Wed, 28 Sep 2016 00:00:00 +0700
(image) Since water damage is one of the most common problems experienced by so many, getting a phone that can protect itself makes sense.
The technical definition of water resistant is that it’s able to resist the penetration of water to a certain degree but not entirely.
Waterproof technically means that it’s impermeable to water, no matter how much time it spends in water.
Unfortunately, these terms are thrown around as if they were interchangeable by so many.
With Apple throwing it’s ‘water-resistant’ hat in the ring with the iPhone 7, joining others like Samsung, Sony, Motorola and Kyocera, understanding the technical differences is helpful.
What the ‘IP’ Rating Means
Today’s smartphones generally have certifications published when it comes to resisting the elements signified by ratings such as IP67 or IP68.
The IP marking for International Protection or Ingress Protection (depending upon who you ask) is followed by two numbers.
The first number designates its ingress protection against solids, such as dust with numbers ranging from 0 to 6 (the higher the number, the better the protection).
When you see a 6 for the first number, then the smartphone is ‘Dust Tight’ which means it’s completely protected against contact with dust.
Having this rating an be important for hikers, mountain bikers or anyone that wants to use their smartphone in dusty environments.
The second number refers to the ingress protection against liquids, with numbers that can range from 0-9 (again, higher is better).
Can I Swin With My Smartphone?
Apple’s recent iPhone 7 announcement included news that it was water-resistant with a certification of IP67.
This means that it’s completely dust-proof and it can technically be submersed in water of up to 1 meter (@3 feet) for a duration of up to 30 minutes.
Many Samsung and Sony smartphones have an IP68 rating, which technically means that they are completely dust-proof and water-resistant in depths ranging from 1 to 3 meters for a duration as determined by the manufacturer (usually 30 minutes).
These descriptions may make it sound like you can use your smartphone in the pool to take underwater pictures, but none of the manufacturers will recommend it.
The actual laboratory tests are done with smartphones in standby mode, meaning they aren’t being used in any way during the tests.
What it does tell you is that with either an IP67 or IP68 rating, if you get pushed into the pool with your smartphone, the chances of its survival are very high.
I’ve actually owned a Sony Xperia Z3 for years, which was one of the first consumer handsets designed to be water-resistant and the few times that it has been in water, it’s done just fine.
If water gets on the screen while it’s active, it’s not going to respond like it normally would because water conducts electricity just like your finger which is why using it underwater isn’t recommended.
Another thing to keep in mind is if the screen on a water-resistant phone gets cracked, replacing it will likely break the factory seal that protected it, so it will no longer be water-resistant.
Wed, 7 Sep 2016 00:00:00 +0700
(image) With the unveiling of the iPhone 7, the usual chatter about the latest features seems to be dominated by this seemingly odd design decision.
It would appear that Apple will eliminate the traditional 3.5mm analog headphone jack on all of its new devices in favor of the Lightning connector or their new proprietary wireless technology.
They actually aren’t the first smartphone maker to make this decision as Chinese manufacturer LeEco and the Moto Z line from Lenovo (formerly Motorola) have already eliminated the headphone jack.
The iPhone 7 will ship with Lightning earbuds and a special ‘dongle’ that converts the lighting connector at the bottom to a standard headphone jack so you can still use older headphones.
Apple wants to get away from analog technology that was created in the 1960’s and use a more advanced digital audio output.
The Lightning connector at the bottom of the phone is capable of providing more than just a way to charge the iPhone and digital audio is just one option.
While the new Lightning headphones are certainly capable of delivering higher fidelity audio, I’m not sure the average listener will hear the difference, especially if the quality of the audio file isn’t all that great.
Many companies, including Apple, are trying to roll out higher fidelity music services, so having higher fidelity headphones is a natural part of their strategy.
More Room Inside
Another benefit of getting rid of the headphone jack is that it frees up space inside the phone itself. Space is extremely tight in all smartphones, so every millimeter counts, especially when it comes to something as large as a 3.5 mm headphone jack.
