It’s very annoying when you come across something useful online that you want to access like an ebook or article that states that it is completely free, you just have to provide your email address before you can access it.
When we think of something that is free we tend to think in terms of monetary value. But cost comes in other forms as well, such as our time, and our data. By providing your email address you are giving away information, for free. The individual or company that you are giving this information to may use it to sell you something or to sell the actual data that you just freely gave. There are data brokers, email harvesters, etc, that will pay real money for valid email addresses, especially if it comes with context. For example if you were trying to access a free eBook on investing they now know that your email address belongs to someone that is interested in investing and that is valuable information.
The trick with such sites and asks is not to give your real email address yet still get access to the free content. To do this there are free temporary email services. Just google temporary email to see what I mean. With the click of a button you can create a randomly generated email address with a short time to live in minutes that you can use with the site offering the free content. You can then read the article or download the eBook (obviously scanning it for viruses and malware before opening) and when you are done no one has your real email address. Simples!
Infinity lists
Have you ever noticed that you never really complete a to-do list? At the end of the day I’ve usually crossed off a handful of entries only to have thought up a few more to replace them. These lists never end as we very rarely have nothing to do. These infinity lists are never complete and can become frustrating if you believe that the goal is to complete them.
The truth is that to-do lists are never meant to be completed. They’re just a way for you to track your chores and tasks. You could delete the list altogether and improve your memory by remembering what you need to do yourself. You may forget a few items, but that just means they weren’t really that important or urgent. You’ll still have a list, just in your head.
Maybe you’ll feel better about yourself if you don’t have a physical list to look at. Or you could try creating a new list and transfer incomplete tasks to that just so you can get rid of the original thus attaining some feeling of achievement, however brief.
To-do lists are just a list of reminders, not a record of achievements. They do not need to be completed.
Life moves pretty fast
Alone time. Taking time to just be on your own can do wonders for your mental health. You don’t have to go far. It could be a quiet room in a busy household, or the garage or shed. Maybe go for a short or even a long walk. Maybe sit in your favourite coffee house and read (or write) or just think. You could meditate or clear your head and just enjoy the sights and smells of being outside or somewhere different.
Too often we feel the need to fill all of our time with doing something. Whether reading a book, watching TV, surfing the web, or doing jobs, crossing things off from our to-do lists. We forget that there is joy and comfort in just doing nothing, just being, embracing the moment.
In the immortal words of Ferriss: “Life moves pretty fast. If you don’t stop and look around once in a while, you could miss it”.
HTB peer snooping
HTB (Hack The Box) offers a free and premium (VIP) tier for its members. It’s a great platform for learning ethical hacking (along with Try Hack Me). I promised myself that after I’d gotten through the free content that I would treat myself to VIP membership, but have yet to do so. You see, I discovered that there are unintended benefits of free membership. In addition to lots of free content including the seasons machines, there is a little known way of learning on HTB: Peer snooping.
You see, when you access a machine via a non-VIP account you are essentially sharing the (virtual) machine with other users. And when you have a foothold on a box and you are stuck on privilege escalation you can snoop on other players. You can look at who else is logged on and you can monitor what they are doing. You can see what tools, commands, CVEs, etc they are trying and can learn from them.
So next time you are trying a HTB machine and you have a foothold (a login with shell) try snooping on others that are also trying to pwn the machine. You may learn something.
Avatar tracking
People are attached to images, especially the ones they use to represent themselves online. Even if it’s not a photo of themselves, it will usually mean something to them and can be unique on a pixel-level.
With services like Gravatar it’s easier to track someone by their avatar. Grab a copy of their avatar and paste it into reverse image search engines and you could find where that image has been used across the net. You could find the email addresses and accounts associated with that individual. You could build a map of their haunts online.
Your avatar is like a fingerprint. It allows you to be tracked almost as much as an email address. So take care when creating yours.
Only so many books
I read an article once on the art of finishing. It was more how to end something than finish it. If you are several chapters into a book and you are not enjoying it, put it down and read something else. Don’t force yourself to keep going in the hope that it gets better. If you are 15-20 minutes into a TV show or movie and you are bored just turn it off and go find something more interesting to watch.
