Category: Uncategorized

Last month I got burned. I set a limit order on NVDA at $118, went to make coffee, and came back to find it had dipped to $117.40 and bounced back to $122 in under three minutes. My broker’s mobile notification arrived 47 seconds late. That’s when I decided to build my own alert system.

Why Most Free Alert Tools Are Garbage

I tried Yahoo Finance alerts, TradingView free tier, and Robinhood notifications. They all have the same problem: polling intervals. Yahoo checks every 15 minutes. TradingView free gives you delayed data. Robinhood’s push notifications route through Apple/Google’s notification servers, adding 10-40 seconds of latency.

What I wanted: sub-second price alerts delivered directly to my phone via Telegram. No middlemen, no delays, no monthly fees.

The Stack: Finnhub WebSocket + Node.js + Telegram Bot

Finnhub offers a free WebSocket API that streams real-time US stock trades. Free tier gives you 30 symbols simultaneously — more than enough for an active watchlist. The connection stays open, so you get trade data the moment it hits the exchange.

Here’s the core of the alert engine:

const WebSocket = require('ws');
const socket = new WebSocket('wss://ws.finnhub.io?token=YOUR_FREE_KEY');

const alerts = {
  NVDA: { below: 118, above: 135 },
  AAPL: { below: 185, above: 200 },
  TSLA: { below: 160, above: 190 }
};

// Cooldown map — don't spam yourself
const lastFired = {};
const COOLDOWN_MS = 300000; // 5 minutes between repeat alerts

socket.on('open', () => {
  Object.keys(alerts).forEach(sym => {
    socket.send(JSON.stringify({ type: 'subscribe', symbol: sym }));
  });
});

socket.on('message', (data) => {
  const msg = JSON.parse(data);
  if (msg.type !== 'trade') return;

  for (const trade of msg.data) {
    const { s: symbol, p: price, t: timestamp } = trade;
    const rule = alerts[symbol];
    if (!rule) continue;

    const key = symbol + (price < rule.below ? '_low' : '_high');
    if (lastFired[key] && Date.now() - lastFired[key] < COOLDOWN_MS) continue;

    if (price <= rule.below || price >= rule.above) {
      sendTelegramAlert(symbol, price, timestamp);
      lastFired[key] = Date.now();
    }
  }
});

Latency Numbers: How Fast Is This Really?

I ran this for two weeks and measured end-to-end latency — from Finnhub WebSocket message received to Telegram notification on my phone:

• Finnhub WebSocket delivery: 50-200ms from exchange (they aggregate trades into small batches)
• Alert logic processing: <1ms
• Telegram Bot API send: 100-400ms
• Telegram push to phone: 200-800ms

Total: 350ms to 1.4 seconds. Compare that to Robinhood’s 10-47 second delay. I’m getting alerts before my broker even knows the price moved.

The Telegram Delivery Piece

const BOT_TOKEN = process.env.TELEGRAM_BOT_TOKEN;
const CHAT_ID = process.env.TELEGRAM_CHAT_ID;

async function sendTelegramAlert(symbol, price, timestamp) {
  const direction = price <= alerts[symbol].below ? '🔻 BELOW' : '🔺 ABOVE';
  const text = `${direction} target\n${symbol}: $${price.toFixed(2)}\nTime: ${new Date(timestamp).toLocaleTimeString()}`;

  await fetch(`https://api.telegram.org/bot${BOT_TOKEN}/sendMessage`, {
    method: 'POST',
    headers: { 'Content-Type': 'application/json' },
    body: JSON.stringify({ chat_id: CHAT_ID, text, parse_mode: 'HTML' })
  });
}

I run this on a $4/month VPS. It uses about 12MB of RAM and essentially zero CPU when idle. The WebSocket connection stays alive with Finnhub’s built-in ping/pong frames.

Gotchas I Hit Along the Way

WebSocket disconnects. Finnhub drops connections after 24 hours of inactivity on free tier. I added a reconnection handler with exponential backoff — starts at 1 second, maxes at 30 seconds. Haven’t missed an alert since.

Trade volume spikes. During market open (9:30-9:35 AM ET), you’ll get thousands of messages per second for popular tickers. My first version tried to check every single trade and fell behind. The fix: only check the last trade in each batch, since you only care about the current price, not every fill.