That extra space can be devoted to larger screens, bigger batteries, better antennas or a slimmer form factor.
The Wireless Future
We must remember that Apple was the first computer company to get rid of floppy disk drives and CD/DVD drives in their computers and in the name of innovation, the headphone jack had to go.
Unveiled along with the iPhone 7 were the new AirPod wireless earbuds, which uses proprietary wireless technology and will sell for $159.
Apple knew that relying on the current Bluetooth standard for wireless audio would be too problematic, so they chose to create their own wireless connectivity technology to make thing easier and more reliable.
3 Billion More Reasons
Many analysts scratched their heads when Apple agreed to pay $3 billion to acquire headphone maker Beats, but it’s now a little clearer how they plan to leverage that acquisition.
Whether you end up using Lightning headphones or the wireless earbuds, they’re both going to be more expensive than traditional headphones which plays right into Apple’s ‘premium products’ strategy.
Some of the initial concerns being voiced over this radical change include the inability to listen to music while charging the phone, owning headphones that only work on Apple devices, losing the special dongle or if you opt for the expensive wireless earbuds, losing them (they aren’t much bigger than traditional hearing aids) and having yet another thing to remember to recharge.
Wed, 31 Aug 2016 00:00:00 +0700
(image) Since its humble beginnings in the 1950’s, voice recognition technology has made great strides over the years, but there are still many challenges to making it work the way most people envision is should work.
Managing your expectations about what it can and can’t do will have as much impact on your success as the technology itself.
If you’re looking for the kind of perfection portrayed in sci-fi movies, don’t bother looking at anything that’s commercially available just yet. Frankly, I’m not sure we’ll ever see an error free speech-to-text recognition system any time soon.
Understanding Accuracy Claims
You’ll likely see various claims being made about the accuracy rate of today’s technology, but keep in mind, a 90% accuracy rate means that every 10th word could be wrong. Even at 95% accuracy every 20th word could be wrong.
This means you’ll always have to spend time reviewing and correcting anything you generate, especially when it comes to things like homonyms and punctuation.
If you’re okay with that, then you’re ready for the next step.
Hardware Is Crucial
Everything starts with the microphone that generates the sound patterns that the software will attempt to recognize, so trying to use the built-in mic on a laptop or webcam isn’t going to cut it.
Ambient noise can make recognition even tougher than it already is, so you’ll need to invest in a decent headset mic so you’re providing the program with the cleanest audio possible.
Cadence Is Key
To get started with any voice recognition program, you always have to go through a training process so the software can get to know your voice and, more importantly, you train yourself on how to talk to the program.
Your cadence is the first thing you’ll need to change, because speaking to the program like you would to another human being is going to generate more errors.
This one area is where I’ve seen most people give up, because they aren’t willing to go through the learning/training curve in order to make the system provide a reasonable level of productivity.
Let’s face it, if you’re spending as much time cleaning up errors as it would have taken to type it out in the first place, it’s pointless.
Start With What You Already Have
You most likely already have voice recognition capabilities in your computer if the OS is reasonably recent.
Mac users can follow these instructions http://goo.gl/vQu4x2 to try using the Dictation tool that’s built in, while Windows 7, 8 and 10 users can go to the Control Panel and click on Ease of Access then Speech Recognition to turn it on.
None of these built-in technologies will compare with what most consider the industry leading software from Nuance called Dragon Naturally Speaking (http://goo.gl/yU6IbJ) which can range from $75 to $500.
Nuance also offers a smartphone app called Dragon Anywhere that you can try out for free to see if using your mobile devices works better for you.
Wed, 24 Aug 2016 00:00:00 +0700
(image) A recent decision issued by the Ninth Circuit Court of Appeals is just the latest story to take on a life of its own because of the incessant need to create ‘clickbait’ across the Internet these days.
Headlines claiming that “’sharing your Netflix password is now a federal crime” seem to be lingering thanks to social media.
What the court ruled on was that sharing your passwords can be grounds for prosecution under the Computer Fraud and Abuse Act, but the case was specifically ruling on unauthorized access by a former employee after the company had revoked his access to a protected system.
