Tuesday, September 29, 2015

Increase Security by Removing Old WiFi Networks

With your computing device (that's the generic term for anything with a processor, memory, operating system, and software - including phones (smart or dumb), tablets, computers, set top boxes, gaming consoles - heck anything nowadays, even your toaster!), chances are if you move it around, you are joining various WiFi networks.  What happens when you join a WiFi network?  The "computer" stores the configuration for connecting to that WiFi in the future, and automatically reconnects when something with the same name is available.  For example, let's say I buy a Linksys WiFi router for my home, and I leave the default name or SSID "linksys."  I join my laptop.  Now, let's say I drive out somewhere, park my car, and fire up my laptop to work on a Word document.  If someone nearby also owns a Linksys router (any model) and left it on the default name, my computer will connect without asking me (thinking it is a recognized network).

Why is this bad?  Let's say a hacker knows this, and sets up a network called that, or called "AT&T WiFi" or "Starbucks" or any myriad of commonly-used SSID names.  Many devices will connect to it automatically, and voila, he can watch the traffic going across his network, and possibly even hack into that device (computer, phone, etc.).

Are you worried yet?  You should be.  There are things you can do, however, to help limit the chances of this happening.

  1. Pay close attention when you are joining a new network.  Some devices show a different icon if the network is a normal WiFi router, versus a mobile hotspot (in other words, using someone's cell phone to set up a WiFi hotspot would show as a different icon).  If this is the case, and you didn't intend it to be a personal hotspot, then don't join it.
  2. Verify with the store or hotel you are at, what their WiFi name is.  Maybe there are several listed that are spelled similarly.
  3. Frequently review the list of saved WiFi connections you used in the past, and delete any one you think you will never use again.  Below are instructions for how to do this in various devices.

Windows

In Windows 7, 8, or 10, go to Control Panel, Network and Sharing Center, and click Manage wireless networks (one way to get there is to click on the network icon in the tray, and pick "Network and Sharing Center" from the pop-up menu):

Then, select the network from the list, and pick the Remove button:


Android

For Android devices, go to the Settings app, go to WiFi, and simply tap the network in the list, you will have a Forget button to remove it from your list:

Apple Mobile (iOS)

For iOS devices, go to Settings, WiFi, and tap the little Info "i" button next to the network name.  There will be a "Forget this Network" option

Apple Macintosh (OS X)

For a Mac, go to Network Preferences (you can get there easily from the WiFi logo on the system menu).  Make sure to unlock the preferences for changes, and then click Advanced:
Finally, locate the network or networks you want to delete (hold down Command to select multiple), and pick Remove.  Confirm with the dialog to remove them, and click OK.

Finally, don't forget to click Apply to save your changes.

Note that you will have a similar thing for Apple TV, Roku, or any various TV devices, although you may not travel with them, and therefore probably don't join networks.  But if you do, think about it.

Friday, September 18, 2015

Credit Card and Identity Theft - Are You Doing What You Should To Be Safe?


In a recent Credit.com blog article, a Canadian analyst firm released a study that showed hackers are more and more looking to hack into online accounts, and not as much for credit cards.  This is because online accounts are more persistent - that is, your credit card may change, but the updated card (as a new one is issued) will be registered to an account.  (Yet another reason to use a service like Apple Pay or Samsung Pay that does not give your card to the merchant.)

And, in an earlier news article, NPR indicated that you are probably doing your online security all wrong - that IT and security experts place top priority on using a password manager to manage very long, randomly-generated passwords.

So, how do you manage your passwords?  Do you have a handful that you can remember, that you use everywhere?  If so, as the ZDNet Ashley Madison password analysis shows, you are doing it wrong!  Chances are, your password is very easily guessable, even if they don't have access to an unencrypted copy of it.

Why should you care?

