2014
iOS 8 - How to (potentially) fix a slow device
14.10.14 Filed in: iOS
One of the main issues I had when updating my iPad 3 to iOS 8 was a drastic issue with responsiveness. Especially Safari started to become extremely slow, but also switching between apps would keep me counting seconds between bursts of activity.
Surely, iOS 8 couldn’t be that bad of an operating system? Also, an iPad 3 isn’t the slowest of devices, so what gives?
I started researching the topic and came across a post on Apple’s own support board (i.e. where you write your issues into a “case” and other users respond). Apparently, folks had the same issue when upgrading from iOS 6 to 7 on iPads.
The key when experiencing performance issues right after doing an iOS Upgrade is to reset all settings to default. This includes data like WIFI passwords, etc. This may not sound very logical - we’re talking about various login data here, right? But apparently, there are settings from the previous iOS version that play serious havoc with the new version.
I tried it and - lo and behold: my iPad is, once again, as fluid to use as it was under iOS 7!!! Yeah!
Personally, I don’t think doing OS upgrades is a good idea in general - usually, I re-install the device from scratch when a major release comes around. This involves a lot of re-installation of apps and accounts, which makes the idea of a simple upgrade enticing. However, I’m going to stick to my story: when iOS 9 rolls around, I’ll reinstall, not upgrade.
If your iPad or iPhone is having performance issues, give this a try.
Open the Settings app and go to:
General --> Reset --> Reset All Settings
Surely, iOS 8 couldn’t be that bad of an operating system? Also, an iPad 3 isn’t the slowest of devices, so what gives?
I started researching the topic and came across a post on Apple’s own support board (i.e. where you write your issues into a “case” and other users respond). Apparently, folks had the same issue when upgrading from iOS 6 to 7 on iPads.
The key when experiencing performance issues right after doing an iOS Upgrade is to reset all settings to default. This includes data like WIFI passwords, etc. This may not sound very logical - we’re talking about various login data here, right? But apparently, there are settings from the previous iOS version that play serious havoc with the new version.
I tried it and - lo and behold: my iPad is, once again, as fluid to use as it was under iOS 7!!! Yeah!
Personally, I don’t think doing OS upgrades is a good idea in general - usually, I re-install the device from scratch when a major release comes around. This involves a lot of re-installation of apps and accounts, which makes the idea of a simple upgrade enticing. However, I’m going to stick to my story: when iOS 9 rolls around, I’ll reinstall, not upgrade.
If your iPad or iPhone is having performance issues, give this a try.
Open the Settings app and go to:
General --> Reset --> Reset All Settings
Comments
iOS 8 - Not really an improvement, part 1
09.10.14 Filed in: iOS
Okay, I’ve had some time to play with iOS 8, and unfortunately, I’m not as thrilled as I’d hoped to be.
My iPad (2nd generation) is still seemingly “getting” stuck periodically, especially when using Safari (horrible experience).
I’ll nag about a couple of real annoyances in this and follow-up posts.
One major annoyance is this message, which already tortured me in iOS 7:
This pops up whenever you start or switch to the Podcasts app when Airplane Mode is turned on. This is quite frequently for me, as I tend to listen to podcasts in bed (where I prefer to turn airplane mode on so as not to be bothered with frequent beeps or vibrations when emails come in over night) or on... you guessed it: an airplane!
Okay, I can understand that you’d want to let your user know that, you won’t be able to download podcasts unless you turn off airplane mode or at least turn on Wifi. Once. Users learn... there is ABSOLUTELY NO NEED to keep reminding me, every time I use the damn app! Whatever happened to usability, Apple?
I’d really been hopeful that someone at Apple would find this constant nagging annoying enough to get it done right in iOS 8. Unfortunately, not so. In fact, should you not have understood that the app isn’t able to download podcasts without a data connection of some sort (duh!), iOS 8 now presents you with this bit of intelligencia:
It will hit you with this AFTER it shows you the previous message. Sometimes, I get the feeling that the product manager responsible for the Podcasts App (is there one?) is getting paid off by other companies that make podcast players... not to mention any names, of course!
Apple, I don’t want to use my cellular data plan to download podcasts... I don’t have a flatrate as your programmers apparently do!
I’d really like to get this message through to Apple somehow: in the next update of the Podcasts app, PLEASE make these idiotic messages go away after the first time I’ve seen them!
I’m not the only one with this issue, as this thread on discussions.apple.com shows...
My iPad (2nd generation) is still seemingly “getting” stuck periodically, especially when using Safari (horrible experience).
I’ll nag about a couple of real annoyances in this and follow-up posts.