There are so many books in this world that there really is no excuse to waste your time reading something boring. There are only so many books that you can read.
Take the average life expectancy for your country and gender, minus your current age, and times by twelve. Now times that by the amount of books that you generally read in a month. That’s how many books you have left to read, in theory. I’m guessing that it’s not a huge number. So why waste time on books that don’t interest you? Fill the time with books you enjoy. There are only so many books you can read.
The price of beer
Have you noticed how a trip into your nearest town will expose you to a wide range of prices when it comes to beer?
And by this I mean exactly the same beer.
You could pop into your local Wetherspoons and pay 1.99 a pint, and then nip into an independent and pay anywhere from 2.55 to 4.50 for the same pint, or an upmarket themed pub and pay 7.99 for the same exact pint?
So what’s going on here? What are you actually paying for? Is it the beer, the staff plus bricks and mortar overheads, tax, the ambience, or something else? How can the same product vary in price by so much?
Thoughts?
Car modifications vs insurance
Over the years I’ve modified many cars that I’ve owned. Everything from small modifications that improve security or passenger comfort, to engine, suspension, and braking modifications. And there’s one thing I’ve learned with insurance companies. It’s how you explain the nature of modification in terms of how it affects performance and risk that affects the cost of your insurance.
One of the many jobs I’ve had in my career was working on the development of car insurance software and I got to see first hand how the process works behind the scenes. You essentially start off with a baseline insurance quote based on the stock version of your vehicle. Then you add the modifications, and the underwriter, the actual company that will insure the vehicle, reviews the modifications based on their understanding of the changes made, plus algorithms involving risk, the amount of time the car is likely to be driven on the road, etc. Then an additional amount is arrived at and added to the baseline cost to provide you with your individual quote.
So the key here is to ensure that you correctly inform your insurance company about all modifications that have been made to the vehicle, while trying to get the lowest quote you can. And there is an art in doing this.
Note: You must inform your insurance company of every and all modifications that have been made to the vehicle otherwise your insurance is null and void. It does not pay to lie! Many modifications are now standard, in that they are a selectable option, such as alloy wheels, wider wheel arches etc. Here I am talking about modifications which can be interpreted or stated in different ways.
As an example I once modified an Austin Mini by installing a ‘stage 1 kit’. There are at least two ways of informing the insurance company about this particular modification, those being that:
1 – I have increased the vehicle’s bhp by 20%
2 – I have increased the vehicle’s bhp by 8bhp
Both are factually correct. However as an experiment when repeating statement one to the potential insurer I was quoted a three-figure increase to my insurance, whereas with statement two they said it’s so low that they will note it on my policy but that it would not affect the premium in any way.
Notice the difference?
The art of patching software
Patching software can be a fine art.
I mean, when do you do it?
Too soon and you run the risk of a bricked device or loss of services due to an unforeseen bug or inadequate testing.
Too late and you risk exposing yourself to CVEs and known vulnerabilities.
It’s a fine art working out just when to take a software update. It pays to backup first so that you have a recovery option should an early update fail. You can then restore from backup and wait until the patch is stable before trying again.
So when do you patch?
The most expensive liquid is..
..printer ink.
No seriously, I have been thinking about this for some time. By volume printer ink is one of the most expensive liquids known to man. It’s so expensive that supermarkets have even taken to putting security tags on the cartridges it sells to reduce theft. It’s more expensive than alcohol and most top-shelf perfumes per volume.
Long gone are the days where you would take your USB sticks to a print centre to print copies of your resume (CV) or dissertation. Nowadays most people want to print from the comfort of their own home using their inkjet printer. And they apparently are prepared to pay to do so.
Buying a new or replacement printer generally involves weighing up the cost of the ink. Most manufacturers will sell you a printer at cost or even a loss knowing that they will make the money back on the ink. With third-party ink sellers trying to steal market share they’ll try every trick in the book to make sure that you buy their ink using firmware updates that ensure that third-party ink is not recognised, or makes it appear to run-out sooner, to selling you ink subscriptions that automatically send you ink when you are getting low, at a premium of course.
Considering that we are talking millilitres here not litres it’s amazing that you are paying a small fortune for such a small quantity of liquid, yet somehow the home printing industry has mastered the art of making liquid gold.