Podcatcher With Sync

I wanted to use a podcast client which would sync across devices. i.e. I could be playing a podcast on my phone while walking, pause it on my phone, resume it on my laptop, pause it on my laptop, and resume it on Alexa.

My other unusual usage pattern is that I sometimes listen while on my daily walk, but I mostly binge-listen while on occasional long trips (e.g. vacations).

I use Android, Mac, Windows, and occasionally Linux.

I’d been using Podcast Addict. It doesn’t work on Alexa or on the desktop.

Features I wanted to carry forward from Podcast Addict:

  • Auto-download of new episodes
  • Auto-archive (hide and delete) played episodes
  • The list of shows should indicate which shows have unplayed episodes (ideally with a count)
  • Limit downloads to Wi-Fi
  • Download of old, unplayed episodes (not just the latest episode)

I started by searching for multi-platform podcatchers, including platforms Android, IOS, and web/HTML5. Alexa is a nice-to-have because I’m willing to use Bluetooth to stream from my phone.

Here’s what I looked at:

  • Pocket Casts- web $9, Android $4, IOS, Alexa.
    • Auto-downloads new episodes
    • Auto-archive of played episodes
    • List of shows indicates unplayed episodes
    • Can limit downloads to Wi-Fi
    • “Alexa, tell Pocket Casts to resume the last podcast”. Slant likes it.
    • Web and desktop apps (Windows, Mac) missing some features present in Android.
  • Stitcher - web, Android, IOS, Alexa.
    • Auto-downloads new episodes
    • No way to hide/delete played episodes.
    • List of shows does not indicate which have unplayed episodes.
    • “Alexa, ask Stitcher to pick up where I left off”
  • Podbean - Android, IOS, HTML5. Alexa skill is reviewed horrible.
  • Castbox - web, Android, IOS. Alexa skill is reviewed horrible.
  • Player.FM - web, Android, IOS. No Alexa.
  • Podcast Addict - Android only
    • Has all the features I want except it is Android only.

I want:

  • Desktop/web, Android. Able to continue a podcast from desktop/Android to Alexa.
  • Auto-download via WiFi.
  • Sync across platforms.
  • hide/delete played episodes.
  • List of shows displays which shows have unplayed episodes
  • Download of old episodes (not just the latest episode)

How to Import Email From an IMAP Server Into Gmail

GMail has a helpful import-from-POP3 function, to bring your old email when you migrate to GMail. But I wanted to import from a server which supports only webmail and IMAP. Here’s how:

Step 1 - Import Messages to a Desktop Email Client

Since we can’t go directly from the old server into GMail, we’ll pass through an intermediate step. We’ll set up a desktop email client to fetch messages from the old server. This will make a copy of the messages on the desktop. Then, in step 2, we’ll push the messages from the desktop into GMail.

Note: If you’re about to lose access to your old server, the step of copying the messages to your desktop is URGENT. Step 2 can be done at your leisure.

I’m going to describe how to do this using the Thunderbird email client. If you already use a different desktop email client, you can probably do something similar using it.

  1. Install Thunderbird from https://www.thunderbird.net/en-US/ .
    • Just click on the default Next/Install/Finish buttons until you get to the “Set up an Existing Email Account” window.
  2. Enter your ordinary, human name next to “Your name”. e.g. Tom Smith.
  3. Enter your email address (from the old server) next to “Email address”. e.g. tom.s@example.com
  4. Enter your email password (from the old server) next to “Password”. e.g. TopSecret1234
  5. If you are lucky, it will auto-detect your settings.
  6. If you are unlucky, you may have to press the “Manual Config” button and enter your information manually:
    • Set Incoming to IMAP
    • Set both host names to the server name for your old email server. e.g. example.com
    • Set the Username Incoming field to your old email server’s user name. e.g. tom.s
    • Set both Port fields to Auto.
    • Set both SSL fields to Autodetect.
    • Set both Authentication fields to Autodetect.
    • Set the Username Outgoing field to your old email server’s user name. e.g. tom.s
    • Press “Re-test”. It should report “The following settings were found by probing the given server”. Then press Done.
  7. You may get passed to a login form for your old email server. If so, complete it.
  8. At the left side of Thunderbird, you should see your old email account. e.g. tom.s@example.com. Underneath the email address, you should see some folders. Explore those folders until you see the emails from your old server.
  9. Once you find the folder/folders with your old messages:
    • Right click the folder.
    • Choose Properties, then Synchronization.
    • Set (put a check mark next to) “Select this folder for offline use”.
    • Press the Download Now button.
    • Be sure to do this for each folder which has old emails.
  10. If you have lots of messages, just let your computer sit, connected to the internet for a little while, while the old messages get downloaded to your computer.

