Tuesday, December 31, 2013

2013 InfoSec Tweet Awards

It's that time of year again... I bring you the second annual InfoSec Tweet Awards!  Okay, like last year there are no actual awards. These these are just some of the more entertaining or thought provoking tweets that I "favorited" throughout the year.  


Best Tweet Inspired By A Song

Best Tweet That Should be on a T-Shirt

Best Tweet About Hackers (Tie)

Best Tweet About Hacking

Best Tweet About Hacker Handles

Best Tweet About A Hacker Conference

Best Tweet About BackTrack

Best Tweet About Scanning

Best Tweet About Programming

Best Tweet About A Text Editor

Best Tweet About Java

Best Tweet About A Data Center

Best Tweet About Credit Cards

Best Advice To InfoSec Noobs

Best Tweet About "The Cavalry"

Best Tweet From "Outside The Bubble"

Best Twitter... um... –er

Last but not least we have the "award" for the person who posted the best overall tweets of the year.

And the winner is.... Info Security Jerk (@infosecjerk). Info Security Jerk says what we are all thinking. His tweets are consistently funny, all the more so because they are rooted in the day-to-day life of those who work in InfoSec. If you follow one new person this year it should be him. Below are three gems from 2013:

This concludes the 2013 Tweet Awards. Please feel free to share your favorite tweets in the comments below. I wish you and yours a very Happy New Year!

Wednesday, November 6, 2013

Hacking Your Health Part II: Ancestry

This is a continuation of the blog post Hacking Your Health.  Previously, we focused on the health, disease and drug aspects of the genetic testing results received from 23andMe.  While the Ancestry portion of the test results doesn't really apply to "Biohacking" I would be remiss in not discussing the fascinating information you can learn about your genealogy.

Ancestry Results

There is a wealth of information available in the Ancestry half of the report.  The dashboard overview provides a snapshot of the highlights.  Here you can see: the percentage of your dominant ancestry, specific countries of ancestry based on surveys taken by others with similar DNA, the estimated percentage of Neanderthal DNA, number of genetic relatives with 23andMe profiles (close family, 2nd & 3rd cousins, 4th cousins and distant cousins) and Top Relative Surnames.  Famous relatives will also be displayed here (while none were listed in my profile, Jesse James appears to be my wife's distant relative)

Ancestry Composition

Personally, Ancestry Composition is one of the bigger draws of 23andMe.  I've always had a keen interest in history.  My Great Uncle has documented a significant amount of my maternal grandmother's line however, little documentation exists for the rest of my family. The results from 23andMe "reflect where your ancestors lived 500 years ago, before ocean-crossing ships and airplanes came on the scene."

There are three different "resolutions" to the results (global, regional and sub-regional).  At the top level, I am 99.8% European, 0.2% unassigned (this is not surprising).  Zooming in to the regional view the results are divided between Northern (40.4%), Eastern (12.9%), Southern (2.2%) and Nonspecific (44.3%) European.  As you can see a significant portion of my ancestry is "Nonspecific European".  Zooming in to the sub-regional view does not provide much more clarity:

This much "nonspecific" ancestry is not unexpected for such a densely populated region.  With that said, the "Ancestry Composition" estimates can be tuned.  By changing the setting to "Speculative" the results become more interesting however, the confidence threshold drops from 75% to 50%:

Beyond the analysis of genetic information, 23andMe encourages customers to complete questionnaires to provide further ancestry correlation.  By hovering over any of the regions and clicking the arrow you will be provided with the sample sizes used to determine the region (includes both 23andMe data and public studies).  In my case, comparative genetic information and survey results were taken from 5,041 people to determine my ancestry.  Clicking "Show Details" provides a breakdown of how the participants self-identified their heritage.

Maternal Line/Paternal Line

As a male I have both an X and a Y chromosome allowing me to review genetic lines from both parents. A downside of genetic testing is that females have two X chromosomes which only provides the maternal line.  On the bright side there is an option to share data with others and by linking with male family members it is possible to have a more complete profile.

Both "lines" provide the haplogroup to which you belong as well as a heatmap of the haplogroups' distribution approximately 500 years ago (before the era of intercontinental travel).

My Maternal Line
My Paternal Line
The results also provide some facts about your haplogroups such as age (how many years the haplogroup has existed), region, example populations and a "highlight" (for instance one of my haplogroups appears to have been common in Doggerland).

23andMe provides additional information in another tab with a detailed history of your haplogroups and related subgroups.  A haplogroup tree is contained in its own tab where you can collapse and expand the different groups and highlight groups based on geographic location.

