accounts page (leaving everything else untouched and fully operational). You cannot log into the main Gmail web interface with an application-specific password.
  4. At the bottom of the page, you’ll notice that you can forget all other trusted computers, just in case you think someone managed to get a computer trusted with your verification code or you accidentally checked the “trust” box when logging in on a computer you don’t actually trust.
  5. Before you log out, it would be wise to open a new incognito window or a different browser and double-check that you can log in properly, just in case there’s somehow something wrong with your phone setup.
  6. If somebody ever gets your password or it’s somehow released onto the internet by some other database for which you used the same password being cracked, you should still change your password (it’s essentially only one-factor authentication until you do), but you’re safe for the moment.
  7. If you lose your phone, simply log into accounts.google.com and deauthorize your phone (you can use a backup code or your backup phone if you’re locked out because your phone is missing). If you get it back or you get a new one, you can just add it back in.

You can also use two-factor authentication on Facebook, LastPass, and a growing number of other popular applications—it wouldn’t hurt to investigate, especially on accounts you care about keeping secure. (UPDATE: Yahoo Mail and Dropbox have recently added two-factor authentication options as well.) It’s especially important, however, to have good security on your email account. Why? Think about what you do if you need to reset a password. On nearly all websites, you enter your email address and have a reset link sent to your email account—the one you used when you set it up. If someone gets into your email account, they essentially have a free pass to all your other online accounts.

If you have problems with or questions about two-factor authentication, I’d be happy to help you in the comments—I’m surprising myself with how strongly I’ve started to believe that this stuff is important.

How to Use BitTorrent

What Is BitTorrent?

To put it simply, it’s a way to download large files quickly. Instead of using a single server, like you do when you visit a website and click a conventional download link, BitTorrent allows you to download from many other people who have already downloaded the file simultaneously.

Why Would I Want to Use It?

If a file is popular enough (and there are therefore enough other users who have downloaded it), you can usually download files at the maximum speed allowed by your internet connection, rather than the speed the server can manage at the moment. Additionally, using BitTorrent is a great help to the owner of the server, especially with small projects with a limited budget, since the server is only required to upload the file when there are few or no other people offering it. Finally, if your download gets interrupted, you can resume right where you left off. There’s nothing more annoying than having your connection terminated with 95% of a 4GB download complete and having to start over.

Isn’t This Illegal?


You’ve probably seen the huge posters that often get put up in libraries and schools talking about the evil file-sharing programs. Most of those are funded by the RIAA, which is a group that likes to sue random people for illegally sharing copyrighted content and then keeps the money for itself instead of giving it to the people whose copyright was actually infringed. Regardless of that, I’m not denying that BitTorrent can be used to download material illegally, but the act of using BT (or any other file-sharing program) is not in itself illegal, and there are plenty of legal uses, such as downloading free software or music that the authors have made public domain or available under Creative Commons licenses.

There are a number of other uses which are in a legal gray area but most people would consider ethically sound. For instance, if you have lost the installation disc for a program that you legally purchased and you still have the license key, you might find a copy of the program and download it. While the company probably didn’t intend for the software to be available that way, you aren’t avoiding paying for it by doing so.

Using BitTorrent

There are a lot of clients that connect to the BitTorrent network, but two are especially popular, uTorrent and Transmission. For the most part, it doesn’t really matter what client you use.

Once you’ve installed a client, you need to find something to download. Unlike older file-sharing networks, BitTorrent doesn’t include a search feature itself; instead, you need to use other services to locate a torrent file, which you can then download and import into your client. (This is what the notorious The Pirate Bay service does.) A torrent file does not actually contain any of the data you’re intending to download; instead, it contains information about how to find parts of it.

The Internet Archive recently announced that they were making parts of their collection available over BitTorrent, so I’m going to use something from there as an example. The Archive’s torrent search page is here:I clicked into ‘books’ and the ‘spotlight item’ on the left as an example. This file is actually fairly small, so we’re unlikely to notice any speed difference on it, but it’s just an example. We can also see to the right (“Possible copyright status”) that this book is public domain, so there are no possible legal issues here.When you find something to download (wherever it may be), download the torrent file (in this case, click the ‘torrent’ link, then open the file. Your client should come up and open the torrent (I’m using Transmission in this example). In this particular case, there are a number of files available, so we can choose which ones we want.With an uncommon file, sometimes you’ll run into a problem where you wind up stuck because no other people (“peers”) have the parts of the file you still need, and the download can stall and go idle. In some cases, like with the Archive, there are official servers that will take over if the file is not available any other way; they just might take a little while to kick in.

