Firefox 6.0 – Gray Colored URL in Address Bar

If you have upgraded to Firefox 6.0 recently, you might have noticed a change in your URL address bar.

Now, instead of the web address being in all black like you might have grown accustomed to over the past 10 years, the powers that be have decided it would be better to color all of the URL gray (except for the primary domain name, which still appears in black).

Firefox 6.0 Address Bar

I can see how this could be helpful to the ignorant masses who get scammed by phishing emails, but I’m a relatively intelligent internet user, and I have been browsing the net long enough to know what the primary domain name is in the URL without needing to have it colored different.

If you are like me and wish to set the address bar colors back to the way they used to be in prior versions of Firefox, simply follow these easy steps:

  1. In your Firefox address bar, type “about:config” (sans quotes), and press enter.
  2. In the filter search box, enter “browser.urlbar.formatting.enabled
  3. Right-click on the “browser.urlbar.formatting.enabled” line item in the listing and select “Toggle” to switch it to false

Firefox 6.0 Address Bar - about:config


Facebook Authentication and a Potential Security Risk

The idea of a “universal login” is not new by any means. Since the early days of the internet, many people have longed for the ease of having to only remember one login and password to access all of their favorite member-based sites.

Over the years, there have been a number of companies/organizations that have tackled this problem, and recently a couple of solutions have bubbled to the top in popularity. OpenID, Google Friend Connect, MySpaceID, and even the Twitter Login API have all been used as “universal login” methods which can be integrated with a web site.

None of these solutions, however, have even come close to the adoption rate boasted by the Facebook Authentication system. Practically everyone has a Facebook account these days, regardless of age, gender, education level, location, favorite web browser, email address, or internet provider! Facebook embraced this fact and built a nicely packaged authentication system which enables developers to integrate Facebook Authentication into pretty much any app or web site they can imagine. You can now find the Facebook universal login method in everything from iphone apps and desktop applications, to normal run-of-the-mill web sites.

This brings me to my point: Potential Security Risks

While logging into my Facebook account via all the different web sites and various applications which I use on a daily basis, I became acutely aware of a glaring security risk with the Facebook Authentication system. Basically, the way how Facebook instills a sense of security is via a recognizable blue bar which has a gray bar and diagonal stripes underneath it. This familiar imagery is displayed whenever you are asked to provide your Facebook login information. The idea that is consequently trained and reinforced in end-users’ minds is that the familiar imagery represents a genuine Facebook login screen. As such, if you are being asked for your Facebook information in a login popup, but the unique blue and gray bar is missing, you would immediately suspect that something was wrong.

Notice, however, that the Facebook URL is nowhere to be seen in the login popup. There is literally no easy way to verify where the contents of the login form are actually going. This is especially true in the countless iphone applications and computer programs which are making use of the Facebook Authentication system. A rogue developer could easily create a form which displayed the blue and gray bar, but that actually transmitted the login information somewhere else entirely (such as a database on their own server) before it sent the information to Facebook.

The exact same thing could be easily accomplished by any semi-competent web developer with 15 minutes worth of spare time. All they would have to do is make a mock-up copy of the legitimate Facebook login popup, but have it submit somewhere else entirely. The end user wouldn’t know the difference.

In summary: Facebook’s way of instilling a *false* sense of security via their blue/gray bar is totally flawed and easily exploited. They need to come up with some sort of method which enables end-users to verify the form’s authenticity before they enter their login information.


Time Travel

What do our loyal brainfuel readers think about the concept of time travel?

My opinion/theory is that time is linear and takes place at a constant rate. You can not stop time. You can not move back or forward in it. All you have is here and now, which moves along at an unchangeable pace. The only thing that we are able to change is our perception of time. For example, if you put your consciousness on “pause” and go to sleep for 8 hours, when you wake up you have effectively moved your perception of time ahead by those 8 hours. You have not “time-travelled”, however, because time exists outside of your perception. This is evidenced by the fact that many other events continued to take place at their normal pace even while you were asleep.