Neanderthal Ancestry 

This is a relatively new section.  Only in recent years was it discovered that modern day Homo sapiens sapiens share genetic code with Neanderthals (Homo sapiens neanderthalensis).  It's unclear exactly what this means from a genetic standpoint and 23andMe states, "There are many intriguing theories about what traits the smidgen of Neanderthal DNA may have imparted on modern humans, but we don't know yet if having a little more than average Neanderthal DNA could explain why someone is extra brawny, short or boorish.  Those traits might just be regular human characteristics."  The DNA for an average person of European descent is estimated to contain 2.6% Neanderthal DNA.

DNA Relatives 

This section is broken up into three tabs, List View, Map View and Surname View.

List View:  This is quite literally a list of all 23andMe users who are genetic relatives.  Users are able to share as much or as little information as they would like. This ranges from virtually nothing to names with complete profiles (examples below):

Click to enlarge
Map View:  Genetic relatives are pinpointed on a a Google map.  Links are provided to quickly zoom to specific regions or to "Top Locations" (highest concentration of genetic relatives).  Almost half of my genetic relatives currently reside in the United States:

Click to enlarge
Surname View:  This view lists the frequency in which a last name appears among your genetic relatives. Actual counts are provided as well as an "enrichment" number which indicates "how common a particular surname is among your Relative Finder matches, compared to the entire 23andMe database."

Click to enlarge

Ancestry Tools 

Ancestry Tools are listed as features that "may still be in development, require specialized knowledge or appeal to only some [23andMe] customers."

Countries of Ancestry:  This feature combines information from Relative Finder matches and those matches' answers to the "Where Are You From?" ancestry survey.

DNA Melody:  This was a delightfully unexpected bonus.  23andMe maps specific traits in your profile to the rhythm, pitch, key and timber of a melody.  Click to "hear" my DNA.

Family Inheritance  Advanced:  This tool allows you to compare your DNA, bit by bit, to see what segments you share with close and distant family.  With this tool you can "find out where those DNA segments start and end, and see how DNA is transmitted across multiple generations by comparing multiple family members against a person in question."

Global Similarity Map:  This feature provides migration animation that "shows who in the world you most resemble genetically" over the last 50,000 years.

Haplogroup Tree Mutation Mapper:  This feature shows you which particular mutations in a person's mitochondrial DNA (maternal ancestry) or Y chromosome (paternal ancestry) were used to determine their haplogroup assignment.

Overall 23andMe provides a remarkable amount of information at a relatively low cost.  If you are interested in obtaining your own results I invite you to use this referral link:

Friday, October 4, 2013

Hacking Your Health

Recently "Hacking" has become a term that can been applied to just about any subject matter (see: Hacker Ethic).  For instance, "Hardware Hacking" is a largely accepted term by the InfoSec community and the idea of "Biohacking" is gaining ground.  This can range from medical implants to alternative diets (ex. Paleo) and the use of supplements.  You may already be doing it without even realizing it.  Have you ever increased your vitamin C intake to stave off a cold?  Drank ginger ale to calm an upset stomach?  These are simple examples of Biohacking.

Like any hack or professional penetration test you don't want to blindly attack a problem.  You need to gather intelligence first.  For Biohacking this can take the form of a DNA test.  In recent years genetic testing has become much more affordable.  At the forefront of personal testing for "Health, Disease & Ancestry" is 23andMe.

On August 17, 2013 I ordered two bio sample kits (one for me, one for my wife) and they arrived five days later.  The process is simple, you provide a saliva sample by spitting into a tube.  Initially, it looked like a large sample was required, however the tube is double walled and the inner tube is only about half the length of the outer tube (this separation is obscured by the label).  In reality, you only need about two milliliters to reach the fill line.  Once complete, you close the funnel which releases a "stabilization buffer" that mixes with your sample. You then remove the funnel, cap the tube, put it in a biohazard bag and mail it back in the included prepaid box.

The next part requires patience.  After 18 days I received a confirmation email that the sample had arrived at the lab and was being processed.  It took an additional 14 days to receive the initial results (health and limited genealogy).  The complete and final results arrived three days later.  Results are broken down into two sections, health and ancestry.