The former employee left the company to start a competing business and got a current employee to share her password so he could continue to access company records himself.
The majority opinion stated that the case was about stealing intellectual property and not about password sharing, but a dissenting judge disagreed.
This is apparently where the rumor mill started that evolved into the salacious headlines that you may have seen shared on Facebook or Twitter.
No part of this ruling directly addresses password sharing of your streaming services, although one of the judges did try to address the unintended consequences of the ruling because it was so broad.
What it does signal is that it’s now easier for businesses to go after current and former employees for sharing access credentials to protected systems with this ruling.
Most companies like Netflix, Hulu Plus and HBO have viewed password sharing as a viral marketing tool and wouldn’t be likely to ‘go after users’ even if this ruling does get interpreted in that way.
What can get you in trouble is if you sell your credentials to others, but simply sharing your credentials with a friend or family member isn’t suddenly a federal crime.
Netflix provided Snopes.com with this response to their inquiry into password sharing: “Netflix members can create up to five profiles on each account and the only limit is on how many devices that can be used to access Netflix at the same time, which is by plans. The $11.99 plan allows four devices to stream at the same time; the $9.99 plan allows two. As long as they aren't selling them, members can use their passwords however they please.”
Other services like Amazon have guidelines for sharing Prime Benefits by creating an Amazon Household posted here: http://goo.gl/jahmbg.
Cord cutting millennials that are no longer at home use their parent’s password so they can watch popular shows like Game of Thrones and HBO is well aware of that.
HBO’s CEO Richard Plepler told Buzzfeed last year ““It’s not that we’re unmindful of it, it just has no impact on the business.” In many ways it’s a “terrific marketing vehicle for the next generation of viewers,” he said, noting that it could potentially lead to more subscribers in the future.
You can expect things to change as streaming services grow in popularity, but for now, you don’t have to worry about the Feds knocking down your door because you shared your Netflix password.
Wed, 17 Aug 2016 00:00:00 +0700
(image) Passwords tend to be the only thing separating criminals and thieves from our online accounts, which is why they spend so much time creating sophisticated means in which to compromise them.
Just about all the advice you’ll ever hear about creating ‘strong passwords’ is generally designed to thwart sophisticated guessing schemes commonly referred to as ‘brute-force attacks’.
Brute-force attacks, which are generally performed off-line by high-speed computer networks, are a systematic process of trying every possible combination of letters, numbers and special characters until the correct combination is figured out.
Long, complex passwords are the best way to combat this type of attack.
Understanding Brute-Force Attacks
If you were to only use 2 characters for your password, you can see how a high-speed computer could guess every possible combination in the blink of an eye.
In fact, the Gibson Research Password Haystack Tool (https://grc.com/haystack) suggests that any 2-character password can be broken in 0.0000000000354 seconds or less.
Each additional character that you add exponentially increases the number of possible combinations, so the longer your password is, the longer it will take for a brute-force attack to be successful.
Most of you have been trained to use complex 8 character passwords, which are hard for you to remember and easy for attackers to crack. With today’s sophisticated password cracking technology, GRC’s tool suggest it’ll take just over 1 minute to break any 8 character password, no matter what combination of characters you use.
By stretching the password to 10 characters, that 1-minute goes to 1-week, as long as you have included uppercase characters, numbers and special characters.
Use Passphrases, Not Passwords
If you don’t follow the guidance on using all the required characters, the number of possible combinations drops exponentially.
For instance, the time that it takes to crack a complex 10-character password that does not include an upper case letter goes from 1-week down to just over 6 hours.
The key to creating strong complex passwords that you can remember is to stop using passwords and start using passphrases.
My go-to example of ‘I H8te Passwords!’ is a 17-character passphrase (including spaces) that GRC’s tool suggests would take 13.44 billion centuries to crack.
By creating a passphrase that is personal to you, you have a much better chance of creating a long complex password that you can easily remember.