One major annoyance is this message, which already tortured me in iOS 7:
This pops up whenever you start or switch to the Podcasts app when Airplane Mode is turned on. This is quite frequently for me, as I tend to listen to podcasts in bed (where I prefer to turn airplane mode on so as not to be bothered with frequent beeps or vibrations when emails come in over night) or on... you guessed it: an airplane!
Okay, I can understand that you’d want to let your user know that, you won’t be able to download podcasts unless you turn off airplane mode or at least turn on Wifi. Once. Users learn... there is ABSOLUTELY NO NEED to keep reminding me, every time I use the damn app! Whatever happened to usability, Apple?
I’d really been hopeful that someone at Apple would find this constant nagging annoying enough to get it done right in iOS 8. Unfortunately, not so. In fact, should you not have understood that the app isn’t able to download podcasts without a data connection of some sort (duh!), iOS 8 now presents you with this bit of intelligencia:
It will hit you with this AFTER it shows you the previous message. Sometimes, I get the feeling that the product manager responsible for the Podcasts App (is there one?) is getting paid off by other companies that make podcast players... not to mention any names, of course!
Apple, I don’t want to use my cellular data plan to download podcasts... I don’t have a flatrate as your programmers apparently do!
I’d really like to get this message through to Apple somehow: in the next update of the Podcasts app, PLEASE make these idiotic messages go away after the first time I’ve seen them!
I’m not the only one with this issue, as this thread on discussions.apple.com shows...
iOS 8 - The seeds of doom
28.09.14 Filed in: iOS
Since my move to an Android phone over a year ago, I’ve learned to dislike many of the functionalities of iOS, especially on the tiny screen of an iPhone 4 (the main reason I switched).
While the move from iOS 6 to 7 turned into a real disaster on the iPhone 4, it ran fine on the iPhone 5s I was issued by my employer this month. However, Apple still lagged behind the usability of the Android keyboard by a long shot. Predictive typing without being too pushy is a real boon in productivity on an Android device... the algorithm is language agnostic (at least in switching between English and German), even mixed language content in the same sentence isn’t an issue.
On iOS 7, Apple is still turning words around for you in its typical pushy way (which is the reason I had it turned off), so I was excited to hear about the new predictive keyboard in iOS 8. Sure, I switched over both the 5s and my iPad 2.
The keyboard is still “pushy”... I have yet to figure out how to prevent it from changing a word that I’ve spelled correctly into something completely different. Language agnostic? Nope. Again, iOS lags behind Android in technological prowess. Add Bendgate to that and you have a company that is rolling down Olymp into Hades on greased rollerskates.
Worse than the keyboard disappointment is the performance of my iPad. While this took a serious dip going from iOS 6 to 7, it’s now partially unusable! The TED.com App doesn’t work anymore... you get a black image instead of video (including all the buttons). The browser freezes frequently, not reacting to anything save being closed down. In general, performance is sluggish at best. If an app isn’t slowed down to a crawl, it crashes instead. iOS 6 was a very stable OS, rarely did I have an issue at all. Apps crashing is a daily occurrence now, partially in mid-sentence of writing an email, for example. And yes, I have 8.02 on there with all apps updated.
So where is Apple going? Issues with security, Bendgate, an iOS release disaster that left many iPhone 6 users in a state of close-to-unusable. If heads don’t start rolling at Apple, then I’m willing to predict the second decline of Apple. Woz, I think it may be your turn!
While the move from iOS 6 to 7 turned into a real disaster on the iPhone 4, it ran fine on the iPhone 5s I was issued by my employer this month. However, Apple still lagged behind the usability of the Android keyboard by a long shot. Predictive typing without being too pushy is a real boon in productivity on an Android device... the algorithm is language agnostic (at least in switching between English and German), even mixed language content in the same sentence isn’t an issue.
On iOS 7, Apple is still turning words around for you in its typical pushy way (which is the reason I had it turned off), so I was excited to hear about the new predictive keyboard in iOS 8. Sure, I switched over both the 5s and my iPad 2.
The keyboard is still “pushy”... I have yet to figure out how to prevent it from changing a word that I’ve spelled correctly into something completely different. Language agnostic? Nope. Again, iOS lags behind Android in technological prowess. Add Bendgate to that and you have a company that is rolling down Olymp into Hades on greased rollerskates.
Worse than the keyboard disappointment is the performance of my iPad. While this took a serious dip going from iOS 6 to 7, it’s now partially unusable! The TED.com App doesn’t work anymore... you get a black image instead of video (including all the buttons). The browser freezes frequently, not reacting to anything save being closed down. In general, performance is sluggish at best. If an app isn’t slowed down to a crawl, it crashes instead. iOS 6 was a very stable OS, rarely did I have an issue at all. Apps crashing is a daily occurrence now, partially in mid-sentence of writing an email, for example. And yes, I have 8.02 on there with all apps updated.