TL;DR Version: 23andMe provides a wealth of information for a relatively low cost.  I encourage you to get your own results.  If interested, please use this referral link: http://refer.23andme.com/v2/share/6224967130210323244

Health Results

I have to say I was surprised at the amount of detail that 23andMe provides and the number of levels you can drill down into each trait.  What I thought would take an hour or so ended up consuming my evening.  On the main page, 23andMe provides a health overview that lists your top 5 health risks, inherited conditions (genetic variations that have been strongly linked to particular diseases), likely physical traits and potential drug responses.  Each area can be expanded upon and risks/traits are rated on a scale from 1 to 4 stars:

Health Risks

23andMe covers a staggering 120 different types of health risks.  This ranges from various types of cancers and heart disease to skin conditions and restless leg syndrome.  Risks are divided into "Elevated Risks", "Decreased Risks" and "Typical Risks".  For those risks with a high level of confidence you are provided with your risk level (%) and the average risk (in my case, for "men of European ethnicity between the ages of 0 and 79").

Clicking on a disease opens up a plethora of information.  There are pages of information on your specific data along with numerous citations.  There are also tabs detailing the biology of the disease; resources, counseling and support services; a detailed technical report; and a community group.

23andMe considers some health risk information more sensitive than others.  These are defined as "serious diseases with no known cure for which a strong genetic factor has been established" (ex. Alzheimer's Disease).  You must accept an individual agreement specific to each sensitive risk before viewing the result.

Inherited Conditions 

This section displays 50 genetic variations that have been strongly linked to particular diseases.  All 50 traits have a high research confidence however, any result that is "Variant Absent" has a disclaimer which states: "This person does not possess this genetic variant.  It is possible he or she may have other variants linked to this condition that cannot be detected by 23andMe."  There is also a disclaimer stating that, "these reports cover only a subset of possible mutations that may be linked to a condition.  It is thus possible to have other mutations not covered by these reports."


23andMe states, "Some of our physical attributes are completely determined by genetics while others are influenced by many genetic as well as non-genetic factors.  This section includes easily detectable phenotypes like eye color, but also more subtle traits such as resistance to the Norwalk virus."

There are 60 different traits covered in this section of the report.  Each trait provides the same level of detail found under "Health Risks" and "Inherited Conditions".  Many of these are interesting curiosities such as, bitter taste perception, likely iris pattern and the estimated amount of caffeine consumed (high, low or average).  Others offer more useful information such as resistance to Malaria and HIV/AIDS or if you are likely to become lactose intolerant.

Drug Response

This section displays 24 genetic variations that have been linked to differences in how people respond to drugs.  This includes sensitivity and/or the likelihood of side effects.  These are more or less straight forward.  In my case it identified two drugs that would only require small doses for maximum effect, another drug that would require a significantly higher dose and a fourth that has a higher likelihood of side effects.

Interesting side note:  Two of the drug responses covered are, "Alcohol Consumption" (ability to break down acetaldehyde and associated cancer risks) and "Caffeine Metabolism" (whether drinking coffee increases a subject's heart attack risk).

Health Tools

Lastly, 23andMe offers some features that are still in development or require specialized knowledge.  There are currently three tools available:

ABO Blood Type:  This calculator factors the 25 different blood groups that determine a particular blood "type". (O, A, B, or AB, and positive or negative).  Additional technical details are provided along with a chart of applicable donor blood types you can accept and a break down of "Blood type frequencies (%) around the world".

Genetic Weight Calculator:  "Your genes influence your health and your appearance, so why not your weight as well? Two recent studies genotyped nearly 100,000 adults of European ancestry and confirmed six independent SNPs strongly associated with differences in body mass index (BMI)."  This calculator provides the supporting evidence we've become accustomed to with 23andMe.  In my case I can blame 4.47 pounds on my genetics.

Reynolds Risk Score:  This tool is used to calculate a 10-year risk for heart attack using your genetic data along with your current cholesterol and blood pressure.  The calculation provides you with the estimated current risk (%) as well as the estimated risk if you reduce your cholesterol by 40 points or your blood pressure by 20 points.

Risk Updates

Technology is constantly evolving and we are continually learning more about the human genome.  For no additional cost, 23andMe provides updates detailing new risks as they are discovered.  On any of the pages, you can click "See New and Recently Updated Reports" to display updated results along with the confidence level and date last updated.