  1. America is the single biggest target in the world of cyber attacks.  Why?  We have the money, we are the most known country, and there is a lot of ill will against us for many political or economic reasons.
  2. Each year, about 100 million American identities are hacked and stolen - from online purchase sites, from big stores (you swipe your card at the register, it gets stored in the database, and the database is hacked), and even from the Federal and State governments.  (Do you trust anyone to manage their systems for your security?)  To make matters worse, it may be months or years before a hacked institution even discovers the breach.
  3. As the cost of stolen identities and fraud mount, the brunt of those costs are initially borne by the companies or governments that are hacked - but those costs get baked into the cost of the goods and services, and we end up paying more for them.  Credit cards already have a percentage of fraud built into them - that is going up, and we pay in terms of fees and interest rates.
  4. If your own identity is stolen, the thieves can do a large variety of things.  They can open up accounts as you (cases have emerged where people suddenly got bills for houses they never bought, phone lines they never ordered, and credit cards they never opened).  They can use your card without even physically stealing it - they can create a duplicate.  Your credit history can be ruined, and indeed you may have to spend countless hours, months, or even years fighting in court to fight charges and clear your credit.
If you don't care about these 4 points, then stop reading now.  If you do, then what can you do about it?  Use a password manager.  DO NOT use a spreadsheet or some document, either electronic or written, to store your passwords.  Use an encrypted manager software, like MasterLock's vault, 1Password, or LastPass.  Personally, I prefer the last 2, because they have apps that integrate with Windows, Mac, iOS, and Android - so when you are in an app, you can use the password vault to enter your password.  A few other tips:
  1. Constantly keep up to date on any OS updates.  This is true for your computer, as well as all your devices.
  2. Use AVG Privacy Fix app on your mobile devices to review and tighten your privacy and security settings throughout your social networking apps.  Stop giving games any access to your Facebook or other profile - this is just asking for trouble.
  3. Switch to the password managers (e.g. LastPass or OnePassword), and generate new, random 16-digit or longer passwords for all your accounts.  LastPass has a security challenge analyzer, that analyzes all the stored passwords, and lets you know which ones are used for more than one site (a big no-no), and gives you an overall score you can use to increase your security.
  4. Be very very aware (and wary) of joining WiFi networks
    • Many hackers set up fake WiFi networks that look like real ones.
    • Hackers can also join public WiFi networks, and "sniff" the traffic going across it, to steal wide-open passwords (passwords transmitted as plain text, instead of being encrypted), or even financial data.
    • Typically, many devices show a different icon for a mobile hot spot vs. a permanent WiFi router.  Pay attention to small details like icons.
    • Set your devices to not ask to join available networks.  You should only join if and when you need to, and only the networks that you choose at the time.
    • Review your device and computer joined networks, and delete the ones you think you should never use again.  I will provide a future post showing how to do this.  Meanwhile, e-mail me if you have questions, or post in the comments below.
    • In Windows, you can use the security profiles Home, Work, or Public, to set some sharing options that may help keep you safer.
  5. If you care about your security, make sure to use a secure platform.
    • Apple computers and mobile devices, un-jailbroken, are agreed upon by security experts to be the most secure platforms.  As many recent exposures have shown, Android is the least secure, and Windows has long been known as the biggest target (and therefore least secure) laptop/desktop platform.  The unified operating system across desktop/laptop/tablet/phone for Windows and others, means you increase your exposure to a virus, malware, or exploit because one that targets one device type, makes all vulnerable.  Apple notoriously produces a separate Operating System for each type of device: computer, mobile, automotive, watch, and set-top-box.
    • Apple has the most comprehensive offering across devices, that safely and securely integrates your data and operations across their ecosphere (and many other compatible devices, such as HomeKit-compatible home automation appliances).
    • I cannot recommend any other platform for mobile devices, as I have not yet seen any that measure up.  Unless you want to get Blackberry, but I wouldn't recommend that nowadays.
    • Linux provides an excellent platform for desktop/laptop/server computing, although you may find a lack of support for many end-user software packages, and mobile devices.  For general computing, if you are looking at a Chromebook, then I'd say where do you put your trust - in an Advertising company whose primary income is generated from targeted ads (who develops ChromeOS for free)?  Or in open-source Operating Systems from a reputable company who makes their money from services and premium offerings (ala Canonical)?  Personally, if I were not inclined to get Apple, I would put Linux on a home or business machine.



Stack Exchange - the EveryGeek's Resource

If you are in a technical career, chances are you have come across one of StackExchange's hundreds (if not more) communities.  Built on a web application engine that is solidly useful and self-managing, it provides a framework for people to leverage each other and answer each other's questions.  About what?  About anything.

First, let's take a look at what it is they do that is so special.  Basically, it is a way for people to ask questions, and have the community answer them.  There is nothing new about this, in fact it has been going on (electronically) since the 1980's with Newsgroups on the Internet.  When the World Wide Web hit in the early 1990's, Newsgroups morphed to become fora (forums).  People post a question, and a discussion ensues.