Extended hours data. Finnhub free tier includes pre-market and after-hours trades. I initially got woken up at 4 AM by a pre-market alert. Added a time filter — alerts only fire 9:30 AM to 4:00 PM ET unless I explicitly mark a symbol as “watch extended.”

Running It on a Raspberry Pi

If you don’t want to pay for a VPS, this runs perfectly fine on a Raspberry Pi 4. I tested it on a Pi Zero 2 W and it used 18MB RAM. Set it up as a systemd service and forget about it. The only requirement is a stable internet connection — if your home internet drops, you’ll miss alerts until it reconnects.

For reliability, I run mine on a Raspberry Pi 5 (affiliate link) with a UPS hat. Total hardware cost: about $80, then it runs forever with zero monthly fees.

Extending It: Multi-Condition Alerts

The basic version watches for price levels. But since you have real-time trade data, you can build more interesting triggers:

// Volume spike detection — alert when 5x normal volume hits in 1 minute
const volumeWindow = {}; // { symbol: [{ ts, vol }] }

function checkVolumeSpike(symbol, volume, timestamp) {
  if (!volumeWindow[symbol]) volumeWindow[symbol] = [];
  volumeWindow[symbol].push({ ts: timestamp, vol: volume });

  // Keep only last 60 seconds
  const cutoff = timestamp - 60000;
  volumeWindow[symbol] = volumeWindow[symbol].filter(t => t.ts > cutoff);

  const totalVol = volumeWindow[symbol].reduce((s, t) => s + t.vol, 0);
  // Compare against historical 1-min average (pre-calculated)
  if (totalVol > historicalAvg[symbol] * 5) {
    sendTelegramAlert(symbol, price, timestamp, '📊 VOLUME SPIKE 5x');
  }
}

I’ve caught three earnings pre-announcements this way — unusual volume 10-15 minutes before news hits the wire.

Why Not Just Pay for a Service?

Fair question. TradingView Pro at $15/month gives you real-time alerts. But it caps you at 20 active alerts, and the notification delivery is still through their servers. My system has no alert limit (just the 30 symbol cap on Finnhub free), and I control the entire delivery pipeline.

Plus, once you have the WebSocket connection, you can build anything on top: a dedicated dashboard on a small monitor (affiliate link), automated trading via Alpaca’s API, or even voice alerts through a smart speaker.

The full source code is about 150 lines. I keep it in a single file with a JSON config for my watchlist. No frameworks, no dependencies beyond the ws package.

Getting Started

Sign up for a free Finnhub API key at finnhub.io — takes 30 seconds. Create a Telegram bot via @BotFather. Clone the script, set your environment variables, run node alerts.js. You’ll have real-time stock alerts in under 10 minutes.

If you want pre-built market intelligence without setting up infrastructure, join Alpha Signal on Telegram — I publish free daily market analysis including the signals this system helps me spot.

Related reads:

• Build a Portfolio Rebalancing Bot with Python
• Stop Pasting Sensitive Data Into Online Tools

Looking for a TinyPNG alternative that’s free, private, and doesn’t require uploads? Here are the best options in 2026 — including one that compresses images entirely in your browser.

Why Look Beyond TinyPNG?

TinyPNG is great, but it has limitations:

• Free tier limited to 20 images/month via API (500 via web)
• Files are uploaded to their servers — privacy concern for sensitive images
• No WebP output from the free web tool
• Pro pricing starts at $25/year

If you need more flexibility, better privacy, or different output formats, these alternatives deliver.

1. QuickShrink (Best for Privacy)

Price: Free (5 images/day) | Pro $4.99/mo
Website: quickshrink.orthogonal.info

Key advantage: 100% browser-based. Your images never leave your device. Zero uploads, zero server processing.

• Supports PNG, JPEG, WebP output
• Adjustable quality slider
• Instant results — no waiting for server response
• No account required

Best for: Designers and developers who handle client assets or sensitive images and don’t want them on third-party servers.

👉 Try QuickShrink Free

2. Squoosh (Google)

Price: Free
Website: squoosh.app

Google’s open-source image compressor. Also browser-based with side-by-side preview. Excellent for single images but no batch processing.