For example, I’m Going To Aruba in 2017! is 27 characters long and uses all the required characters. Some sites don’t allow you to use spaces, but it would still be 22-characters long.
I personally shoot for at least 12-character passphrases these days, knowing that brute-force cracking technology is going to get faster as time goes on.
If time wasn’t a factor, any password of any length can eventually be broken, but time is a factor with cyber-thieves, so make yours long and complex enough so that your accounts aren’t worth their time.
Wed, 10 Aug 2016 00:00:00 +0700
(image) Passwords are often referred to as the weakest link in security by many cyber-security professionals primarily because of the human element.
Most systems require users to include upper and lower case letters, at least one number and in some cases, at least one special character.
Human behavior is very predictable by sophisticated hackers and when left to their own abilities, the average user will create weak passwords that are easy to break because it’s just not an intuitive process.
With this in mind, many researchers are suggesting that forcing users to regularly change their passwords, which is common in corporate settings, can actually encourage the creation of weaker passwords.
Creating strong passwords for each of your accounts is hard enough, so forcing users to regularly come up with new ones tends to create an environment where human nature takes over.
It Makes Technical Sense
From a purely technical viewpoint, regularly changing passwords makes sense as it renders compromised passwords useless, but it ignores the reality that humans are involved.
Several researchers have published studies over the years warning of the unintended consequences of regularly forced password changes and one of the more prominent figures to speak out on this common practice is the Chief Technologist for the FTC, Lorrie Cranor.
Her FTC blog titled “Time to rethink mandatory password changes” (https://goo.gl/MerJfN) points to a UNC research paper that showed users tend to use predictable patterns they call ‘transformations’ (like just adding the next number) when regularly required to change passwords.
Cyber-thieves know that this behavior is common and have been using password cracking tools that can guess the highest probability for new passwords based on old passwords that have been compromised.
This common human behavior can render the technical benefits of forced password changes useless because cracking the ‘new password’ can actually be made easier over time through pattern recognition.
When You Should Change Passwords
Large scale data compromises seem to be in the news just about every week and whenever a company that you do business with has been compromised, you should immediately change your password.
Likewise, if your company knows that an outsider may have gained access to their network, forcing everyone to change their passwords is a no-brainer.
If you discover that your computer has been infected with malware, especially since often times, one infection can lead to many others, you should change your online passwords from another computer or after your computer has been disinfected as a precaution.
A Better Security Measure
Since data breaches and malware are a fact of life these days, assuming that your password is going to be compromised at some point is a good strategy.
Activating 2-factor authentication or login approvals (How to Setup Password Fraud Alerts: http://goo.gl/SCa64p) on all of your online accounts provides you with an extra layer of protection when the inevitable occurs.
Virtually every major online service offers this protection and it’s far more effective than regularly changing your passwords because it prevents thieves from gaining access even if they do steal your passwords.
Wed, 27 Jul 2016 00:00:00 +0700
(image) We’ve all been taught to look for HTTPS: (HyperText Transfer Protocol Secure) at the beginning of a website whenever we’re going to make a purchase online.
This ensures that the information you’re typing on the page is encrypted between you and the trusted website so that your information stays secure.
The warning message you’re asking about typically appears on sites that require this level of security, such as any site that requires you to log in or make purchases online.
A security certificate is a means to ensure that the site owner is who they say they are resulting in the famous ‘lock’ image that helps you know that you’re on a secure site.
Think of them as a way to authenticate the owner of a website much like your username and password are used to authenticate you as a user.
The complexity involved in Internet security can get a bit technical, but for the most part, whenever you see this error on a site where you are being asked to provide sensitive information, you should be very cautious.
When you see this message pop up, your browser is essentially telling you that it can’t verify the authenticity of the website you are visiting because there is a problem with the security certificate.
The causes for this warning message can vary greatly and often times does not necessarily mean that something nefarious is in play, but you should still always be cautious.
Something as simple as your computer’s date and time being off can cause this but so can a slightly mistyped URL that lands you on a scam site.
