Technology Archives – Page 2 of 33

How to perform a currency lookup in a Numbers spreadsheet

Apple recently introduced in the Numbers spreadsheet the ability to pull live stock prices from the internet, making it now possible to track portfolio performance.

To access this feature, you use the STOCK function:

Since the feature pulls data from the Yahoo finance service, the symbols you should use for reference are those used at Yahoo. For most stocks that I’ve come across, the symbols are the same as those used at Google, but they do seem to vary slightly for non-US stocks and currencies.

To track the Euro/USD exchange rate, the symbol used at Yahoo is “EURUSD=X”, but using this symbol in the Numbers STOCK function returns an error. The solution, as I found in this discussion at Apple is to use the CURRENCY function:

Email Verification

I’m the owner of a Gmail address that bears my name, in the form first.last@gmail.com.

Many others who share my name, have addresses that are slight variations of mine, e.g. first.last2@gmail.com or first3.last@gmail.com, or even first.p.last@gmail.com. You get the idea.

Often when these people signup at websites, they mistype their email address—and accidentally enter mine.

On account creation, modern websites send a verification email to the registered address, containing a link that the user must click before they can use the service. This verification-loop confirms that the person actually owns the email address they entered. You’ve probably experienced this yourself.

If I’ve directed you to this article, it’s likely because your company does not verify email addresses, such that I’m currently experiencing one or more of the following problems:

I’m receiving notifications, alerts, user-related communications (often containing personal data), and I’ve been unable to stop them because either:
- Your communications don’t have an unsubscribe link, or
- There is an unsubscribe link, but requires login to confirm
Your service doesn’t allow me to reset the account password simply by knowing the email address, i.e. it’s requiring me to provide some user-specific information I wouldn’t know.

In other words, I am stuck, have wasted time that I shouldn’t have wasted, and need your help.

But just as importantly, I need that you get the message to whoever in your company is responsible for the website, insisting that they need to add email address verification to the account creation process, to prevent this from happening in the future.

Thank you.

Decommissioning old email addresses with FastMail

The first business email address I used, [email protected], now almost twenty years old, is the source of 95% of the spam I receive. I no longer use this address, and would simply like to kill it, but every now the arrival of an important message reminds me that decommissioning it could result in missing something important.

Our company uses FastMail for email hosting, and the account has several domains aliased, including makalumedia.com. Chatting with FastMail support, I discovered that I could use their advanced “Sieve” support to effectively kill the address without risking to miss important emails.

Here’s how I did it:

In Mail.app, I created a smart folder that collected all mail addressed to [email protected] during the past 10 years (and which is not in my junk mail folder). This is the starting point of my list of “known senders” from whom I’ll continue to receive mails.
I exported this smart folder to a mailbox file on my Desktop
I then used the Mac app “eMail Extractor” to parse a list of all email addresses found in that file.
I then used BBEdit to clean up the list, leaving me with only a single copy of unique {domain}.{tld} entries.
I then created the following Sieve rule in my account at FastMail

if anyof(
    address :contains "To" "[email protected]",
    address :contains "To" "[email protected]"
  ) {
  if allof(
    not address :matches "From" "*domain1\.com",
    not address :matches "From" "*domain2\.com",
    not address :matches "From" "*domain3\.com"
  ) {
      reject "This email address no longer exists. 
      Please contact me through my blog at dafacto.com 
      to get my new email address.";
      stop;  
  }
}

This sieve triggers on any mail received on my old makalumedia.com addresses. It then checks if the sender is in my list of known senders (which in my real sieve is much longer than the above). If the sender is not in that list, it rejects the mail with a message to contact me through my blog to get my current contact information.

Since setting this up a few days ago, my spam has been reduced by probably 90%. The few that have gotten through were from senders on my known-senders list, and so I went and removed them from the list. So over time, my known-senders list will get cleaned of the few spammers who were present in the original list.

All in all, I’ve been super happy with Fastmail. Their service is well-designed, technically solid, and provides just enough geeky flexibility to do advanced stuff like the above. Well worth the money!

Support Authentication

When I signup for an online service, I like to use an email address that’s unique to that service, i.e. something like [email protected]. Email for my-special-domain.com is then configured to forward all incoming mail to my personal email address.

This allows me to do two things:

Know which services sell my address on to third-parties. (If I start getting spam on this domain, I can figure out where it came from.)
Kill any address for which incoming mail gets out of hand

This works fine, except for one problem, and a problem that shouldn’t exist:

Often when emailing [email protected], I’ll get a reply back indicating that—for “security” purposes—I must email support from the address associated with my account at the service.

What’s the problem with that? The problem is that the “from” address of my support enquiry provides absolutely no authentication or security at all, since email headers are dead-easy to forge.

Therefore, if a service wants to authenticate support conversations, there’s only one way to do it, and that is to provide an internal messaging system accessible only once a user authenticates into the service’s website. (Most financial institutions have this, since getting user authentication right is particularly important to them.)

I decided to post this to my blog, in order to have something I can conveniently point to in the future, when trying to convince these services that they’re misguided and causing unnecessary inconvenience to users who prefer to use throw-away addresses on their accounts.

Disappointing interaction design at Apple

Long-time Apple customers became accustomed over the years to thoughtful and delightful interaction design. As Apple has grown—and perhaps as Steve Jobs has passed, and Jony Ive’s involvement seems to be sunsetting—cracks have begun to appear.

Here’s two examples I ran into just this morning.

Enabling Do-not-disturb in Notification Center

Trying to enable “Do-not-disturb” in Notification center, I ran into to problems:

First, it’s not clear to me which of these tabs are active.
Second, it took me a while to figure out that the Do-not-disturb control is only exposed when scrolling down in the notification. There’s no UI cues at all to help with discoverability here.

Assigning a photo to a contact

In the Contacts.app, when trying to assign a photo to person, you’d think the picker would default to the contents of your People album, and provide a usable UI for finding and selecting someone (with sensible fallbacks in the case you never configured any Faces.) Instead, we’re dropped into the root level of the photos hierarchy, and by the time we navigate to the People album, are left with a list that’s only capable of showing the first few letters of first names.

Isn’t there someone at Apple whose job is just looking around for these kinds of details, that are such an integral part of the brand we’ve come to perceive?