So where is Apple going? Issues with security, Bendgate, an iOS release disaster that left many iPhone 6 users in a state of close-to-unusable. If heads don’t start rolling at Apple, then I’m willing to predict the second decline of Apple. Woz, I think it may be your turn!
Phishing in the name of Apple
I never thought it would happen - but it happened: a Phishing email “got” me.
I was reading emails on my iPad when I found the following message:
And you know what? They got me! I was sitting in the living room with a couple other people, talking about this and that and checking my emails while doing it. Failing grade for social competence there, and yes, I should have separated reading emails and talking into two separate actions... but - lets face it - the situation isn’t anything unusual, probably worldwide.
If I’d been concentrating on just one thing at a time, I would have noticed the odd structuring of text, I would have realized that it just plain isn’t possible to buy an album using my account on a device that isn’t registered, etc. etc. etc.
But I didn’t.
I panicked and clicked on the link. Here is what the real link - behind the fake one - points to:
Mind you, the screenshot above is done on my Mac... you can just hover the mouse over the suppled URL in an Email message and up pops the real URL that is hidden behind it. You can’t do that on an iPad! Why? Beats me!
It is beyond me that modern email clients (and I put all of them in the same bag, folks) don’t do a comparison check on included URL’s before showing a message. The only way to hide a bad URL behind a seemingly good one is to encode the entire email in HTML; checking for inconsistencies isn’t difficult.
Especially on an iPad, just flagging an email with mismatched URL’s would be helpful - in fact, I see this as an absolute MUST-HAVE function (Apple, are you listening?).
What is “kostexecutivesurabaya.com”? It is a Malay website that states “If you have any business purpose, visiting relatives, holiday or have important business in the area of Surabaya and require Kost / temporary shelter, KostExecutiveSurabaya.com is the solution.” (thanks, Google Translate!).
The URL is registered to a company called “mediatechindonesia” in Jawa Timur, Indonesia. Wether it’s been hacked or not is tough to tell; I’m not going to waste my time getting in contact with the admin-c.
Interesting is the modus operandi. Instead of adding a unique key to the hidden URL (which would associate with my email-address, giving the phisher a heads-up on its status), it leads to a form page made up to look just like one from Apple. The issue has been registered, apparently, because any attempt to call up the URL again leads to a forgery warning:
When I hit “ignore”, I get to an empty directory, so whatever the issue with the server was, it’s been taken care of.
Unfortunately, I didn’t take screenshots of the pages that were up, because they were shockingly well done - likely original HTML code from Apple’s website copied and used to make the Phish as believable as possible.
The first page asked you to enter your Apple credentials (Apple ID and password). This was followed by a form asking you to validate your payment information. This is where the fog in my brain was finally dispersed.
I immediately went to change my password for my Apple ID... you have to be VERY quick with this - if the Phisher is quicker, then you’ve lost your Apple ID to them. By the time you get it blocked, they’ve purchased all the musik, books and videos they need to entertain themselves for the next three years straight.
And here, I have to loudly criticize Apple: put yourself in my situation - you’re panicked. Your frantically trying to change your password. Go ahead, do the test. Put yourself in frantic mode, log onto the iTunes store and try to figure out how to change your password. Quick! Hurry! Too late...
Honestly, with the recent issues Apple had with iCloud - wether they are Apple problems or not - I would think security topics such as easy access to password changes or even to setting up two-factor authentication would be at the forefront of Apple management’s todo list.
Instead, even though I claim not to be an IT noob, I was unable to activate two-factor authentication without searching the web for instructions! And get this - you go to turn it on and... you have to wait three days! WTF, Apple? If I’m able to activate anything in my account, I already HAVE THE APPLE ID AND PASSWORD. Duh!!! Do you really think a three-day waiting period is going to make things more secure? I feel like I’ve applied for a divorce and the government is forcing me to think about my decision before concurring!
Steve, you went from us way too early!
I was reading emails on my iPad when I found the following message:
And you know what? They got me! I was sitting in the living room with a couple other people, talking about this and that and checking my emails while doing it. Failing grade for social competence there, and yes, I should have separated reading emails and talking into two separate actions... but - lets face it - the situation isn’t anything unusual, probably worldwide.
If I’d been concentrating on just one thing at a time, I would have noticed the odd structuring of text, I would have realized that it just plain isn’t possible to buy an album using my account on a device that isn’t registered, etc. etc. etc.
But I didn’t.
I panicked and clicked on the link. Here is what the real link - behind the fake one - points to:
Mind you, the screenshot above is done on my Mac... you can just hover the mouse over the suppled URL in an Email message and up pops the real URL that is hidden behind it. You can’t do that on an iPad! Why? Beats me!