A common cause is that the website owner hasn’t renewed their security certificate (as in it was once valid, but has since expired) or they’re using a free Certificate Authority service such as CAcert.org (http://cacert.org) that isn’t necessarily trusted by some browsers.
If you know for sure that the website is legitimate, you should alert the website owner of the warning so they can fix the problem on their end.
Keep in mind, this can also be a clear alert that the site you’re visiting isn’t a legitimate site and can’t be trusted.
Creating very convincing duplicate websites is not very hard to do these days, so you’ve got to always pay close attention to security indicators like the picture of the lock and these security warnings that can come from Google, your browser or from your security software.
If you’re not sure about a site, you can use a third-party site checker such as Sucuri’s SiteCheck scanner (https://sitecheck.sucuri.net) to get a full report on the site that will check for known malware, blacklisting status, website errors and out-of-date software.
If you regularly visit a site that you know is legitimate but gives you this error, there are ways to bypass the message for just that site, but I’d only suggest this for tech savvy users (by doing a Google search).
Wed, 20 Jul 2016 00:00:00 +0700
(image) Much like the ‘spring cleaning’ season, the back-to-school season is a good time to evaluate your computer to make sure it’s secured, optimized or to decide if it’s time to upgrade or replace the unit.
Even if you don’t have kids going back to school, going through the evaluation, especially if you haven’t done so in a while, is a good idea.
Start With Updates
Updates to your operating system, security software and productivity tools can provide you with new tools and features, but it’s essential for keeping your Internet connected computer secure.
The easiest way for hackers to exploit your computer is through known security holes that haven’t been patched, so look for the ‘Check for Updates’ option in everything you and your kids plan on using this year (most often found in the Help menu).
Make Room For Growth
Your hard drive plays a significant role in the overall performance of your computer, especially if it’s getting close to full.
Make sure you have plenty of free space for both future storage and the constant work space your computer needs to process temporary files.
Uninstalling programs and deleting video files will free up the most space, while getting rid of old documents will hardly make a dent because they’re so small.
Windows users can run the built-in ‘Disk Cleanup’ utility to clear out old temp files and other unneeded junk that accumulates, while Mac users can download Trend Micro’s Dr. Cleaner utility (https://goo.gl/GMA7VC) to do the same.
If you can’t free up at least 25% of the drive space, you should consider upgrading to a larger drive, which is usually significantly less hassle and less expensive than starting over with a new computer.
If you really want to extend the life of your computer, consider upgrading to one of the ultra-fast Solid State Drives (SSDs) which can breath new life into any computer that’s been running slow.
Setup Automated Backups
Nothing ruins a school year like lost homework or project files, especially if it’s a year long project that gets lost near the end of the school year.
Older students should be taught how to use a USB flash drive to make copies of everything as opposed to only storing it on the USB drive.
The best protection comes from an off-site automated backup that takes all the human error out of the process.
We’ve relied on Carbonite (http://goo.gl/qczSTU) for our members for many years because we found it to be the best all around option for most households.
Not only does it do everything automatically, it will nag you when it can’t do its job and it keeps the three most recent versions of every file it backs up at a minimum.
This can come in real handy when something is accidentally overwritten, saved improperly or becomes corrupted or infected.
This also provides access to the backed up files from just about any Internet connected device, including smartphones and tablets so you’re no longer beholden to any single computer.
Wed, 13 Jul 2016 00:00:00 +0700
(image) Extended warranties have long been sold as an ‘insurance policy’ in case something goes wrong with your computer (or any product for that matter).
As with any type of pseudo ‘insurance’ you have to weigh the risks against the cost of coverage to make an informed decision.
There is no ‘one-size-fits-all’ answer to this question, because your circumstances, who’s using it and the product you’re purchasing are big factors.
What’s Actually Covered?
Focusing on what’s actually covered and what isn’t will generally help you make your decision.
In most cases, an extended warranty on a computer focuses primarily on repairing hardware or resetting the system back to the way it was when you first purchased it.
The problem with this type of coverage is that the vast majority of problems experienced by computer users are software related, not hardware related, so they won’t be covered.