What makes StackExchange so groundbreaking, is:
  • Involvement from the community.  Many people get instantly involved in the discussion, Q&A, to evolve or produce an answer.
  • Credibility - StackExchange has developed a system of self-management, where users gain reputation for their various activities.  If you ask a question that someone else votes up (likes), you get +5 reputation.  If someone else dislikes it (votes down), you get -5 reputation.  Same for your answers - likes and dislikes.  For various other things you do, you also may earn badges.  All add up to a reputation score, and as your reputation builds, you obtain more privileges.
  • Self-Managing - the reputation score arises as a result of your interaction with the community.  As you develop, you gain more privileges - you become able to help moderate.  So as you earn badges for activity (my favorite badge is Necromancer - you answer a question that has been sitting around for more than 6 months), you gain the ability to review and approve other peoples' edits, make your own edits on other peoples' posts, and so on - all self-managed by other users with abilities similar to or above yours.   The community wisdom emerges.
  • Topics - StackExchange is divided up into communities (you can join multiple, and your reputation is separate in each).  Communities are also websites - so StackOverflow deals with computer programming, SuperUser with all things computer (admin and usage), AskDifferent with all kinds of questions on Apple products, Academia for all types of professional academic topics, Android Enthusiasts...you get the point.  There are literally hundreds, maybe thousands, of communities.
  • Immediate Gratification - I have asked many different questions on many different topics, and almost always get an answer the same day.  The communities are very active, and not trolled by people who just love to get angry at some perceived slight and go off on a rant.  It works, and it works very well.  In fact, anyone who does behave like that, I would imagine, would be losing lots of reputation.
Of course, there is an Inbox across all of StackExchange, where you can receive personal messages from others, as well as notifications concerning posts you responded to.  Each post can have a comment thread - so a Question can have comments posted, and can have Answers, each of which can have comments.  One answer can be accepted by the Questioner as THE answer, although usually one answer among multiple will receive most of the up votes, and thus rise to the top as the community's accepted answer.

Try it!  Join any community you are interested in, and see how quickly it will become an invaluable resource.

Wednesday, September 16, 2015

Is Cheap Really Cheap?

Throughout history, there have been premium products from manufacturers who care about only one thing - the best quality they can produce.  And their prices, traditionally, reflect that.  (Everyone says about such a product, "it is the Cadillac of...")  For example, when I was young, I bought a pair of Fila shoes, and thought they were very expensive.  However, they lasted in excellent condition for 10 years, at a cost of about $12 per year, while the "cheap" shoes at $25 per pair lasted about a year, so about twice the cost.

But somehow, in this day and age of instant, global commerce, we have somehow seemed to adopt an idealistic attitude that, manufacturers can sell direct and cut middlemen, and therefore we can get great products for cheap.  That global competition sharpens the product quality, keeps prices low - and lets the consumer win.  However, that seems to have been taken to the extreme, way beyond reality.  I grew up with my parents repeating, "If it's too good to be true - it probably is."

Monoprice is one example, and the one I am highlighting.  I have read several blog posts touting the amazing quality and prices of Monoprice.  I ordered a couple of lightning-adapter USB cords when we started our transition of devices from the old to the new Apple adapters.  And initially, they seemed to be fine - with the exception of one cord that broke immediately, and Monoprice replaced it promptly.  To be fair, I have found exactly the same results with cheap products ordered from Amazon and eBay, but I am picking on Monoprice because a lot of tech-savvy people seem to think it is God's gift to consumers, and I want to dispel that myth.

I have since ordered 6 cords, and without fail, each and every one of them eventually (within the first year) broke, and stopped working.  Monoprice replaced 4 of them, no questions asked - but those again broke.  Now this particular product type, it is quite common I have found, for non-Apple-branded lightning cables to fray and break, even with careful use.  Additionally, I added Sugru to both the fraying, and new, cables - but that prevented neither from failing completely, and quickly.  What broke, was the cord where it entered the collar that encases the lightning connector - the cord wrap frayed and split, and the wires were exposed (bare and fraying), and eventually stopped working altogether.  Sugru failed to prevent or repair the fray, and failed to prevent the failure of operation.

In addition, I ordered 10 LED light bulbs in our project to replace the bulbs in our house with energy efficient ones that would last.  I had 1 DOA, that they replaced promptly, and then all 10 failed in the first year (most within the first 6 months).  LED bulbs, by the way, are supposed to last about 20 years.  I asked for my money back, and they refused, offering to replace the bulbs.  However, replacing them with faulty ones is not acceptable to me (at 100% failure rate within 12 months, I don't trust the product quality).  What's the point if I keep replacing them, and eventually they will stop replacing them for free?