The biggest thing that gets people all excited about the idea of time travel is Einstein’s theory of relativity, which basically states that, well, everything’s relative.

For example, there’s no way to measure how fast the earth is moving through space because that depends entirely on your viewpoint. If you are standing on earth, it seems like it’s at a stand-still. But if you’re standing on an asteroid that is zipping along at 1,000 miles a second past the earth, then the earth looks like it’s moving really fast.

People have taken the concept of relativaty where it applies to movement and they have mistakenly tried to apply it to time. The reason why they do this is because humans identify and measure the process of time according to the movement of things (i.e. movement of hands on clock, movement of planets and stars, etc…). Technically, if all movement ceased to exist, there would be no way to measure time, so it would appear to have come to a stand-still. However, time would still be moving along at it’s normal rate, even though nobody would be able to measure it. You can’t change time by moving things any more than you can go back in time by moving the hands on your clock.

Here’s another thing that confuses people about time travel, making them think it’s possible: The speed of light.

Light travels at 186,282 miles per second, and the distance it travels in a year is called a “light year”, or 5,878,625,373,184 miles.

The most distant galaxies that our human instruments can detect are at least 10 billion light years away. Some people would say that the fact that we can see this light is evidence that the universe is at least 10 billion years old, because the light had to take that long to get here. Others say that God just flicked a switch and made the all the light from those distant stars just “instantly” travel the distance to earth when He created it.

There’s no way to know for sure, but we at least know this: Light generally takes a long time to travel over long distances.

We also know that humans see using light. Light bounces off of things and hits the back of your eyes, where the resulting signals are interpreted by your brain.

Now here’s the interesting bit. Look up into the sky. If you were to see a star that was exactly one “light year” in distance from the earth, you would effectively be seeing *into the past*. The light hitting your eyes has been travelling that distance for an entire year and is just now reaching you.

When scientists look at a star 10 light years away and they watch it explode, that is an explosion that actually took place 10 years ago! Crazy, huh?

Let’s say we figured out how to travel faster than light, and we flew 100 light years in distance from earth. Then, using an amazingly powerful telescope, if we were to focus in on earth, we would be seeing light that was 100 years old. If you zoomed in a little closer, you might even see people walked around in 1906 clothing, doing whatever people did in 1906.

Does this mean you “travelled back in time”? No! All you did was change your perception of it! It would basically be like rewinding a video-tape to see previous footage. Can you interact with the footage? Nope. It’s just light.

On that same note, you should be able to understand why you can’t “move forward” into time. You can’t change your perception to something that hasn’t taken place! The best you could do would be move close enough to the object in question so that you could see it in the now, instead of merely distant light from the past.

Or at least that’s my take on things…


Sprint IP Relay

Ok, this may be slightly off-topic, but it’s the coolest internet thing I’ve run across in a while so I figured I ought to share it with our loyal BrainFuel readers:

Sprint IP Relay (

Basically, you can type in the phone number of someone on the web site and a relay operator (real person) will call them. The relay operator will tell the person on the phone whatever you type. You can literally carry on a completely anonymous phone conversation (for the most part) with anyone of your choice, over the internet. For free.

This service is meant mainly for the deaf and hard of hearing, but my curiosity got the best of me and I tried calling myself with it. Sure enough, my phone rang a couple of seconds later and a real person was on the other end ready to read off whatever was typed over the internet. I typed a couple of phrases to myself like, “Hello!” and “How are you doing?”. It was really creepy hearing a stranger read it back to me over the phone.

After I saw it was real, I didn’t want to waste any more of the operator’s time, so I disconnected. In retrospect, I wouldn’t recommend wasting their time like I did. So yeah. Don’t do that.

One of my best friends is deaf, so I’ll probably tell him about this service since he always has a hard time understanding people over the phone. Now he can talk to them by typing on the internet. Cool!

For those of you who want to try a different flavor of webpage-to-phone calling, check this web page out. You can make up to 10 calls to any phone number, from any phone number (fake caller ID), complete with a selection of computerized voices to read your typed message. Entertaining. I used it to call my fiancee and she was pretty freaked out.