It is beyond me that modern email clients (and I put all of them in the same bag, folks) don’t do a comparison check on included URL’s before showing a message. The only way to hide a bad URL behind a seemingly good one is to encode the entire email in HTML; checking for inconsistencies isn’t difficult.
Especially on an iPad, just flagging an email with mismatched URL’s would be helpful - in fact, I see this as an absolute MUST-HAVE function (Apple, are you listening?).
What is “kostexecutivesurabaya.com”? It is a Malay website that states “If you have any business purpose, visiting relatives, holiday or have important business in the area of Surabaya and require Kost / temporary shelter, KostExecutiveSurabaya.com is the solution.” (thanks, Google Translate!).
The URL is registered to a company called “mediatechindonesia” in Jawa Timur, Indonesia. Wether it’s been hacked or not is tough to tell; I’m not going to waste my time getting in contact with the admin-c.
Interesting is the modus operandi. Instead of adding a unique key to the hidden URL (which would associate with my email-address, giving the phisher a heads-up on its status), it leads to a form page made up to look just like one from Apple. The issue has been registered, apparently, because any attempt to call up the URL again leads to a forgery warning:
When I hit “ignore”, I get to an empty directory, so whatever the issue with the server was, it’s been taken care of.
Unfortunately, I didn’t take screenshots of the pages that were up, because they were shockingly well done - likely original HTML code from Apple’s website copied and used to make the Phish as believable as possible.
The first page asked you to enter your Apple credentials (Apple ID and password). This was followed by a form asking you to validate your payment information. This is where the fog in my brain was finally dispersed.
I immediately went to change my password for my Apple ID... you have to be VERY quick with this - if the Phisher is quicker, then you’ve lost your Apple ID to them. By the time you get it blocked, they’ve purchased all the musik, books and videos they need to entertain themselves for the next three years straight.
And here, I have to loudly criticize Apple: put yourself in my situation - you’re panicked. Your frantically trying to change your password. Go ahead, do the test. Put yourself in frantic mode, log onto the iTunes store and try to figure out how to change your password. Quick! Hurry! Too late...
Honestly, with the recent issues Apple had with iCloud - wether they are Apple problems or not - I would think security topics such as easy access to password changes or even to setting up two-factor authentication would be at the forefront of Apple management’s todo list.
Instead, even though I claim not to be an IT noob, I was unable to activate two-factor authentication without searching the web for instructions! And get this - you go to turn it on and... you have to wait three days! WTF, Apple? If I’m able to activate anything in my account, I already HAVE THE APPLE ID AND PASSWORD. Duh!!! Do you really think a three-day waiting period is going to make things more secure? I feel like I’ve applied for a divorce and the government is forcing me to think about my decision before concurring!
Steve, you went from us way too early!
Wherefort art thou Floppy?
31.07.14 Filed in: Storage
“A rose is a rose by any other name” - well-known words, but in this case, a floppy drive was a floppy drive. Period.
Here is how my morning started. I checked an online discounter for some laptops they have on sale, as friends of ours are looking for one. The online shop is well made, you get the basic model and a bunch of dropdowns to add options to it.
Then it happened. I stumbled across this one:
In case you can’t read German... the thing on the second line is an “external USB Floppy drive”. You can choose between a USB card reader and (drumroll, please)... a Floppy drive? Wait. Didn’t those go out in 1995? After all, even a single digital photo from a supermarket cheapo digital camera won’t fit in the 1.44MB a 3.5” Floppy offers...
So I checked Amazon, and lo and behold, the German Amazon store offers several models! Internal, external, your choice. And they are cheap: an external, USB Floppy drive will set you back €12 - that’s cheaper then the cost of an internal one in 1990!
And yes, the US Amazon site also offers these relics. You can buy the disks for them as well, of course, from well-known, trusted brands of the 80’s like Imation and Verbatim! Mind, these run anywhere from 6-10€ a 10-pack. Which makes it the MOST EXPENSIVE storage medium out there at cost per Gigabyte (I came up with €715 per Gigabyte...).
Folks, if you have a real-life application for one of these Drives that convinces me, I’ll go buy one. Might be worth it just to show the kids what storage looks like that would make my iPad cost a whopping €23.000, if we didn’t have flash memory!
The Floppy is dead... LONG LIVE THE FLOPPY!
Here is how my morning started. I checked an online discounter for some laptops they have on sale, as friends of ours are looking for one. The online shop is well made, you get the basic model and a bunch of dropdowns to add options to it.