I have bought other things - mobile ear buds, USB car charging adapters, and more.  Without fail, each and every product I bought from them was inexpensive, felt cheap and chintzy, and broke or failed.  To date, after 2 years, I have two remaining USB car chargers that works (out of several) - and that is the only Monoprice product I still use.  These 2 USB car chargers, by the way, are the only remaining Monoprice products that I have still in use, still working.

Now, let's examine the cost.  Did that save me money?
  • USB cords - these were about $8 for a 6-foot cord, as opposed to $29 for the Apple 2m cord.  However, our Apple cords have, without fail, lasted us 3 years - and are still in excellent shape.  And, I added Sugru to them to strengthen the ends and ensure continued durability.  If you have to re-purchase every 6 months (about the length of time they lasted), that's $16 a year, or after 2 years, $32, or $48 for 3 years.  That costs even more than the Apple cord.
  • Earbuds - same thing.  Boy, talk about chintzy - it is quite clear that Apple (expensive though they may seem) are all about quality.  The plastic earpieces don't sound hollow, and deliver excellent sound quality.  Microphones pick up sound with amazing clarity.  But, they have lasted.  I actually still have earbuds from my old iPhone 3G and 4S, that still work.  Monoprice?  After a year, I can't find one of the 6 or so I bought (as replacements for the lost kids' ones).  They all were uncomfortable, or broke, or stopped working - and were promptly thrown in the garbage.  What a waste.
  • Light bulbs - they were about $7 per bulb.  Inexpensive for LED bulbs, but not exorbitantly so.  Feit bulbs on sale at Costco are actually less, with no shipping costs.  And, they have a better temperature tolerance (for outdoor fixtures).  And, the ones I bought 4 years ago, still have not needed replacement, in a house where incandescent and CFL bulbs both get replaced on an annual basis.
In fact, in not a single instance have I found Monoprice products to be of anything even approaching mediocre quality.  So beware - cheap is not cheap (as we have found across the board).  Expensive is not always cheap either - unless the product is of excellent quality and workmanship.  When we moved into our house, we replaced the cheap contractor electric stove with a Dacor dual-fuel stove, that cost quite a bit of money.  We then continued to pour money into it (about $400 per repair after the warranty expired), until after about 11 years, the control panel completely disintegrated.  So in that case, we spent a lot of money on a well-rated product, but the quality was not there.

Is an Apple computer cheap?  As I've said before, the amount of money you put out for an Apple computer is reasonable, and not inexpensive - but the value you get is measurably much higher than that of a non-Apple computer.  Same for their mobile devices.

To be fair to Monoprice, they are making lots of money selling "cheap" goods, and their customer service is excellent.  However, the quality of their products is so bad, that no amount of customer service (e.g. sugar) can cover up the stink of the quality (e.g. shit).  And, I would be wary of any other claim to be cheap - because cheap is not usually cheap, it is usually much more expensive.

Usually, if it's too cheap to be believed - if it's too good to be true - it probably isn't.

Thursday, September 3, 2015

Would You Eat Here?

Y'all know how much I love tech, right?  But even more than I love tech, I love food.  A recent article by NPR is on an automated "restaurant" - which commenter Lencho stated: "That isn't a restaurant. It's a glorified feeding trough."  Dude, I'm with you!  Others point out this is nothing new, as they had automated food vending/dispensing machines back in the 1940's-50's.  However, the concept is slightly different, that "food" (or what they call food) will be served without any Human interaction (or even Humans visible).

Let's take a look at what food is.  First of all, let me be totally clear - much of what we call "food" and is available in a grocery store, is not food.  And, I need to take yet another step back, and take a look at what is a Human being, because food is what sustains us.

A Human being is not, as we are so wont to think of ourselves, a single organism.  We are, instead, a colony of billions of organisms, hundreds (or thousands?) of species living in a symbiotic relationship.  What!?  What's that?  You didn't know?  It's true.  In our mouth alone is over 100 species of bacteria, whose healthy mix begins the digestion process and keeps our mouths disease free.  Think of this - the single point in our bodies that is designed to constantly accept stuff from the outside world in, so of course, it must have the best immune defense designed into it.  And you thought mouthwash was doing you a favor.  Our digestive tract (or gut) contains many more species of bacteria and viruses, all responsible for the final breakdown of food particles, and the beginning of the distribution of nutrients throughout our bodies.  Our skin, as you may have seen, is host to various little microscopic creepy crawlies that keep things - you guessed it - healthy.  Over millenia, Humans have developed fermented foods and diets to repopulate these germs in our gut - beers, wines, pickles, breads, chocolate, and more.