• Advanced codec options (MozJPEG, AVIF, WebP)
• Real-time quality comparison
• No batch mode — one image at a time

Best for: Developers who want fine-grained control over codec settings.

3. ShortPixel

Price: Free (100 images/month) | From $3.99/mo
Website: shortpixel.com

Server-based compression with WordPress plugin. Good for bulk optimization of existing sites.

• WordPress integration
• Lossy, glossy, and lossless modes
• CDN delivery option
• Files uploaded to their servers

Best for: WordPress site owners who want set-and-forget optimization.

4. Compressor.io

Price: Free (limited) | Pro $50/year
Website: compressor.io

Clean interface with good compression ratios. Supports SVG compression which most tools don’t.

• Supports JPEG, PNG, GIF, SVG, WebP
• Up to 10MB file size
• Server-side processing

Best for: Designers working with multiple formats including SVG.

5. ImageOptim (Mac Only)

Price: Free (desktop app) | API from $12/mo
Website: imageoptim.com

Desktop app that strips metadata and optimizes locally. Mac-only for the free version.

• Fully offline processing
• Strips EXIF data automatically
• Drag-and-drop batch processing
• Mac only (no Windows/Linux)

Best for: Mac users who prefer desktop workflow.

Comparison Table

The Verdict

If privacy matters (and it should — especially with client work), QuickShrink is the best TinyPNG alternative. Your images stay on your device, compression happens in-browser, and it’s fast.

For power users who need unlimited batch processing and API access, QuickShrink Pro at $4.99/mo undercuts every competitor while keeping your files private.

👉 Try QuickShrink Free | See Pro Pricing

QuickShrink Pro — Unlimited Image Compression

Compress images instantly in your browser. No uploads. 100% private.

Try QuickShrink Free

Free vs Pro

Get QuickShrink Pro — $4.99/month

Why QuickShrink?

🔒 100% Private — Unlike TinyPNG, images never leave your browser.

⚡ Instant — No server processing. Modern browser APIs.

💰 10x Cheaper — TinyPNG Pro $39/yr, Kraken $5/mo. QuickShrink $4.99/mo unlimited.

FAQ

Is it free? Yes! 5 compressions/day. Pro removes limits.

Do you store images? No. Browser-only processing.

Cancel anytime? Yes. One click.

Start QuickShrink Pro →

Learn More

• How to Compress Images Without Uploading to a Server
• How to Compress Images Online for Free
• How to Convert Images to WebP Online
• Best TinyPNG Alternatives in 2026

Last month I pulled a random Node.js base image for a side project and ran Trivy against it out of curiosity. 47 CVEs. Twelve of them critical. The image had been on Docker Hub for two years with 10M+ pulls. Nobody checks these things.

If you’re running containers — homelab, production, doesn’t matter — you need a vulnerability scanner. I’ve tried Snyk, Grype, Docker Scout, and Trivy. Trivy wins for my workflow because it’s a single binary, no account required, and scans in seconds.

What Trivy Actually Does

Trivy is an open-source security scanner from Aqua Security. It checks container images, filesystems, git repos, and Kubernetes clusters against the NVD (National Vulnerability Database) and vendor-specific advisory feeds. It downloads its vulnerability DB on first run (~30MB) and updates it automatically.

The key thing: it checks every layer of your image. That old libssl in your base image from 2023? Trivy finds it. That npm package with a known prototype pollution bug? Found. Java Log4j still lurking somewhere? Found.

Install and First Scan

On any Linux box (or macOS with Homebrew):

# Linux
curl -sfL https://raw.githubusercontent.com/aquasecurity/trivy/main/contrib/install.sh | sh -s -- -b /usr/local/bin v0.50.0

# macOS
brew install trivy

# Verify
trivy --version

Your first scan takes about 30 seconds (DB download), subsequent scans take 3-8 seconds depending on image size:

# Scan any image
trivy image node:18-alpine

# Scan with only HIGH and CRITICAL
trivy image --severity HIGH,CRITICAL nginx:latest

# Scan a local Dockerfile build
docker build -t myapp:latest .
trivy image myapp:latest

Reading the Output

Here’s what a real scan looks like against node:18-bullseye (I ran this today):

node:18-bullseye (debian 11.9)
Total: 312 (UNKNOWN: 2, LOW: 186, MEDIUM: 87, HIGH: 31, CRITICAL: 6)

