View Outlook Web-app correctly inside Linux

Here is a short command that can run in your terminal that will launch the chromium browser in such a manner that it will trick Outlook to function normally:

/usr/bin/chromium-browser –user-agent=”Mozilla/5.0 (Windows; U; Windows NT 5.2; en-US) AppleWebKit/534.4 (KHTML, like Gecko) Chrome/6.0.481.0 Safari/534.4″

Posted in Uncategorized

Google Drive quota not updating

Have you bumped into this annoying problem in which Google Drive is getting full, then you go ahead and delete some large files and even empty the recycle bin -only to notice that the quota didn’t change at all. I’m currently stuck in such a situation and the quota has stayed the same now for over 10 hours.

One suggestion from Google was to log out and then log back in but that had no effect in my case.

Going to the gog-wheel settings area shows the following text: “Using 13.5 GB of 15 GB (6.1 GB in Trash)”. But the trash can appears empty.

I will update this post when the situation finally gets resolved.

Posted in Uncategorized

I don’t like the new way Youtube displays subscriptions

Did you notice that Youtube has just changed the way subscriptions are displayed? They used to for a stream based on the time they were published, but now Youtube is grouping the videos based on the channels. This is quite annoying, since now I will also see older videos that I have already watched! I don’t want the subscribed content to get grouped in any way. The old way of showing new videos in a time order made much more sense to me. Is there a way to change this back?


Turns out there seems to be a way! You have to choose “manage subscriptions” and create a new collection there. If you put all your subscriptions into this new collection, then you can see your content in a time order without any grouping by viewing this collection. So it takes a few extra steps, but at least it can be done!

Posted in Uncategorized

Can you disable mid-stream ads in Youtube

So you might have noticed that especially longer Youtube videos now sometimes show annoying ads in the middle of the video. Mid-stream ads can really break the customer experience your viewers get from your channel, so when I enabled ads for one of my channels with longer videos, I wanted to make sure viewers would never have to suffer ads in the middle of the video.

It wasn’t easy to find information about this online, so I did some research on the subject and turns out you can luckily decide whether you want to allow mid-stream ads for your channel or not. This can be defined after you have chose to allow TrueView in-stream ads for your video in the following window ( notice the setting that says “mid-roll ads” ) :

Posted in Uncategorized

Add multiple tags to a Youtube video from a tag list

If you have a Youtube channel with a lot of similar content, chances are you also re-use the same tags a lot. If you don’t feel like typing them in separately every time you post a video, this trick might help you: You can copy paste a list of tags from a text file, as long as you separate the tags with commas.

Here is an example of how a tag list might look like:

Crime And Punishment (Book),Literature (Media Genre),Fyodor Dostoyevsky (Author),Audiobook,English (language),Radio,Dostoyevsky

Simply copy paste a list like that in to the tag-area in Youtube, and you are done!

Posted in Uncategorized

The Password Problem

We humans have become pretty good at physical security. It’s not very easy to rob a money transfer vehicle or a bank and actually get away with it. It seems unlikely that even the boldest terrorist would attempt to physically break into high security locations like Pentagon or Fort Knox.

Digital security however is a whole different matter. During the last few years we have gotten used to news about many of the largest companies in the world like Yahoo, Adobe, Twitter, Facebook, Nintendo and Apple getting hacked [1]. A big part of the problem with digital security is that our systems still rely heavily on passwords for authentication. Passwords are challenging for several reasons.

The amount of passwords
First of all, we need so many of them. According to Techradar 25 to 34 year old web users actively use 40 different online accounts on average. [2] We are told that each one of our accounts should have a unique password, so that if and when one of them gets hacked, the hackers don’t get access to all of our accounts. Remembering 40 unique username-password combinations is not very easy to do for most of us.

The complexity of passwords 
The passwords we choose should be long, random and complex. This is because in a typical hack the attacker gets access to the databases in which usernames and passwords are stored. Luckily most (but not all) system administrators are wise enough to store passwords in encrypted formats, so that the attacker has to crack them first in a process called brute-forcing. This is where the length and complexity of your passwords really comes into play.