How to Pull-down Refresh on a Kindle Fire

I use Nirvana from nirvanahq.com for my tasks list. On an Android phone, it has a nice Sync icon. On a Kindle Fire Android tablet, there is no Sync icon. Here’s how to make it refresh.

  • At the top of the page, there’s a big blue title bar, showing the name of your selected folder. e.g. “Inbox”
  • Below the title bar is a narrow gray bar which repeats the name of the selected folder. e.g. “Inbox”
  • You must pull-down from the dividing line between these two bars.

I’ve heard this is a general issue with Kindles – that the pull-down area for an app has a very narrow activation area. This is reportedly because Android apps expect you to be able to pull down from the main title bar but Kindle uses the title bar in a non-Android-standard way.

How to Revoke an Alexa Skill Account Link

Many Alexa skills want you to “link accounts.” Often, this involves connecting to your Amazon account via OAuth. Later, you may wish to revoke this access.

Some revocation is at:

  • Visit https://www.amazon.com/gp/css/homepage/
  • Locat “Login with Amazon” under “Other Accounts” and click it.

Other revocation is at:

  • Visit https://www.amazon.com/gp/css/homepage/
  • Locate “Apps and more” in the “Digital content and devices” grouping. Click it.
  • Note that https://www.amazon.com/gp/mas/your-account/myapps/ref=mas_ya_apps may take you there with a single link.

Microsoft Office Apps - Tick, Tick, Tick

For no apparent reason, most of my Office 365 apps started ticking about once per second. Tick, tick, tick. The ticking would stop several seconds to minutes after I exited the app. It happened even when I launched the apps in “safe mode.” It affected Word, Excel, Access, and Powerpoint, but not Outlook. (I didn’t try Publisher or the other, lesser Office apps.)

I went into Control Panel and set the Windows sound scheme to “No Sounds” and the sound went away. So I drilled down to the “Windows Explorer” grouping and discovered that I could just disable the “Start Navigation” sound, and that silenced it.

That led me to run Fiddler to see what the navigation was. It was loading some Microsoft authentication URLs, over and over.

That led me to notice my name on the Office (Word, Excel, Powerpoint, Access) title bar. Office 365 wants you to be logged in to Office. There was an exclamation point next to my name, indicating some sort of error. I logged out of my Office 365 account and back in. The exclamation point was still there, but clicking it gave me a complaint about the status of my account (which disappeared too quickly for me to capture it).

Eventually I clicked on a message about re-authenticating. That displayed a blank dialog, which eventually loaded and told me I was re-logged in. THAT cleared the exclamation point. A few seconds later, the ticking (and URL loading) stopped.

So tick, tick, tick from Office apps is telling you that you’re not successfully logged into Office 365. Microsoft says you have to login to Office 365, even if all you wanted to do was to view a Powerpoint.

Notes on Scanning With Linux

I frequently use a Fujitsu sheet-feed scanner with my MacBook. Here are some notes about how I would go about cobbling together a scan-to-text-PDF solution with Linux. I don’t think it would result in a comparable user experience, but if I had to scan 10 pages into Linux 1000 times, here are some helpful pointers:

  • I really like my S1300. I hope the S1300i would be as nice.
    • https://www.gaggl.com/2016/11/getting-fujitsu-scansnap-s1300i-to-work-on-ubuntu-16-04lts/
    • http://www.openfusion.net/linux/scansnap_1300i
    • http://iokevins.blogspot.com/2015/08/fujitsu-scansnap-s1300i-on-debian.html
    • https://www.josharcher.uk/code/install-scansnap-s1300-drivers-linux/
  • https://knurdnerd.com/paper-to-pdf-workflow-with-ocr-on-linux/
  • https://help.ubuntu.com/community/OCR
  • Hardware:
    • https://www.amazon.com/Fujitsu-ScanSnap-Portable-Document-Scanner/dp/B008HBFADQ?
    • https://www.amazon.com/Canon-P-215II-Document-Scanner/dp/B00LPRQW86?
    • https://www.amazon.com/Brother-Wireless-High-Speed-ADS-2700W-Touchscreen/dp/B0757Z7NLC?