Then it happened. I stumbled across this one:
In case you can’t read German... the thing on the second line is an “external USB Floppy drive”. You can choose between a USB card reader and (drumroll, please)... a Floppy drive? Wait. Didn’t those go out in 1995? After all, even a single digital photo from a supermarket cheapo digital camera won’t fit in the 1.44MB a 3.5” Floppy offers...
So I checked Amazon, and lo and behold, the German Amazon store offers several models! Internal, external, your choice. And they are cheap: an external, USB Floppy drive will set you back €12 - that’s cheaper then the cost of an internal one in 1990!
And yes, the US Amazon site also offers these relics. You can buy the disks for them as well, of course, from well-known, trusted brands of the 80’s like Imation and Verbatim! Mind, these run anywhere from 6-10€ a 10-pack. Which makes it the MOST EXPENSIVE storage medium out there at cost per Gigabyte (I came up with €715 per Gigabyte...).
Folks, if you have a real-life application for one of these Drives that convinces me, I’ll go buy one. Might be worth it just to show the kids what storage looks like that would make my iPad cost a whopping €23.000, if we didn’t have flash memory!
The Floppy is dead... LONG LIVE THE FLOPPY!
Wifi gone on MacBook Pro
28.07.14 Filed in: Mac
Some weeks ago, and out of the blue, my 2008 MacBook Pro showed a strange icon in place of the usual Wifi one and - by clicking on it - was ominously reporting “Wi-Fi: no hardware installed”. Something broke.
As I was on the road at the time, I went to a local electronics store and picked up a Wifi USB dongle. While that actually works better than I expected, it does block one of the two USB ports, requires a separate piece of software to operate and gets excessively hot (heat = battery use).
I checked out this iFixit guide to see if - by chance - the cable might have disconnected from the Airport card... but no luck. So I ordered a replacement Airport card for the laptop (setting me back €30) and used the same iFixit guide to attempt the repair. There aren’t any relevant differences between the 2008 and 2009 MacBook Pros (except for the removable battery in mine), so the guide works fine.
The guide is really quite good, though there are small issues when putting the unit back together that I would like to have seen in the guide instead of making mistakes and (luckily) finally figuring it out on my own. Such as positioning of the Airport connector cable when putting the clutch cover back on.
After getting the unit back together, I fired it up; it had saved a previous session in a hibernation file (because the battery ran out), and - of course - no new Wifi hardware was found. Not an issue, I figured - after all, the running OS had been “alive” before I replaced the card. I rebooted.
The reboot didn’t help - the hardware continued claimed “uninstalled” by the system.
I reset the NVRAM. No Wifi.
I tried trashing the NetworkInterfaces.plist, which I found here - no Wifi.
I reset the SMC. Nada.
Checking the Network -> Wifi section in the System Information app clearly shows that hardware wasn’t found, only the Wifi software. On my work MacBook Pro, there is a section under “Software Version” called “Interfaces” that lists the Airport Extreme card - there is no such section on my private laptop.
It looks like the Airport card wasn’t at fault after all. Shame that. The “operation” was pretty difficult; not something I’d really want to repeat. The biggest question now is: is this a cable break issue or is there something broken on the mainboard?
I’m not sure if it is really worth the trouble... after all, I can use Wifi with that USB dongle - annoying as that is. If it is just the cable, that would be easy to replace; I haven’t found one yet on ebay, though.
We’ll see.
As I was on the road at the time, I went to a local electronics store and picked up a Wifi USB dongle. While that actually works better than I expected, it does block one of the two USB ports, requires a separate piece of software to operate and gets excessively hot (heat = battery use).
I checked out this iFixit guide to see if - by chance - the cable might have disconnected from the Airport card... but no luck. So I ordered a replacement Airport card for the laptop (setting me back €30) and used the same iFixit guide to attempt the repair. There aren’t any relevant differences between the 2008 and 2009 MacBook Pros (except for the removable battery in mine), so the guide works fine.
The guide is really quite good, though there are small issues when putting the unit back together that I would like to have seen in the guide instead of making mistakes and (luckily) finally figuring it out on my own. Such as positioning of the Airport connector cable when putting the clutch cover back on.
After getting the unit back together, I fired it up; it had saved a previous session in a hibernation file (because the battery ran out), and - of course - no new Wifi hardware was found. Not an issue, I figured - after all, the running OS had been “alive” before I replaced the card. I rebooted.
The reboot didn’t help - the hardware continued claimed “uninstalled” by the system.
I reset the NVRAM. No Wifi.
I tried trashing the NetworkInterfaces.plist, which I found here - no Wifi.
I reset the SMC. Nada.
Checking the Network -> Wifi section in the System Information app clearly shows that hardware wasn’t found, only the Wifi software. On my work MacBook Pro, there is a section under “Software Version” called “Interfaces” that lists the Airport Extreme card - there is no such section on my private laptop.