┌──────────────────┬────────────────┬──────────┬────────────────────┐
│ Library          │ Vulnerability  │ Severity │ Fixed Version      │
├──────────────────┼────────────────┼──────────┼────────────────────┤
│ libssl1.1        │ CVE-2024-0727  │ HIGH     │ 1.1.1w-0+deb11u2   │
│ zlib1g           │ CVE-2023-45853 │ CRITICAL │ 1:1.2.11.dfsg-2+d2 │
│ curl             │ CVE-2024-2398  │ HIGH     │ 7.74.0-1.3+deb11u  │
└──────────────────┴────────────────┴──────────┴────────────────────┘

The “Fixed Version” column tells you if there’s a patch available. If it says “No fix,” you either accept the risk or switch base images.

My Actual Workflow

I run Trivy in three places:

1. CI pipeline — fail the build if any CRITICAL CVEs exist with a fix available
2. Weekly cron on my homelab — scan all running containers, alert if new CVEs appeared
3. Before pulling new images — quick sanity check

Here’s the cron script I use on my TrueNAS box:

#!/bin/bash
# scan-all-containers.sh
RESULTS=""
for img in $(docker ps --format '{{.Image}}' | sort -u); do
  OUTPUT=$(trivy image --severity HIGH,CRITICAL --quiet "$img" 2>/dev/null)
  if [ -n "$OUTPUT" ]; then
    RESULTS+="\n=== $img ===\n$OUTPUT\n"
  fi
done

if [ -n "$RESULTS" ]; then
  curl -d "Container vulnerabilities found: $RESULTS" ntfy.sh/my-alerts
fi

Alpine vs Debian vs Distroless: The Numbers

I scanned the same Node.js app with three base images. Results from May 2026:

The pattern is clear: smaller image = fewer packages = fewer vulnerabilities. I switched everything I could to Alpine two years ago, and my scan noise dropped by 95%. Distroless is even better if you don’t need a shell for debugging.

CI Integration (GitHub Actions)

- name: Run Trivy vulnerability scanner
  uses: aquasecurity/trivy-action@master
  with:
    image-ref: 'myapp:${{ github.sha }}'
    format: 'sarif'
    output: 'trivy-results.sarif'
    severity: 'CRITICAL,HIGH'
    exit-code: '1'

The exit-code: 1 means your build fails if vulnerabilities are found. The SARIF output integrates with GitHub’s Security tab so you can track issues over time.

Things That Surprised Me

A few gotchas after running Trivy for 18 months:

• Official images aren’t safe. The “official” Python, Node, and Ruby images on Docker Hub often ship with dozens of known CVEs. The maintainers can’t rebuild fast enough.
• Alpine’s musl libc is a trade-off. Fewer CVEs but occasional compatibility issues with native Node modules. Test your app.
• False positives exist. Some CVEs in libraries aren’t exploitable in your context. Use .trivyignore to suppress known-safe findings.
• The DB update matters. If your CI caches the Trivy DB too aggressively, you’ll miss new CVEs. I refresh weekly minimum.

Alternatives I’ve Tried

Grype (by Anchore) — similar speed, slightly different DB sources. Good second opinion but I prefer Trivy’s broader scanning scope (it does IaC too).

Docker Scout — built into Docker Desktop now. Convenient but requires a Docker account and only works with Docker images (no filesystem scanning).

Snyk Container — excellent fix suggestions but free tier is limited to 200 scans/month. For a homelab with 30+ containers, that burns fast.

Getting Started Today

Install Trivy, scan your most critical container, and see what falls out. I guarantee you’ll find something you didn’t know about. If you’re running a homelab, the weekly cron approach catches drift before it becomes a problem.

For monitoring your homelab network alongside container security, a good network switch with VLAN support helps isolate container traffic. I use a TP-Link managed switch (affiliate link) to segment my container host from IoT devices — one compromised container shouldn’t reach my cameras.

If you’re running regex-based security checks in your code, check out our regex security patterns post — handy for validating input sanitization patterns. And if you’re handling untrusted documents in your pipeline, Dangerzone is worth a look.

Join Alpha Signal for free market intelligence — we track tech infrastructure trends alongside trading signals.