Linux, Mac, or Windows On My Laptop

My MacBook is getting old, so I’m thinking about a new laptop. OS options include Linux, macOS (formerly OS X), or Windows. Some non-mainstream OS-associated things that are important to me include:

  • Quicken. Many of the features. I use the retirement planner, portfolio tracking, and the transaction-tracking registers. Before you tell me “Banktivity” or whatever is better, make sure it can:
    • Download transactions from my bank, credit cards, retirement accounts, 529 plans, HSA.
    • Chart my net worth for 10+ years.
    • Import 25 years of Quicken data at 100% fidelity.
    • Tell me how long before I reach poverty if I lose my job.
    • Tell me when I can retire.
    • Track my spending and my income.
    • Data stored locally.
  • Scanning documents via a sheet-feed scanner to PDF+text format. I want an install-it solution – not “assembly required.”
  • TurboTax
  • GPS + topographic management. Something similar to Garmin’s BaseCamp.
    • I think BaseCamp just looks for volumes named “Garmin” and “GTOPO” for the device and the map disk. You might be able to run BaseCamp in a Windows VM or Wine, because it doesn’t use drivers to talk to the device.
    • Alternatives: QMapShack, Viking, GPSMaster.
  • Set-it-and-forget-it backup. I could live with just a periodic backup of data files, since I use CrashPlan.
  • Home-and-landscape design software. I want an install-it solution – not “assembly required.” I could live without this.
  • I really do use VBA in my spreadsheets, although I could rewrite this code.

No, I don’t think Quicken is part of the OS, but the OS I choose determines whether I can use Quicken. Given my desire for Quicken’s feature set, I either have to use Windows as my OS or Windows-in-a-VM.

Linux doesn’t have a complete scanning package. Yeah, you can scan anything with almost any hardware, but you have to cobble together the complete package, and bits and pieces of it will remain ragged. Too much tinkering for someone who scans documents often.

Something I hate about Quicken: Proprietary data storage with no API.

Hardware:

  • Big disk.
  • Fast CPU.
  • Don’t need a discrete video card.
  • 16 GB RAM. Prefer 32 GB.
  • 500 GB disk. Prefer 1 TB.
  • 15” display UHD/HiDPI. 1920x1080 is not high enough DPI at 15”.
    • There are many laptops with 3840 x 2160 and many with 2560 x 1440 or 2160 x 1440.
    • 15” MacBook Retina has 2880 x 1800.
  • Good touchpad (similar to MacBook’s).
  • Battery life
  • 300+ nits brightness
  • Glossy display

Some options:

To any of these prices, add a 3-4 year warranty (AppleCare)

Suppose I save $1200 and I keep my laptop 4 years. That’s $300 per year. If I stretch it to 6 years, it’s $200 per year.

Some things I don’t like about Windows:

  • Microsoft really owns your laptop. They’ll choose when to update Windows. They’ll choose whether you are allowed to re-install it.
  • There is nothing comparable to Time Machine.
  • I haven’t seen a trackpad that works as smoothly as the Mac’s.
  • No AppleCare carry-in repair.

Some things I really don’t like about Mac:

  • Apple really could decide to move the whole Mac platform to an incompatible CPU. They did it once before.
  • Apple controls whether you can use 3rd party hardware to repair. There are serious “right to repair” issues.
  • That damn battery is glued in. (I need to repair my trackpad, but I’d have to un-glue the battery to get to it.)
  • You can’t put macOS in a VM unless that VM is running on a Mac.
  • Apple is just about to drop support for 32-bit apps. Some of my 32-bit apps are abandonware.
  • You can’t get a 15” MacBook Air – You only get 15” in the MacBook Pro.