This concludes my review of the health portion of my DNA analysis.  Personally, this report has given me a lot to think about and it may influence my medical care, especially later in life (while consulting with a doctor, of course).  If you are interested in obtaining your own results I encourage you to use this referral link: http://refer.23andme.com/v2/share/6224967130210323244

Continued in: Hacking Your Health Part II: Ancestry

Monday, August 19, 2013

NSA's Response To My FOIA Request

Following the news that the National Security Agency (NSA) is maintaining a mass electronic surveillance data mining program called PRISM, I began to wonder what specific information the NSA is actually maintaining about me.  I decided to see if I could find out and submitted a request for information under the Freedom of Information Act (FOIA).  The exact procedure for submitting a FOIA request varies slightly from agency to agency.  Fortunately the NSA makes it easy by providing a method for submitting the request online (available here).   The form only asks for your contact information (name, email, physical address and phone number) and a description of the records you seek (up to 5000 characters).  In my case I requested "any and all records pertaining to my person".  I submitted the request on June 13, 2013 and just over a week later I received a response in the mail.

What arrived was a three page letter.  They started by acknowledging the request (how and when they received it) and assigned it a case number.  They go on to state their mission is to, "collect, process, and disseminate communications or signals intelligence information for intelligence and counter intelligence purposes and to support military operations" and cite the executive order that defines their roles and responsibilities.  The letter then addresses the, "considerable speculation about two NSA intelligence programs in the press/media."

I won't recite the next page and a half of  legalese that follows however, it can be boiled down to one sentence:

"your request is denied because the fact of the existence or non-existence of responsive records is a currently and properly classified matter"

That's it in a nutshell. They are withholding the information not because the information may contain some classified secret but because I'm simply not allowed to know if they have it or not.

A copy of the letter is below:

Page 1

Page 2

Page 3

Wednesday, July 17, 2013

Migrating From WordPress to Blogger: How & Why

As time has gone by the costs of maintaining a privately hosted WordPress blog has increased.  My hosting costs have doubled over the last two years and free services such as WhoIs Protection and email accounts have become paid add-ons.

There are also security concerns. WordPress is a software platform and there are currently over 68 million installations in the world.  This is a tempting target for attackers and numerous exploits exist in the wild.  Alternatively, Blogger is a service and there is no option to host a Blogger instance with a third party. This alleviates the user from the burden of maintaining both the software and the myriad of plug-ins currently available.

As this site is more or less a hobby, I've decided to transfer my domain to a different registrar and I'm abandoning WordPress in favor of Blogger. This eliminates the need for a separate hosting provider yet still allows me keep a custom domain (no aditional fee).

Below are the steps I took to migrate from WordPress to Blogger:

Content Migration

Migrating the blog posts, stand alone pages and user comments was not that difficult.  Both WordPress and Blogger offer simple import/export functions and it is just a matter of converting the data to the appropriate format.

The procedure for exporting data from WordPress has changed over time. As of this blog post, the latest version is 3.5.2.  From within the management console, hover over "Tools" and select "Export".  You will then be prompted to "Choose what to export".  The options are: All Content, Posts, Pages, Feedback. In my case I wanted to export everything. After making a selection, just click "Download Export File".  The format will be an Extensible Markup Language (.XML) file.

Blogger also uses .XML files to import/export content however, the formatting is not correct to directly upload a blog from one platform to the other. Fortunately, there are a number of tools that will convert it for you.  Not wanting to install any software, I opted for a web app (http://wordpress2blogger.appspot.com/).  This site is easy to use. Just click "Choose File", navigate to the .XML file you exported from WordPress and click "Convert". The converted .XML will automatically download within a few minutes.

Uploading the converted .XML file to Blogger is just as easy as exporting it from WordPress.  Once you have created a new blog in which to import your data click "Settings" and then "Other".  At the top of the page under Blog Tools click "Import Blog".  You will be presented with an import pop-up window. Click "Choose File" and select the converted .XML file.  To "prove you're not a robot" you are asked to complete a CAPTCHA.  Once you've typed in the response click "Import Blog".

TL;DR Version:

  1. Log in to the WordPress management console
  2. Select "Tools" à "Export"
  3. Select "All Content"
  4. Click "Download Export File"
  5. Go to http://wordpress2blogger.appspot.com/
  6. Click "Choose File"
  7. Select the .XML file you want converted
  8. Click  "Convert"
  9. Create a blog on Blogger
  10. Click "Settings" à "Other" à "Import"
  11. Click "Choose File"
  12. Select the converted .XML file you want to upload
  13. Complete the CAPTCHA
  14. Click "Import Blog"


Blogger offers a number of different templates that are highly customizable.  It is relatively easy to change the: layout, color, banner, favicon, etc.  Wanting to be somewhat unique, I putzed around a number of sites looking for a 3rd party template. I ended up deciding on a template from PBTemplates.  I also recommend checking out BTemplates which offers hundreds of different options.  Once you've made your selection, it's simple to upload the template (you just need the .XML file).  Log into the Blogger console, select "Template" and click the "Backup/Restore" button. In the pop-up window click "Choose File", select the .XML template, click "Upload" and you're done.