So, food too is a living thing.  Foods that do not decompose, are not foods.  They are simply organic matter that are not fit for Human consumption (yes, that's right, I do not trust FDA designation "GRAS").  Let's look at it this way - if the normal agents of decomposition (bacteria, oxygen, little critters) won't touch the "food," then it is toxic, and you shouldn't either.

Now that we've gotten that out of the way, what does food do for us?  There, we could spend an entire book!  Food sustains us, it keeps us going.  More than that, the nutrients we get are directly responsible for our development (or lack thereof).  If we don't get the right nutrition as infants, we can get sick and die, or develop into very severely negatively-affected adults.  That we know.  Food is the single biggest impact on health, bigger even than smoking, exercise, or environmental exposure.  But that is not all, oh no, that is not all (to quote the Cat in the Hat).  We have come from a long line of families throughout the ages, who have attached religious significance to certain foods.  Up until modern times, Mankind has placed huge reverence on people with the skills to prepare foods, grow foods, cook foods, and handle foods.  Food has given us a sense of being, belonging, family, tradition, religion, and more - a place in the universe.

Now, if we take out everything about food that makes it food - and leave behind a vending machine that gives you prepackaged food-like substance (it doesn't immediately kill you, but will over years and years), where does that leave us?  (Yes, while there may be a person behind that facade, it is still a vending machine, but with Human parts.  How's that make you feel?)  And if we don't care about where the food comes from, who brought it to us, and what standards they have in growing and handling it - then what DO you care about?  You don't care about yourself, obviously - as like I said, food is the single biggest factor in our health.

So, get your cameras out folks - and if you capture a (unretouched) photo of me sitting in one of these types of establishments, eating - I will personally pay you $1 million.  And know that, in that case, it is because the apocalypse has arrived, and I have found this place to scavenge because it is one of the few remaining places to get something to eat to get me through the current day - so the million dollars I have I found in an abandoned ATM.
Now tell me - does this restaurant remind you of any science fiction movies or stories you may have heard?

Wednesday, September 2, 2015

Little-known Usage Tips for iOS 9

With iOS 9 being released publicly next week, the Developers have been testing it all summer.  A lot of new features have been talked about on the blogs, but there are a couple that everyone seems to have missed, and I came upon either by accident, or by reporting it as a bug (and having Apple support say no, it's not a bug, here's how you do it).  So let's share!
  1. Searching Contacts for names not yet in your contact list
    • When you launch your Contacts app, you can search at the top of the screen by any data in the Contact card - name, title, company, e-mail, address, etc.  However, now, searches go through your messages and e-mails as well.
    • When you tap on the contact that you found, you can add it to your Contacts, or merge with an existing Contact.
  2. WiFi Calling - as I posted earlier, Apple has deployed iOS-wide (carrier-independent) WiFi Calling support.  This means, when you have a cell signal that is too weak for a good connection, but have a WiFi connection, the phone (and cellular system) will automatically route the call over WiFi, and back when the cell signal becomes good enough.
    • In my initial testing with AT&T, I did have an issue where incoming calls with this feature turned on, would not allow callers to hear me.  I called AT&T support (611), and they did a refresh of the device on the cellular network, that fixed the issue.
  3. Flight and Tracking recognition - you know how when you get text, say in a Test Message or in an E-mail, how some text gets underlined and you can click on it to see more info?  For example, an address is texted or e-mailed to you, and it shows up as a hyperlink.  Now, iOS recognizes flights and package tracking numbers.  You can simply tap the text to see the package or flight tracking right from the source.
  4. Adding Reminders - to an E-Mail.  When you are reading an e-mail, you can tap the Flag button at the bottom and pick Notify Me... - but this will alert you when there are replies to the thread.  What if you want to come back to the e-mail at a later time, and be reminded to do so?  While reading the e-mail, hold down the home button, and tell Siri "Remind me about this" and give it a location or time, and it will add a reminder that links back to the message.  Now, I asked they add a menu pick, because who wants to talk to Siri while in a meeting?  But perhaps you shouldn't be checking your e-mails while in a meeting... 
  5. Decline incoming call from Lock screen.  Although it is not obvious at all, when you receive an incoming call while your phone is locked, it seems the only thing you can do is answer it.  You may have noticed that tapping a volume button silences the ring.  Apparently, if you double-tap the power button, it will decline the call.  This is good to know, and hopefully Apple makes this more intuitive.

Earlier, I reported that iOS 9 had several important improvements, and these are a few more that make it really useful.