Some things I really don’t like about Linux:

  • No Quicken. No complete scan-to-text-PDF package.
  • You really spend way too much time tinkering. I just spent a lovely day and a half getting double-clicks to work right in an Ubuntu 18.10 VM.
  • GPS device + topo map management is… not a polished package.
  • No AppleCare carry-in repair.
  • Chrome consumes even more memory per page on Linux than on macOS!

“Creative” possibility:

  • I have a NAS-on-Linux server. Move all my data + apps to this server, and use a Chromebook to access it. (Quicken goes into a Windows VM.)
  • Won’t work for copying tracks to/from GPS device (except a Garmin can be treated as a USB drive with a particular folder layout).
  • Won’t work for scanning
    • Unless I get a USB extender.
    • Caution: Most USB over “Ethernet” are actually USB over RJ45, and they won’t flow through a switch.) (And many of them suffer ‘disconnects’. Do you really want to add complexity?
    • $420 ScanSnap iX500 can scan to Google Drive without a computer.
    • $280 Epson WorkForce ES-400 scans to Google Drive - check to be sure it can do this without a computer attached. (“Cloud Connect”).
    • $200 Brother ADS1500W can scan to Google Drive (“Web Connect”).
  • Or move all my data and most of my apps to NAS-on-Linux, and get a budget thin-and-light Windows laptop with UHD display as a terminal. (Looks like at least $1000.)

Issues with My Current MacBook:

  • Trackpad won’t left-click. (It will left-tap.)
  • Battery life has fallen to about 4 hours.

Working plan:

The smart thing to do at this point is to string my MacBook along a while longer, despite its messed up trackpad. If it out and out dies, either:

  • Buy another MacBook and spring for the extra $1300.
  • Buy a not-quite-top Dell, cobble together a decent backup. Be sure to see a real display and trial a real touchpad.

How to Block 99% of Junk Calls on Your Land Line

Here’s a way to block 99% of robocalls, political calls, sales calls and surveys to your land line. Please read the whole thing because there are some surprises in it.

  1. Sign up for a Google Voice number.
  2. In Google Voice settings, set up your home land line as a “linked number”.
  3. In Google Voice settings, enable “Screen calls”.
  4. In Google Voice settings, enable “Filter spam”.
  5. In Google Voice settings, go to Legacy Google Voice. Go to Settings, Calls, and for “Caller ID (incoming)” select “Display my Google Voice number”.

At this point, if someone calls your Google Voice number:

  • They’ll have to state their name the first time they call you, unless they are in your Google Contacts. (If you need to receive robo-calls from someplace like your library or your county emergency alert, create a Google Contact for them.)
  • When the calls arrive at your home land line, they will display your Google Voice number as the caller ID.

Next, set up your home land line to accept calls solely from Google Voice:

  1. Buy a white list call blocker such as this one from Amazon. You want a white list only. You’re going to program it to accept calls from a single number.
  2. Program it to accept calls solely from your Google Voice number.

Junk callers simply don’t go through the identify-yourself process at Google Voice. I’ve never had a robocall or even a human telemarketer bother to complete the process.

Now you have to tell all your friends, family, and associates that your new number is (your Google Voice number here).

Bonus Extra:

But what if you don’t want to tell all your friends about your new number? You can actually work with Google to transfer your EXISTING home number to be your new Google Voice number. Then you have to sign up for a new phone number at home, but nobody ever calls that number (because your white list device doesn’t answer for them.)

Total cost: Less than $100 for the device, plus 30 minutes of setup.

Should I Use a VPN at College?

I’ve moved away to college. When should I be using a VPN?

The internet is a scary place. Before you reach the internet, your traffic must first travel through your LAN (local area network). When you were at home, your LAN was safe. When you’re away from home, your LAN isn’t safe.

The main difference is that at home, your computer is hidden from the outside world by your gateway router.

Due to the magic of NAT (Network Address Translation), computers outside your home cannot ‘see’ computers inside your home, unless your home computer reaches out to touch them. In other words, your computer at home can initiate a conversation with a computer outside your LAN, but a computer outside your LAN cannot initiate a conversation with your home computer.