When the download is complete, the status display will change to “Seeding.”This means that you’re now making the file available for others to download. Depending on how popular the file is, your internet connection may slow down as you upload parts of the file; to prevent this from becoming a problem, all decent clients have a speed limit feature built in. You can set that to whatever number you need to keep your browsing and other connections working fine.

It’s good etiquette to keep seeding a download until the ratio (on the right side of the file size data in this screenshot) has reached 1.0, meaning you’ve uploaded as much data as you’ve downloaded. Although it may seem annoying and unnecessary, remember that you probably downloaded the majority of your file from other people who were seeding it (a small percentage comes from other people who are simultaneously downloading the file in a different order than you). If nobody kept seeding files, you’d never be able to download anything. Additionally, some servers will begin to throttle your download speed if you maintain a low ratio over a period of time, since you’re being a drain on the network.

I don’t use BitTorrent that often, but it really is handy for downloading large files (one of my most common uses is disc images for software and operating systems, which are usually at least 600MB and often take an eternity to download from the official server). Even if you don’t use it much, it’s not a bad idea to have a client and know how to use it for the odd case when you find a file that’s only distributed via BitTorrent or the only non-torrent servers run at an extremely slow speed (I ran into a server once that was giving me a download speed of 3 KB/s over a broadband connection).

What Email Filters Are, and Why You Should Use Them

Ever gotten repeating emails from a website that you just can’t get rid of? If you use Gmail, would you like to be able to prevent emails from a certain address from ever being marked as important? Would you like to store work orders or other requests in a separate folder automatically? Email filters give you the ability to take control of what emails get presented in your inbox and how they’re displayed to you there.

I’m going to show you how to set up a filter in Gmail, since that’s what I use (and because it has one of the more powerful and useful filter systems out there), but virtually every email client provides a filter of some sort.

Filters are essentially just a search that’s automatically applied to your incoming mail, so they’re pretty easy to understand. Here’s how to set one up:

  1. Locate the filter settings in your Preferences or Settings. In Gmail, it’s under the Filters tab in your settings (in the new layout, you have to click the gear icon in the upper-right-hand corner to get to settings).
  2. Determine criteria that match the email you want to filter out. See below for suggestions on what you might want to filter. You can typically search the subject, sender, receiver (different depending on whether it was sent only to you or to a mailing list), or body text. You can also frequently check for whether a message has an attachment.
  3. Type the criteria and test the search on emails you already have. If your email client is any good, you’ll be able to see what messages you already have that match the filter. If it looks like it’s going to work, you can set the filter.

No ideas on what you might want to filter? Here are a few ideas:

  • The most obvious is when a website is sending you spam that you can’t get rid of. For instance, I somehow wound up on a software development list that I did not sign up to be on, and no matter how I changed my preferences, I couldn’t seem to get off of it. To correct the problem, I simply went into my email settings and filtered on the search subject:([supertux OR [meta) (this matches the prefix that comes before the subject in every message from the list) and set the action to “skip inbox” and “delete.” Now I never see the messages anymore.
  • If you use Gmail, you may not know that you can use a +anything after your email address. For instance, emails sent to both john.smith@gmail.com and john.smith+spam@gmail.com land in John Smith’s inbox. Since you can filter on what address an email was sent to, you can take advantage of this to help filter spam and track the source of it when signing up for less-than-kosher websites. You can also use it to specify that certain email is important. For instance, you could opt to have email sent to john.smith+bob-urgent@gmail.com automatically starred and flagged as important if Bob’s messages are always important.
  • If you’re on a mailing list or two, it might be nice to have email from the list kept in a separate folder if you don’t always want to look at it with the rest of your email. (If you use Gmail, you can also label it without removing it from the inbox if you just want to be able to look through the archives more easily later.)
  • If you’re wondering what filters I use, here’s a screenshot (click to enlarge and make it easier to read):

My email filters. See above for suggestions if you can't see this...