It looks like the Airport card wasn’t at fault after all. Shame that. The “operation” was pretty difficult; not something I’d really want to repeat. The biggest question now is: is this a cable break issue or is there something broken on the mainboard?
I’m not sure if it is really worth the trouble... after all, I can use Wifi with that USB dongle - annoying as that is. If it is just the cable, that would be easy to replace; I haven’t found one yet on ebay, though.
We’ll see.
Review of LastPass
If you’re looking for password management, please read my review of LastPass, which I can recommend without restrictions.
I’d been using the same - albeit complex - password for nearly all the internet (and intranet) sites I use... with more and more news about cracked servers coming in on a daily basis, I finally decided to do something about the situation.
I researched several sites that reviewed password managers and finally ended up with LastPass, as it fulfills several requirements I have:
LastPass ended up covering all of these requirements with bravado. It will auto-fill most webpages you call up automatically; some, it struggles with (strangely enough: my m0n0wall firewall in my local LAN is a candidate), but this is rarely the case.
Also quite nice is the recent addition of autofill on mobile devices, which makes working with passwords a snap for most apps / websites.
When I first signed up (the service costs $12/year, apps are free for all platforms), the safest method for multi-level authentication was a grid (unique to each user) you printed out. To authenticate, LastPass would give you five letter/number combinations which - when followed up on the grid - would generate five alphanumeric characters as an authentication code.
Recently, they have moved to using Google Authenticator, which reminds me of the RSA SecurID Token used to sign into VPNs. It works like a charm.
To further increase security, you can severely restrict the locale of the IP addresses that can be used to log in. I.e. if you know you’re never going to be in China, you can just close down all Chinese IP addresses as log-in sources. Sure, a Chinese hacker can VPN to an IP address based in Germany, for example, but the mechanism helps.
As the name implies, you do have to give your LastPass account one “last” password that you can easily remember but qualifies for a “safe” password. I.e.: don’t use your cat’s name here, because if someone figures it out, they have access to all of your passwords!
On first installation, LastPass offers to import all passwords from your browser(s). Since I used the browser auto-entry feature extensively, I let LastPass do this. After the fact, I’m not sure if this is a sensible step if you’re using the same password over and over, because you really don’t have much added value. On the other hand, you get a huge list of entries, some of which had up to 10 duplicates in my case, because browsers just don’t do the database thing very well.
LastPass will generate passwords for you; in fact, if you sign up to some service on the internet, LastPass consistently adds a small icon to the right of the fields where you are to enter and confirm the password to be used. I find this quite fascinating, since these fields have all sorts of different labels, etc., but perhaps there is a standard marking used in HTML to designate an entry field for the password.
In any case, if you click on this icon, LastPass will pop up a small window where you can not only generate a random password, but also change the parameters to be used, such as length, wether to make the password pronounceable or wether it can use special characters or not.
Especially the length and special characters settings can be quite important, as there are still services out there that restrict you to, say, 8 letters and/or numbers.
Once you have generated a password for the new service, LastPass offers to save the site (which is something you obviously want to do). You can name the site as you like and also select it as a favorite (which will make it come up at the top of the list in the LastPass panel), as well as assigning a category (such as “Online Shopping”). The categories can be typed in (for new ones) or selected from a dropdown list. They are optional, but very handy.
Perhaps odd at first is the fact that there is no LastPass App for Windows or Mac - you use it from a browser (all relevant browsers are supported). The mobile operating systems do have Apps to make the use simpler on these devices. On the mobile app, you can search for a site, for example (by any of its metadata) and chose “copy password do clipboard” if you need to manually paste it into a service. While you can search for sites in the browser-based “App”, to copy a password you have to open the entry, reveal the password and copy it to the clipboard manually - a bit cumbersome, but you get used to it.
The experience with Apple Safari on the Mac wasn’t so good, but because this is true not just for LastPass, I’ve switched to Firefox a couple of weeks ago. In Firefox, I sometimes have an issue where the Vault (as the database is called in LastPass) doesn’t come up when I click on the LastPass icon in the browser’s menu bar. Restarting Firefox fixes this; I’m not sure if it is a Firefox or a LastPass issue. As I don’t use Chrome much, I can’t say anything about stability, other than it works fine when I test it.
In order to get all your passwords to sync to all your devices (which is absolutely fabulous!), you will need a LastPass account. This also means that your passwords are synced to the LastPass server farm (albeit encrypted). Wether or not this is an issue for you is your decision; I think two concepts are relevant to make it:
1. Nothing on the internet is safe. If you want safe, go back to writing letters on paper and posting them. Oh, and hope no one opens the envelope that isn’t supposed to read the content...