When you’re behind a NAT router, computers on your LAN can initiate a conversation with you and they can also ‘listen in’ on conversations your computer has with other computers. External computers can’t.

At college, one or two things happen. At a few colleges, there is no NAT, and every computer on the network is visible to the entire internet. At most colleges, there is NAT, but there may be 10,000 computers on your LAN and they can all see your computer. Colleges are full of smart people with lots of time on their hands. Some of them may be studying computer security, and they might enjoy seeing what they can do to your computer.

Short answer:

  • Be sure to run a firewall, whether or not you run VPN. VPNs hide your traffic. They don’t hide your computer.
  • Use VPN when you do something you don’t want everyone to see.
  • VPN is more work, and it is slower than not using VPN, so you might not want to use it for everything.
  • Really, really be sure to use it when accessing financial accounts or your email.
  • Your college might object to VPN or prevent VPN.

What Does a VPN Protect You From?

VPN Tunnel

A VPN (Virtual Private Network) is a pipeline (tunnel) from your local LAN to another, distant LAN. Your network traffic travels from your computer to the distant LAN, and then it goes to the internet. Nobody on your local LAN can see the traffic while it is inside the tunnel.

Some VPNs hide the local LAN from your computer while you are connected to the VPN. Others don’t. It is often a configuration option.

VPN Is Not a Firewall

Running a VPN does not protect you from your classmates hacking into your computer. Every computer on your LAN can see your computer. If your college does not use NAT, every computer on the internet can see your computer.

If they can see your computer, they can try to hack into your computer. Your primary protection is to use a firewall. Windows, macOS, and Linux all come with firewalls. You should never, ever connect your computer to the college network without its firewall running. Without a firewall, your computer can be compromised in minutes, particularly if you are behind on applying updates.

VPN Prevents Content Leakage

Modern, secure web sites use HTTPS to move data between your browser and the site. HTTPS is ‘secure,’ meaning that nobody can see what you send or receive. But some web sites exchange data in HTTP, which is not secure. Even if the main site uses HTTPS, some of them move some data with HTTP.

There was a big brouhaha a few years back, where major sites were moving cookies with HTTP before they switched to HTTPS to show you the main web page. Bad guys could capture these cookies. They could use them to masquerade as you, and access the web site. Once they were on the web site, they could change the password – your password. Oops! See Firesheep for more info. This issue has been addressed by the major web sites (Gmail, Facebook, Twitter, etc.) Bob’s Bargain Web Site may not have fixed it.

If you use VPN, all of your web traffic is hidden from your local LAN by the tunnel. It’s not just your web traffic. ALL of your network traffic is hidden.

  • Whenever you are entering a user ID and a password, check to be sure your URL begins with “https://”.
    • If you are using a modern version of Chrome, which hides “http://” and “https://” in the address bar, it will show “Secure” at the beginning of the address bar instead of “https://” and “Not Secure” otherwise.
  • Use a VPN if you are logging into your bank (or other financial web site), email (or any Google service, since they all share your GMail login)
    • You really, really don’t want someone to see your bank ID/password. You don’t want them to break into your email account because they can use your bank’s “forgot my password” feature to send a new bank password to your email account.

Proxies and WPAD

There’s this thing called a proxy server. Your college may hide the internet from your computer by a firewall. But you want to browse the internet. To get around this, there’s a thing called a ‘proxy server.’ YOUR computer isn’t allowed to talk to the internet, but the proxy server is. So instead of talking to the internet directly, your browser says to the proxy, “Hey! Go get this page for me,” and the proxy fetches it and gives it to your browser.

A proxy server has some visibility into your network traffic. (More on this later.)

Your computer has to discover the proxy server in order to use it. Your browser uses something called WPAD (Windows Proxy Auto Discovery) to discover the proxy. Even on many non-Windows computers, despite the name.

WPAD has some shortcomings. A bad guy can trick your computer into using the wrong proxy by setting up his own WPAD server. Thats’ bad.