TL;DR Version:

  1. Log into the Blogger console
  2. Select "Template"
  3. Click "Backup/Restore"
  4. Click "Choose File"
  5. Select the .XML template
  6. Click "Upload"


Formatting:  Depending on the template you used with WordPress and the template selected for Blogger you may find there are some formatting issues.  In my case I needed to add or remove spaces between paragraphs, delete gibberish left over from the conversion process (minor effort) and remove some left over HTML formatting from the old color scheme.  Not every post had issues and none of it was egregious.  If you are importing a large number of posts and not overly picky then it probably won't bother you.

Images:  Previously most of my images were left aligned with the text squared around it. After importing the blog the images defaulted to "inline" with text.  This was easy enough to fix by entering the edit screen for the blog post, clicking on the image to display properties and clicking the "Left" property.
Warning: If your images are hosted with the same provider as your WordPress blog they will be lost when you inevitably cancel your service or let it expire. If this is the case you will have to download and re-add them to your blog posts on Blogger.
Tip: Images uploaded to Blogger are housed in Picasa (picasa.google.com).  These images are also accessible under the Photos tab in Google Plus.  
Gadgets/Widgets:  You may likely find that there is an issue with some of your "Gadgets" (what WordPress calls "Widgets"). I tested out a number of different templates and found that the issues varied.  I was able to successfully edit some of them by tweaking the HTML, but in most cases it was easier to just delete and re-add them. You can access Blogger Gadgets under the "Layout" menu.

Time Format:  Lastly, many of the templates I looked at are formatted to only display the time of the post (no day, month or year).  I was able to change this by going into the "Template" menu and clicking "Edit HTML".  Once there, search for the string, "data:post." and look for an instance that is proceeded by a time variable.  Change this variable to "dateHeader".
Example: Change <data:post.timestamp/> to <data:post.dateHeader/>

All in all, the process is relatively painless.  Feel free to drop me a line if you run into any issues.

Screenshot of SecurityRamblings.com prior to migrating from WordPress to Blogger
[Click to Enlarge]

Thursday, April 4, 2013

Life After Google Reader: Evaluating Replacement RSS Clients

While this article is not strictly security related, it does concern a tool many InfoSec professionals use on a daily basis to stay up to date on industry news.

As I’m sure everyone has heard. Google Reader will sunset on July 1, 2013. This has spawned a flurry of articles detailing dozens of different RSS reader alternatives. In most cases the articles have been little more than a summary of features. My goal was to narrow down the options to a handful of contenders based on my personal needs and test them over a week.

Before getting started, I reviewed eight different articles from a variety of sources. Each offered up opinions on where users should migrate their RSS feeds. In total, the articles provided 21 suggestions.

My Requirements 

I regularly access RSS feeds from multiple machines and prefer to keep my progress in sync to avoid re-reading the same article. The easiest way to do this is with a web based service. I started my evaluation by discarding those options that required a desktop client or were only available as a mobile app. I further trimmed the options by eliminating online services that only offer "tiled" views that UI designers seem so fond of today (think Windows 8, ex: Pulse, Taptu). In the end, this left me with three option. I tested each of these services in tandem:

The Old Reader

Visually "The Old Reader" is probably the most like Google Reader however it took the longest to get up and running. To be fair, all of the options I evaluated were slow to begin with and periodicity displayed error messages while they struggled to handle the massive influx of new users.

When I first attempted to log into "The Old Reader" and import my feeds directly from Google Reader I was met with a message that the site had reach import capacity. It was however, still possible to add RSS feeds manually by clicking the "Add a Subscription" button. I tried to import my feeds several times throughout the day but continued to receive the same error message. I attempted again the following morning and found that the direct import option had been removed. In its place is now an option to upload an OPML file that was easily exported from Google Reader. The upload was successful and I was presented with the following message:
Thank you for uploading your OPML file. We will soon start importing your subscriptions, which might take up to several hours depending on the amount of feeds you have. 
There are 17657 users in the import queue ahead of you.
"Several hours" turned out to be 147 (6 days, 3 hours). While waiting for the import to complete, I added several feeds manually so I could get a feel for the interface. The site is intuitive and responsive just as we are accustomed in Google Reader. Where "The Old Reader" takes it one step further is with the "Friends" feature. If you log in with Google and/or Facebook you can see all of the people you are connected to that use "The Old Reader". In my case this is only one person. Once you have added friends, a new section will appear in the left column (just above subscriptions) called "Following". Any articles shared by these people will appear in this feed.