In Gmail, there’s another handy way to create a filter: build a search from the ordinary search box, then click the little arrow next to the search box and choose “create a filter from this search”:

Create Filter From This Search

YouTube Keyboard Shortcuts

You probably know that you can press Escape to exit full-screen mode (after all, YouTube does smash you over the head with an alert saying exactly that every time you make a video full-screen), but I bet you didn’t know you can control video playback with other letters.

You need to have focus on the Flash applet before you can use any of these shortcuts. (Just click on the video or any of the playback buttons to change the focus.)

  • f: Go full-screen. You can return to normal with Escape, as usual.
  • k: Pause or resume video playback.
  • j and l (or left/right arrow): Seek backwards/forwards 10 seconds.
  • Home and End: Seek to the beginning/end of the video. You can use Home to replay the video if you get to the end.
  • 0–9: Seek to 0–90% through the video.
  • Up and Down arrow keys: Change the volume.
  • m: (Un)mute audio.
Sources for this article:
I was inspired to write this article by accidentally typing ‘f’ in YouTube and noticing that it did something.

Email Etiquette (4): Odds and Ends

This is the fourth and final part of a multi-part series. Previous posts were “Replies and Formatting,” “Subjects and Attachments,” and “Using the Cc and Bcc Fields.” There is also a summary.

This week has no particular focus except to deal with a few more things I thought of: email signatures, chain emails, and length of emails.


Email signatures are good. It’s nice to be able to easily find somebody’s name at the bottom of their email, especially if they don’t have their “from” name in their email client set to their actual name (so you get something like “From: hq723″ instead of “From: Soren Bjornstad”). If somebody might want your address, phone number, or website, those are good things to put in as well. Putting your email address is a waste of space unless you’re using a different address than normal: this is what the “reply” button and the email header are for.

If it’s not a work email (and maybe if it is, depending on the environment), creativity is always appreciated—just don’t go overboard and make it something that could potentially offend somebody. Quotes or interesting observations are always welcome. If you choose to include a quote or something similar in your signature, changing it every so often is nice; I know more than one person who has had precisely the same email signature for over five years. Even the most creative snippets tend to lose some of their luster after that long.

Don’t make your email signature more than four or five lines. HTML and images are probably unnecessary. Also don’t be cautious to strip your signature from your email if you’re responding to a mailing list that knows perfectly well who you are or you’re adding to a long chain of people adding a small amount of information to an email and sending it on. (Feel free to strip other people’s signatures and “so-and-so replied:” from those emails too; nobody will ever do it if you don’t take the initiative.)

Chain Emails

Do me a favor: Next time you get an email that ends by telling you that if you don’t send it to ten more people your computer will explode spontaneously, don’t forward it to me.

If you get an email warning you about something that actually seems important:

  1. Don’t send it to anybody.
  2. It’s probably completely fake.
  3. If you still really aren’t sure whether it might be true, check out Snopes first. (Do this even if the email claims that Snopes has confirmed the veracity of its statement—Snopes is becoming well-known enough that I’ve seen more than one chain email/Facebook post that makes a false claim.)
  4. If you really received chain mail that tells the truth, you still probably shouldn’t forward it to anybody. If there really is an email virus spreading like wildfire (which really doesn’t happen anymore anyway), then people will learn about it on the news anyway. Do you really need to send yet another email?
I realize I’m probably preaching to the choir here—most people interested in reading this blog are probably not the type to forward email indiscriminately. But please take this to heart. So much complete misinformation gets spread this way, not to mention the annoyance of the resulting flood of email.

Email Length

Try to avoid making your email more than a paragraph or two long. If it really needs to be longer, you should start worrying about structure. Include a paragraph or at least a line or two summarizing the email and explaining what you’re going to talk about in it. If it seems appropriate, you also might consider apologizing for the length and explaining why it’s as long as it is.