2. I’m quite sure that lastpass.com is one of THE target sites for hackers. Imagine getting your hands on a couple of thousand user records... up to date and as far as I know, no breach has been reported...
You can use LastPass as a local-only installation - in which case your data never leaves your PC (or Mac). This version is also completely free-of-charge! So there is no reason not to test the software. If you only use a single PC or Mac, then this is all you need.
Check LastPass out here.
I’d been using the same - albeit complex - password for nearly all the internet (and intranet) sites I use... with more and more news about cracked servers coming in on a daily basis, I finally decided to do something about the situation.
I researched several sites that reviewed password managers and finally ended up with LastPass, as it fulfills several requirements I have:
- usability on Mac at least on par with Windows
- usable on iOS
- usable on Android
- auto-fill capability
- multi-level authentication for security
LastPass ended up covering all of these requirements with bravado. It will auto-fill most webpages you call up automatically; some, it struggles with (strangely enough: my m0n0wall firewall in my local LAN is a candidate), but this is rarely the case.
Also quite nice is the recent addition of autofill on mobile devices, which makes working with passwords a snap for most apps / websites.
When I first signed up (the service costs $12/year, apps are free for all platforms), the safest method for multi-level authentication was a grid (unique to each user) you printed out. To authenticate, LastPass would give you five letter/number combinations which - when followed up on the grid - would generate five alphanumeric characters as an authentication code.
Recently, they have moved to using Google Authenticator, which reminds me of the RSA SecurID Token used to sign into VPNs. It works like a charm.
To further increase security, you can severely restrict the locale of the IP addresses that can be used to log in. I.e. if you know you’re never going to be in China, you can just close down all Chinese IP addresses as log-in sources. Sure, a Chinese hacker can VPN to an IP address based in Germany, for example, but the mechanism helps.
As the name implies, you do have to give your LastPass account one “last” password that you can easily remember but qualifies for a “safe” password. I.e.: don’t use your cat’s name here, because if someone figures it out, they have access to all of your passwords!
On first installation, LastPass offers to import all passwords from your browser(s). Since I used the browser auto-entry feature extensively, I let LastPass do this. After the fact, I’m not sure if this is a sensible step if you’re using the same password over and over, because you really don’t have much added value. On the other hand, you get a huge list of entries, some of which had up to 10 duplicates in my case, because browsers just don’t do the database thing very well.
LastPass will generate passwords for you; in fact, if you sign up to some service on the internet, LastPass consistently adds a small icon to the right of the fields where you are to enter and confirm the password to be used. I find this quite fascinating, since these fields have all sorts of different labels, etc., but perhaps there is a standard marking used in HTML to designate an entry field for the password.
In any case, if you click on this icon, LastPass will pop up a small window where you can not only generate a random password, but also change the parameters to be used, such as length, wether to make the password pronounceable or wether it can use special characters or not.
Especially the length and special characters settings can be quite important, as there are still services out there that restrict you to, say, 8 letters and/or numbers.
Once you have generated a password for the new service, LastPass offers to save the site (which is something you obviously want to do). You can name the site as you like and also select it as a favorite (which will make it come up at the top of the list in the LastPass panel), as well as assigning a category (such as “Online Shopping”). The categories can be typed in (for new ones) or selected from a dropdown list. They are optional, but very handy.
Perhaps odd at first is the fact that there is no LastPass App for Windows or Mac - you use it from a browser (all relevant browsers are supported). The mobile operating systems do have Apps to make the use simpler on these devices. On the mobile app, you can search for a site, for example (by any of its metadata) and chose “copy password do clipboard” if you need to manually paste it into a service. While you can search for sites in the browser-based “App”, to copy a password you have to open the entry, reveal the password and copy it to the clipboard manually - a bit cumbersome, but you get used to it.
The experience with Apple Safari on the Mac wasn’t so good, but because this is true not just for LastPass, I’ve switched to Firefox a couple of weeks ago. In Firefox, I sometimes have an issue where the Vault (as the database is called in LastPass) doesn’t come up when I click on the LastPass icon in the browser’s menu bar. Restarting Firefox fixes this; I’m not sure if it is a Firefox or a LastPass issue. As I don’t use Chrome much, I can’t say anything about stability, other than it works fine when I test it.
In order to get all your passwords to sync to all your devices (which is absolutely fabulous!), you will need a LastPass account. This also means that your passwords are synced to the LastPass server farm (albeit encrypted). Wether or not this is an issue for you is your decision; I think two concepts are relevant to make it:
1. Nothing on the internet is safe. If you want safe, go back to writing letters on paper and posting them. Oh, and hope no one opens the envelope that isn’t supposed to read the content...