If you are using Windows, I recommend that you edit C:\Windows\System32\drivers\etc\hosts, and append a line with:

  • 255.255.255.255 wpad.

The trailing period is important. You will have to use an Administrator-enabled account to edit the file.

This will disable WPAD. If that breaks your internet access, you’ll have to un-delete it or ask your college help desk how to manually specify an auto-proxy server. Tell them you can’t use WPAD and you need help configuring your browser to use a manually specified URL for the proxy auto-config file.

I recommend disabling WPAD, whether or not you use VPN. If you do not disable WPAD and you do use VPN, it is more difficult for a bad guy to use WPAD to trick your computer into using a bad proxy. It is not impossible. That’s why I recommend disabling WPAD.

College Snooping

Colleges sometimes try to be your parents at their worst. Read about “in loco parentis,” if you want to know why. If you are using HTTP, they can see all your web traffic. If you are using HTTPS, they can’t see inside the web pages, but they can still tell which web sites you visit. If you browse to http://people-doing-vile-and-nasty-things, you might not want your school to know. Shucks, they may actually prevent you from browsing there. If you really want to visit that site, perhaps to do research for an Abnormal Psychology term paper, a VPN can (mostly) hide the fact that you’re going there from your college.

So privacy is one reason to use a VPN.

Colleges may have a list of web sites they don’t want you to visit. They may have protocols (such as BitTorrent) that they don’t want you to use. A VPN can work around college blocking. Exercise caution here. In all of those papers you signed when you enrolled, and all of those “I read this” checkboxes you checked online, you may have agreed to something like, “I promise not to circumvent web site blocking and you can spank me if I do.”

Colleges may outright block VPN because people use it to work around site blocking. You might be able to work around their blocking of VPN. It is generally a bad idea, because even if you work around a VPN block, they can still tell that you are using VPN if they try hard enough. If they block VPN, they probably have a policy against working around the block. They may or may not send you a warning letter before they expel you (or disable your internet access) for violating policy.

Changing Your Location

Maybe you run into a web site which says, “We don’t allow access to people who live where you live.” When you use a VPN, they don’t see your local LAN as being where you live – they see your VPN LAN as your home. You now “live” somewhere different.

This is actually a common use for commercial VPN by some people. You can buy access to a commercial VPN and, if you live in the USA, you can use the VPN to look like you live in Europe, or vice versa. If you want to watch a movie which is only available in some countries, this is a way to “live” in a different country.

Hiding Your Tracks

I include ‘Hiding Your Tracks’ here for completeness – not as a guide.

If you’re trying to break into a web site, you want to be hard to find. If you just casually start hacking, they’ll probably find you in your dorm room. You could use VPN to cover your tracks. In fact, some criminals use VPN #1 to connect to VPN #2 to connect to VPN #3, to be really hard to find.

Don’t do this. If you’re committing a big enough crime to make this worth the effort, you’re committing a big enough crime for the FBI to go to the trouble to track you down despite your VPN. If you’re crossing state lines, you’re committing Interstat Wire Fraud, and that’s a federal crime. It doesn’t matter how smart you are. Eventually, you’ll slip up and leave a track somewhere. Perfection is not achievable.

It Isn’t Free

  • Using a VPN takes effort.
  • Using a VPN slows your traffic. Instead of going directly to the site, your traffic must detour to the VPN’s LAN first.
  • Using VPN uses bandwidth of your VPN provider. If your VPN provider is a company, you probably don’t care. If your VPN provider is Dad, Dad’s ISP probably has a bandwidth cap and you’ll annoy Dad if you make him hit that cap.
    • But I never hit the cap at home! Yeah, but now you are using DOUBLE the bandwidth. All of your traffic first travels into Dad’s LAN and then it turns around and travels out from Dad’s LAN.

Summary

I’ve moved away to college. When should I be using a VPN?

  • Be sure to run a firewall, whether or not you run VPN. VPNs hide your traffic. They don’t hide your computer.
  • Use VPN when you do something you don’t want everyone to see.
  • VPN is more work, and it is slower than not using VPN, so you might not want to use it for everything.
  • Really, really be sure to use it when accessing financial accounts or your email.
  • Your college might object to VPN or prevent VPN.