WebP is the modern image format that delivers 25-35% smaller files than JPEG and PNG with no visible quality loss. Google created it, Chrome and Safari support it, and if you’re building for the web in 2026, you should be using it.

But how do you convert your existing images to WebP without installing software or uploading files to random servers? Here’s your complete guide.

Why Switch to WebP?

WebP isn’t just another format — it’s a genuine improvement over JPEG and PNG for web use:

• 25-35% smaller than equivalent-quality JPEG files
• 26% smaller than PNG with lossless compression
• Supports transparency (like PNG, unlike JPEG)
• Supports animation (like GIF, but much smaller)
• 97%+ browser support as of 2026 (including Safari since v16)

For website owners, switching to WebP means faster page loads, better Core Web Vitals, and improved SEO rankings — all without visible quality loss.

Best Free Tools to Convert Images to WebP

1. QuickShrink (Best Privacy-First Option)

QuickShrink converts JPEG and PNG images to WebP entirely in your browser. Your files never leave your device — zero server uploads, zero privacy risk.

How to convert with QuickShrink:

1. Go to quickshrink.orthogonal.info
2. Drop your image (JPEG or PNG)
3. Under Output Format, select WebP
4. Adjust quality (80% is the sweet spot for web)
5. Download your converted WebP file

Why it’s great: No account needed, no upload limits, completely free. The browser-based processing means your images stay private — especially important for client work or sensitive photos.

2. Squoosh (by Google)

Google’s own Squoosh offers advanced WebP conversion with granular codec controls. Great for developers who want to fine-tune compression parameters.

Pros: Side-by-side preview, AVIF support, open source.
Cons: One image at a time, complex interface, no presets for beginners.

3. CloudConvert

CloudConvert handles batch WebP conversion with support for 200+ formats. The free tier gives you 25 conversions per day.

Pros: Batch processing, API available, many format options.
Cons: Files are uploaded to their servers, limited free tier.

4. Command Line (cwebp)

For developers and power users, Google’s cwebp command-line tool offers the most control:

# Install on macOS
brew install webp

# Convert single image
cwebp -q 80 input.jpg -o output.webp

Pros: Maximum control, scriptable, no upload.
Cons: Requires installation, not beginner-friendly.

WebP Quality Settings Guide

The right quality setting depends on your use case:

• Quality 90-95: Photography portfolios, e-commerce product images. Nearly lossless, ~20% smaller than JPEG.
• Quality 75-85: Blog images, social media, general web. The sweet spot — 30-40% smaller with no visible difference.
• Quality 60-70: Thumbnails, background images, email. Noticeable quality loss up close, but fine at small sizes.
• Lossless: Screenshots, diagrams, text-heavy images. Use when pixel-perfect accuracy matters.

Should You Replace All Your JPEGs with WebP?

Not necessarily. Here’s the practical approach:

• New images: Yes, save as WebP by default
• Existing images: Convert your largest/most-viewed images first for maximum impact
• WordPress users: Plugins like ShortPixel or Imagify can auto-convert on upload

Common WebP Conversion Mistakes

1. Converting already-compressed JPEGs: Re-encoding a 60% quality JPEG to WebP won’t magically restore quality. Start from the highest quality source you have.
2. Using lossless for photos: Lossless WebP is great for graphics but offers minimal savings for photographs. Use lossy at 80%+.
3. Forgetting to resize first: Converting a 5000px image to WebP still gives you a huge file. Resize to your display size first, then convert.
4. Not testing across browsers: While support is 97%+, always include a fallback for older browsers.

Try It Now

The fastest way to convert an image to WebP right now: open QuickShrink, drop your image, select WebP, and download. Takes about 5 seconds, no signup needed, and your files stay on your device.

Related Tools

• Compress Images Online for Free — reduce file size without quality loss
• QuickShrink Pro — unlimited private image compression
• Why I Stopped Uploading Files to Free Online Tools — privacy matters

Related reads:

• Compress Images Without Uploading
• Reduce Image File Size Without Losing Quality

Need to compress images for your website, email, or social media? Large image files slow down page loads, eat up storage, and frustrate users. The good news: you can dramatically reduce file sizes without visible quality loss — and you don’t need to install anything.

In this guide, we’ll cover the best free tools to compress images online in 2026, how image compression actually works, and which tool is best for different use cases.