Why? Five-paragraph emails don’t scan well. Sometimes I get a copy of an email I don’t really need, and I like to be able to discard it quickly instead of wasting my time reading the whole thing. If I have a flood of email, it’s nice to be able to immediately determine which emails require immediate action and which ones can wait until I’ve finished sifting through emails. And besides, nobody likes reading you ramble on forever about the same thing. If it’s that complex a topic and it’s not for mass distribution, you should probably just pick up the phone and call the other person—that will be faster anyway.


I’ve compiled another post that summarizes all the main ideas in all four sections of this post. Check it out, and send it on to people who annoy you with their emailing habits. :-)

Soren “scorchgeek” Bjornstad

If you have found an error or notable omission in this tip, please leave a comment or email me.

Copyright 2012 Soren Bjornstad.
For terms of reuse and redistribution, visit

Email Etiquette (3): Replies and Formatting

This is part three of a multi-part series. Last week we had Part 2, “Subjects and Attachments.” Part 1 was “Using the Cc and Bcc Fields.”

This week I’ll first discuss when you should reply to everybody and when you should only reply to one person, then consider the problem of how much formatting in your email is too much.

Replying to Everybody

Sometimes everybody really does need to receive your reply. Other times, they really don’t. This is sometimes a difficult problem to deal with: is it better to err on the side of replying to everybody (thus sending people a bunch of spam) or the side of replying to only one person (and leaving people out of the loop)? That’s really a matter of personal preference, but usually you should be able to make a pretty good decision. Here are a few cases:

  • If somebody asked you about a meeting or similar group activity, you should reply to everybody. Otherwise other people might not realize that you’ve already replied and make plans that don’t work for you behind your back (like you just did to them!).
  • There is very rarely a sensible reason to send an email that says something like “Thanks” or “Cool, I’ll do that” to everybody. In fact, you might consider whether you really need to send that email at all—in many cases, all it will end up doing is wasting the other person’s time. (Of course, there are plenty of times when being courteous is intelligent. But it’s at least worth thinking about.)
  • If you’re on a mailing list and really only need to reply to one person, see if the mailing list allows you to see the email address of the person who sent it. If so, don’t hit reply—copy that email address, then compose a new email to that person, rather than to the entire list.
  • Consider choosing “reply to all,” then removing several people’s names from the address list. Perhaps only the person who just sent you an invitation and the person you know who just responded need to get an email, not the other three people on the original mailing as well.
  • If somebody sent you an email with two hundred names in the To: field, first of all, shame on them. Second of all, please double-check to make sure you didn’t hit “reply to all” before you send the email. If there’s something worse than getting a completely useless email from somebody, it’s getting a completely useless email from somebody you don’t even know.

I know some people will say, “Big deal! It doesn’t take that long to delete a useless email—why should I bother to think about all this before I send email?” But think about it this way: either you spend a few seconds thinking about who needs to get your email, or someone else spends a few seconds deleting your email because she didn’t need it. If all of us were polite and spent a few seconds considering who needed to receive our emails, then we would all have fewer useless messages drifting around in our inboxes (that sometimes even interrupt our work because we notice that we have a new email and go to see what it is). And we wouldn’t lose any time because of it, either—we would simply have moved those few seconds from the receiving to the sending end.

HTML and Formatting

Have you ever gotten an email that was in 18-point italic red text with a blue speckled background? I sure have. And guess what: it doesn’t make you look cool. All it does is strain people’s eyes, make them annoyed because it’s difficult to read, and make their email take longer to load. Simply put: stick with plain text unless you actually have a good reason to add formatting.

Some people dislike getting any formatting in email (mostly the technical people who use text-based email programs, for whom any formatting displays as HTML markup and random gibberish). You’ll probably know who these people are, because they’ll write you back asking you to please send them plain text-only email in the future. If you’re not dealing with one of those people, adding some bold text, a link, or maybe a relevant image to the body of your email looks professional and is perfectly acceptable. Changing the font of your entire email to Comic Sans, putting the entire thing in italics, or adding a background is obnoxious.

Soren “scorchgeek” Bjornstad

If you have found an error or notable omission in this tip, please leave a comment or email me.

Copyright 2012 Soren Bjornstad.
For terms of reuse and redistribution, visit