Even if things like virus infections or operating system corruption are covered, the only option you’ll have is to wipe everything out and start over.
What’s Not Covered?
This means all your data, programs, settings, favorites, music, pictures, contacts, emails or anything else that makes it ‘your computer’ will be removed, leaving you with the arduous task of reinstalling all your programs, reconfiguring your printer and network setting and restoring all your data to the proper locations (and only if you have all your installation disks and a current backup).
For further perspective, the 5 most common issues we see in our shops are:
#1: Virus/Malware infections
#2: Windows or Mac OS Operating System errors/corruption
#3: Slow startup and sluggish performance issues
#4: Software Updating issues (like when updating to Windows 10)
#5: Hardware Upgrades (more RAM, faster hard drives, etc.)
None of these very common issues are covered by extended warranties, other than in some cases to wipe everything out leaving you to start over again. None of the standard programs cover any issues with lost data either, which can be one of the most expensive services should you be faced with a data recovery situation.
Understanding the Business Model
In our experience, the very best outcome for any service process is to have your computer look and work like it did before the service was performed.
This is not the focus for service providers that are paid very little to perform services under extended warranties. They simply can’t afford to spend the time.
Their focus will be to do the least amount of work necessary, which generally leaves you with something that no longer resembles ‘your computer’.
Hardware failure issues are relatively rare, which is why so many of the ‘coverage programs’ that you’ll be offered primarily focus on hardware failures or accidental damage and not the real world issues that you’ll deal with.
You and everyone you know has dealt with virus/malware issues, slow performance, etc. at a much higher rate versus having to replace the motherboard or hard drive on their computer, so in most cases, a hardware focused plan isn’t a good deal.
Wed, 6 Jul 2016 00:00:00 +0700
(image) With over one billion active daily users, Facebook increasingly is becoming an attack vector of choice for those with malicious intent.
Target Rich Environment
Facebook is a target rich environment not only because of the huge number of users but because of the sensitive information that so many have provided the network which helps to pull off ID theft.
Birth dates, mother’s maiden name, and using a compromised profile to login to other services is just the beginning of the desirable identity elements for thieves.
There are a variety of common techniques that scammers use to gain access to your profile, with many of them focusing on phishing scams with malicious links or fake login requests.
Fake Duplicate Accounts
Another very common practice that gets people thinking that their account has been hacked is actually just a fake duplicate of your profile.
It only takes a few minutes to download your public profile image and publically available information to create what looks like your account to your friends.
Most of these scams will try to trick your friends into accepting a new friend request that looks like it’s from you so they can perpetrate their scam as a ‘trusted friend’.
In these cases, posting a warning to all your friends and asking them to help you report the fake duplicate will generally get the account taken down fairly quickly.
The process for reporting fake accounts is posted at: https://goo.gl/73Kddn
Has My Account Been Hacked?
Certainly there are clear indicators that someone had gained access to your account, like when you see posts that you had nothing to do with or private messages that were sent to your friends that wasn’t you.
The first step to determining if others are actually using your account is to check the ‘Where You’re Logged In’ page in the Security portion of your Settings.
This page will list every location, device and last access time for all your active sessions, so if you see a location or device that you don’t recognize, that could be an indication of a compromise and you should immediately change your password.
If you don’t initially recognize an entry, remember that if you’ve ever borrowed a friend’s computer to use your account, that computer may still have access to your profile and many friends will take the opportunity to prank you.
You can remove any of the entries by clicking on the ‘End Activity’ link next to each session or click on the ‘End All Activity’ to kill all sessions except your current one.
Keep in mind, with data breaches occurring almost daily, if you’re using the same username and passwords on most of your online accounts, it’s a walk in the park for someone to start using your Facebook account.
My advice to everyone is that you should assume that all your usernames and passwords will be compromised at some point, so activating ‘Login Approvals’ (https://goo.gl/sDqOlF) or ‘2 factor authentication’ (http://goo.gl/X65O1N) on every account is essential.