Why Compress Images?

Images typically account for 50-80% of a webpage’s total size. Compressing them delivers immediate benefits:

• Faster page loads — Google’s Core Web Vitals penalize slow sites. A 1-second delay reduces conversions by 7%.
• Better SEO rankings — Page speed is a direct ranking factor.
• Lower bandwidth costs — Especially important for high-traffic sites.
• Smaller email attachments — Most email providers cap attachments at 25MB.

How Image Compression Works

There are two types of compression:

Lossy compression removes data your eyes can’t easily detect. A JPEG at 80% quality looks nearly identical to 100% but can be 60-80% smaller. This is what most online tools use.

Lossless compression reduces file size without removing any data. The reduction is smaller (10-30%) but the image is pixel-perfect identical. Best for PNGs with text or graphics.

Best Free Image Compression Tools in 2026

1. QuickShrink (Best for Privacy & Speed)

QuickShrink compresses images entirely in your browser — your files never leave your device. This makes it the most privacy-friendly option available.

Key features:

• 100% browser-based — no upload, no server processing
• Smart presets for Web, Social Media, Email, and Print
• Format conversion (JPEG, PNG, WebP)
• Adjustable quality slider with real-time preview
• Resize images while compressing
• Completely free, no account needed

Best for: Anyone who cares about privacy, quick one-off compressions, and web developers who need WebP conversion.

2. TinyPNG

TinyPNG is the most well-known image compressor. It uses smart lossy compression for PNG and JPEG files. The free tier allows 20 images per session (up to 5MB each).

Pros: Excellent compression ratios, API available (500 free/month), WordPress plugin.
Cons: Files are uploaded to their servers, limited free tier, no WebP support in free version.

3. Squoosh (by Google)

Squoosh is Google’s open-source image compression tool. It processes images in-browser and offers granular control over compression algorithms (MozJPEG, OxiPNG, WebP, AVIF).

Pros: Advanced codec options, AVIF support, open source, free.
Cons: Single image at a time, intimidating interface for beginners, no presets.

4. iLoveIMG

Part of a larger suite of image tools, iLoveIMG offers batch compression alongside cropping, resizing, and format conversion.

Pros: Batch processing, multiple tools in one place.
Cons: Aggressive upselling, images uploaded to servers, limited free usage.

Comparison: Which Tool Should You Use?

Here’s how these tools stack up:

For privacy: QuickShrink or Squoosh (both process in-browser)
For beginners: QuickShrink (smart presets make it simple)
For developers: TinyPNG (API integration) or Squoosh (codec control)
For bulk processing: iLoveIMG or TinyPNG
For WebP conversion: QuickShrink or Squoosh

Tips for Maximum Compression

1. Choose the right format: Use WebP for web (30% smaller than JPEG), JPEG for photos, PNG only for graphics with transparency.
2. Resize before compressing: A 4000px wide image displayed at 800px is wasting 96% of its pixels. Resize first.
3. Use 80% quality for JPEG: The sweet spot. Below 70% you’ll notice artifacts. Above 85% the file size jumps with minimal visual improvement.
4. Strip metadata: EXIF data (camera info, GPS coordinates) can add 50-100KB per image. Most compression tools remove this automatically.
5. Serve responsive images: Use srcset to deliver appropriately sized images for each device.

How Much Can You Save?

Typical compression results with lossy compression at 80% quality:

• Smartphone photo (4MB JPEG): Compresses to ~800KB (80% reduction)
• Screenshot (2MB PNG): Compresses to ~400KB as WebP (80% reduction)
• Blog header image (1MB): Compresses to ~200KB (80% reduction)

For a typical blog with 20 images, that’s saving 15-30MB per page — the difference between a 2-second and 8-second load time.

Start Compressing Now

The fastest way to compress your images right now is QuickShrink — just drag and drop your image, pick a preset, and download the compressed version. No signup, no upload, no waiting. Your images stay on your device the entire time.

👉 Try QuickShrink Free →

Related Tools

• Convert Images to WebP Online — modern format for faster loading
• QuickShrink Pro — unlimited private compression
• Why I Stopped Uploading Files to Free Online Tools

Related reads:

• Best TinyPNG Alternatives 2026
• Strip EXIF Data Before Sharing