The very first thing the hacker will attempt is a so called dictionary attack, in which a dictionary of common words and passphrases is tested for the password. [3] If your password is included in the dictionary, it will be cracked in less than a second. estimates the time it would take for a desktop PC to brute-force different passwords. [4] I started the test with with a very common word “Michael” which of course would be cracked instantly. Adding the number one after it (Michael1) still puts it in the top 1000 of most common passwords, which means it’s probably found in every password dictionary. Interestingly adding the number three (Michael3) makes brute-forcing it last 15 hours, which while still being quite weak, is already a significant improvement. Below is a chart of other variations and their brute-forcing times:


Image: Brute-force attack times for a desktop PC for different passwords based on results.

The charts demonstrate how important password complexity and length is. By adding special characters like exclamation marks and asterisks to our password, we can improve its strength significantly. By simply adding the letter “d” a few times to the end the word “password” it changes from the worst password in the world to a password that takes days to crack.

What’s good enough?
What is a safe enough time estimation to aim for then? We should remember two things: many hackers have access to botnets that comprise of thousands of computers and secondly computers are improving at an exponential rate according to Moore’s law. [5] Considering this I wouldn’t recommend settling for anything less than hundreds of thousands of years, of course also depending on the importance of the account you are protecting.

Another challenge with passwords is that no matter how good your password is, it is still very vulnerable to two things: phishing and keylogging.

Phishing is a process in which a malicious actor masquerades as a legitimate entity in order to have you send your private information to them [6]. To give you an example from my own experience, I once received a genuine looking email from Paypal telling me that I need to log-in to my Paypal account in order to confirm my address. I was suspicious but decided to see what happens if I click on the link. It took me to a website that had the exact same design as Paypal and it asked for my username and password. I entered a completely made up username and a random password and clicked on the login button. The website pretended that it accepted my login information and took me to a page that looked like the usual Paypal interface! You can probably guess what would have happened if I had entered my real Paypal login: this phishing website would have gathered my login information and used it to enter my Paypal account in an attempt to steal my funds.

Keylogging is even worse than phishing: a hacker is able to install a small program on your computer without you noticing which then captures every keystroke you type and sends the text to the hacker in a discreet manner. This way the attacker can learn all the usernames and passwords that you use while the keylogger is active. In a 2010 report, 48% of inspected 22 million computers were found to have malware in them [7] and according to Australian Computer Emergency Response Team (ausCert) 80 percent of all keyloggers are not detectable by antivirus software. In other words this threat is very real and makes relying on passwords for security quite scary.

What can we do?
What can be done to improve the situation? To fight phishing attempts, you should always double check the URLs of the websites you visit. I also recommend using tools like Web Of Trust ( that will show you community based scores for the websites you visit. If you are about to enter a shady website, you will get a warning. You should never ever click on links you receive in email, unless you are absolutely sure about the sender. Remember that changing the sender-address is a quite trivial thing to do. If a service that you are using asks you to visit their site, it’s better to manually type in the address or google it to make sure you are taken to the right website.

Defending against keylogging is much more difficult, because these type of infections can be hard to detect. Naturally you should have an up-to-date virus scanner and you should be performing scans regularly, but that doesn’t really guarantee anything. One of the most efficient defenses against keylogging attacks is two factor authentication. It means that you use not only your password to log in to a service but also a code sent to (or generated by) another device, typically your mobile phone. Many of the big web companies like Google and Yahoo offer two factor authentication these days and I really recommend it for greatly improved safety. To perform a successful attack, the hacker would need to have control of both your computer and your phone, which is quite unlikely.

Password managers
To help remember all your unique passwords you can use a password manager like Roboform or KeePass, but those are kind of double edged swords. On the other hand they make life quite convenient by keeping track of all your passwords, but they also create a single point of failure: If the attacker learns the master password that protects your password manager, then suddenly they have access to all your online accounts all at once. I personally have Roboform installed, but only on my workstation that I keep “sterile” which means it never touches the internet. At the moment I have 980 different user accounts saved in those files and I would never be able to remember all those logins without Roboform.

Coming up with a system
If you do not have an offline computer to store your passwords safely, I recommend creating a system that allows your passwords to be unique, long and yet easy to remember. Let me give you an example. You could create a single random password to memorize, let’s say “XyZ##!Smilie: :)Smilie: :P” and make it unique by adding the letters two and three from the service you are using it for to the end of the password. So your Facebook password would be “XyZ##!Smilie: :)Smilie: :Pac”. Even better, you could do something like adding the first letter from the top-level domain (like .com .org or .fi) in all caps at the end to hide your pattern a bit more. So Facebook password would become XyZ##!Smilie: :)Smilie: :PacC and that one would take 111 million years to crack. In my view this would provide good enough security for you non-critical online accounts. Your main email account and other highly important accounts should probably still have completely unique passwords (and thus not use a system like this).