Recommendation: "The Old Reader" is best for people who want a simple, no frills RSS reader that looks and behaves like Google Reader.


The most versatile of the readers I evaluated is "NewsBlur". Like the other options, this site struggled to handle the load of so many new users. To their credit, all three services were proactive in easing the growing pains and communicating to their new and existing customers. NewsBlur in particular can be commended for their comprehensive updates and transparency. You can read about their future plans here: Three Months to Scale NewsBlur.

Unlike the other two options, NewsBlur requires you to create a site specific account (as opposed to authenticating with Google) however you still have the option to import your feeds directly from Google Reader. The layout of this RSS reader is closer to a mail client than many of the other products I've tested and offers different page layouts. Stories can be displayed at the top, left or bottom of the window and the articles themselves have different format options available as well. You can view the article as it appeared on the original home page ("original"), as it appears in the RSS feed ("feed"), in plain text ("text") or on the article specific web page ("story").

There are also three different options for running NewsBlur. You can create a Free Account on newsblur.com that is limited to 12 RSS feeds. Premium Accounts are available for $12 per year and offers: no feed limitations, site updates "10x as often" and his dog Shiloh "does not go hungry". The third option is to host it yourself. NewBlur is open source and is available on github making it an attractive option for DIYers.

If you like to read on the go there are iOS and Android apps available as well.

Recommendation: NewsBlur is best for people who want added features and a high level of customization. It is also the go to option for advocates of open source technology and those willing to run their own server to avoid reliance on services providers.


Feedly is easily the most polished of the three options. It is snappy, easy to use and one of the more attractive clients. Feedly's responsiveness is likely due to the fact that it currently uses Google Reader on the back end. You may be thinking that this is distinct disadvantage but Feedly has anticipated Google Reader's retirement and has been working on a solution called Project Normandy. They state, "When Google Reader shuts down, Feedly will seamlessly transition to the Normandy back end. So if you are a Google Reader user and using Feedly, you are covered: the transition will be seamless."

Feedly's interface is highly customizable. There is a plethora of formatting options allowing the selection of pre-built themes or you can customize individual properties such as font, read/unread color, start page view, etc. To make the transition easier for those leaving Google Reader, the Feedly blog has posted Tips for Google Reader users migrating to Feedly.

In addition to the Google Reader-esque view (called "Title Only View") there is the increasingly popular tiled view (here called "Cards View"), a "Full Article" view similar to Google Reader's "Expanded View" and a unique "Magazine View". This last option lists the articles along with the first couple sentences and a thumbnail image from the page. The magazine view also takes the top three articles and places them at the top of the feed. Article popularity is determined by Facebook and Google+ likes and is indicated on all articles by a small, unobtrusive, green number.

Another seemingly minor yet significant feature is that only feeds with unread articles are displayed. I follow over a hundred feeds, many of which only post once a month. I appreciate that these are hidden so I do not have to scroll past them to get to new articles. Should I want to reference an old blog post I can visit the "History" of articles read or I can click "More Sources" to unhide the other feeds.

Feedly is slightly unusual in that it requires a browser plug-in to work. This is in part to reduce the number of remote calls to Google Reader. If you are not a fan of plug-ins, the Feedly page on uservoice.com indicates that a plug-in free option is currently being looked into. (UPDATE: A plug-in free version of Feedly was released on 6/19/2013)

The plug-in also provides a tool called "Feedly Mini" which puts a small watermark in the lower right corner of the screen. Clicking it provides options to share the page, save it in Feedly to read later or subscribe to the RSS feed. This last option can be particularly useful for sites with difficult to find RSS feeds. The watermark is small an unobtrusive however it can be disabled entirely or just for specific sites. There is also the option to specify the spacing from the bottom of the screen (default: 10 pixels). Lastly the button can be customized to include as many or as few sharing options as you prefer (options: gmail, twitter, facebook, evernote, linkedin, delicious, tumblr, pinboard)

The Feedly plug-in is available for Chrome, Firefox and Safari and apps are available for Android, iOS and even the Kindle Fire.

Recommendation: Feedly proves a rich experience with a wide range of features and granular customization. It will appeal to both technical and non-technical users; those who like to tweak their interface as well as to those who appreciate an attractive and easy to use web app.

Agree? Disagree? Please leave your comments below.