Speculation about the future
What might the future of online security have in store for us? Many used to believe in biometric identification methods such as fingerprint- and eye scanners. The problem with these solutions is that just like passwords, malicious actors can use clever ways to obtain copies of this information in order to falsely prove their identity. Fingerprints might in some cases be even easier to obtain than passwords, as we leave copies of them pretty much everywhere. Unlike your password, you can’t really change your fingerprints if you fear a hacker has managed to get a copy of them, which in my opinion makes it an awful system for security. My prediction is that in future we authenticate with combinations of something we have (perhaps a smart watch or a ring) and something we know (a simple password), but hopefully the systems also analyzes our typical behavior and adjusts the requirements based on our behavioral patterns. For example, the login-system should demand higher degrees of verification if the login attempt is made from an unknown computer at an unfamiliar location. Many two factor authentication systems already allow you to mark commonly used computers as safe, removing the need to do a full two factor sign-in on those. Of course I am hopeful that all the smart security engineers will come up with something even better than I’m able to predict.

Many companies are already working hard to solve this problem and there are big incentives for a solution. According to the National Institute of Standards and Technology is offering a 10 million dollar reward for coming up with an alternative to passwords. Even Ford is working on a system that would automatically log you in based on the proximity of your smart phone. [8] The ones who can finally solve the password problem by coming up with more convenient and secure authentication methods will surely be applauded by internet users around the world.








Posted in Uncategorized

If I delete a comment on Youtube will the commenter get notified?


I was trying to find an answer for this question online but there didn’t seem to be any good results, so I’ll ask it here:

If someone has posted an offensive comment on my Youtube channel and I go ahead and delete it, will the writer of that comment get a notification that the comment has been removed?


I did some research with my wife’s help. She logged in from her account and posted a comment on one of my videos. I later deleted that comment and here’s what happened: Not only did my wife NOT receive any message that this comment was deleted, she actually still sees the comment there when she is logged in! Only when she logs out can she see that the comment is gone. So the answer seems to be that Youtube does it’s best to HIDE the fact that your comment was deleted from a channel. Which I believe is a good thing.

Posted in Uncategorized

Copy-paste website

If you are like me, you are constantly throwing basic html-code together for new websites.

Now there is a fresh website that wants to speed up that process by offering you a clean and simple html-file from which you can quickly copy all your basic html markup. There are also ready-made root folders available for download.

Check out the copy-paste website at!

Posted in Uncategorized

Can i use bing keyword research without adding any Microsoft code


People all over the web have been posting positive things about Bing’s keyword research tool. I too became curious enough and wanted to take a look, especially since I’m not super fond on the new Keyword planner tool from Google that has replaced the search volume estimator. My main purpose for this tool would be to check out potential domain names based on the organic search volumes of certain keywords. In other words I would like to see search volumes for certain terms in order to make smart decisions when choosing my domain names.

So I logged in with my old hotmail account (and no, I’m not using that for anything these days) and tried to find the keyword research tool from the interface. After looking around for five minutes I had to give up. I got the impression that I need to maybe first add some of my websites to the service. And to do that I would have to integrate Microsoft tracking code to my website. If that’s whats needed in order to use the keyword research tool then that’s a deal breaker for me. Microsoft as a company has such a terrible history of ruthless behavior that I’m not comfortable in adding any code from them to my websites. I don’t feel great about using Google Analytics either, but Google has been much nicer as a company so far. Well maybe except that nasty NSA episode which really dropped some points from Google in my eyes.

Anyway, long story short: it appears to me that I can’t access the keyword research tool of Bing without adding Microsoft code to at least one of my websites. Please correct me if I’m wrong!

Posted in Uncategorized

What are the visits from Google analytics campaign source

I have recently seen big increases in the traffic to this blog. Many of those visits are classified under “campaigns” in the Google analytics traffic sources -view.

The analytics manual says:
“Campaign is the name of the referring AdWords campaign or a custom campaign that you have created.”

The strange thing is I don’t have any adwords campaigns to my blog! Nor any other campaigns that I have created.

These visits are usually targeting very current subjects. Could these campaigns be something Google is doing on their own to drive traffic to my site?

EDIT: If I dig in deeper, I see “rss/rss” inside the campaign. So this traffic must have something to do with the rss-features of WordPress.

Posted in Uncategorized