2. I’m quite sure that lastpass.com is one of THE target sites for hackers. Imagine getting your hands on a couple of thousand user records... up to date and as far as I know, no breach has been reported...
You can use LastPass as a local-only installation - in which case your data never leaves your PC (or Mac). This version is also completely free-of-charge! So there is no reason not to test the software. If you only use a single PC or Mac, then this is all you need.
Check LastPass out here.
Beware of Facebook Phishing
All,
a quick word of warning, as there is a new batch of Facebook-lookalike phishing mails being sent out:
This is an attempt to - at the very least - verify your email address (in this case, it wasn’t the email address I use for my facebook account), possibly with additional attempts to gain details about your. I didn’t click on the button, so I couldn’t tell you what popped up... ;-)
Oddly enough, the sender didn’t try to mask the sending address; it came from directix@info.gamanetwork.com. Or perhaps it _was_ masked, though in that case I would have expected a service@facebook.com or similar...
Whenever you get an email with buttons like these - even if it really REALLY looks like it is from a legitimate source, always - ALWAYS - hover with your mouse over the button. Your mail software should show you the URL that button will call when clicked (if not, time to switch to something proper).
a quick word of warning, as there is a new batch of Facebook-lookalike phishing mails being sent out:
This is an attempt to - at the very least - verify your email address (in this case, it wasn’t the email address I use for my facebook account), possibly with additional attempts to gain details about your. I didn’t click on the button, so I couldn’t tell you what popped up... ;-)
Oddly enough, the sender didn’t try to mask the sending address; it came from directix@info.gamanetwork.com. Or perhaps it _was_ masked, though in that case I would have expected a service@facebook.com or similar...
Whenever you get an email with buttons like these - even if it really REALLY looks like it is from a legitimate source, always - ALWAYS - hover with your mouse over the button. Your mail software should show you the URL that button will call when clicked (if not, time to switch to something proper).
Bizarre phenomenon with flatbed scanner
18.04.14 Filed in: Software
This is really weird. I wanted to scan a picture my daughter had made. Not a problem, after all, I have my trusty old Epson Perfection 1640SU that works perfectly with Apple Image Capture (without loading a driver, mind you). I’ve been using it to scan in old photos and - since I have a lightbox for it - old negatives.
The image quality off this device is absolutely sufficient for what I’m trying to do, and the images made are very clear and clean.
Up to now.
I scanned the picture in full color and looked at the result on the screen. Weird. Bluish lines coming from the drawing. Maybe the scanner wasn’t warmed up properly, though I don’t understand why this would be the outcome from a cold lamp... usually, you get a magenta tint to the entire scan if that is the case.
So I scanned it again. Same effect.
I scanned the white background of the inside cover, to make sure something wasn’t coming through.
Nothing. A plain white JPG.
Okaaaay... so I physically turned the picture by 180° and scanned again. If it was something coming from the paper, it should produce the identical result, just turned by 180° is the JPG. While the effect was there again, the fuzzy blue lines looked different:
What you see on the left is Image Capture with the scanned image of the butterfly looking left. To the right of that is Preview with the previous scan (where the butterfly looked right) but turned 180° to make the two point in the same direction.
You can see that the odd blue lines are similar, but certainly different, between the two scans. So my first guess, that perhaps the scanner is picking up something in ultraviolet that the human eye can’t see, such as finger grease, doesn’t seem to be the case here.
I’m really confused as to what this could be... perhaps there is a static buildup within the CCD due to the high contrast between color and white that is discharging somewhere else and causing the scanner to pick up a bit that isn’t on the paper? I haven’t the faintest idea.
Anyone?
The image quality off this device is absolutely sufficient for what I’m trying to do, and the images made are very clear and clean.
Up to now.
I scanned the picture in full color and looked at the result on the screen. Weird. Bluish lines coming from the drawing. Maybe the scanner wasn’t warmed up properly, though I don’t understand why this would be the outcome from a cold lamp... usually, you get a magenta tint to the entire scan if that is the case.
So I scanned it again. Same effect.
I scanned the white background of the inside cover, to make sure something wasn’t coming through.
Nothing. A plain white JPG.
Okaaaay... so I physically turned the picture by 180° and scanned again. If it was something coming from the paper, it should produce the identical result, just turned by 180° is the JPG. While the effect was there again, the fuzzy blue lines looked different:
What you see on the left is Image Capture with the scanned image of the butterfly looking left. To the right of that is Preview with the previous scan (where the butterfly looked right) but turned 180° to make the two point in the same direction.
You can see that the odd blue lines are similar, but certainly different, between the two scans. So my first guess, that perhaps the scanner is picking up something in ultraviolet that the human eye can’t see, such as finger grease, doesn’t seem to be the case here.
I’m really confused as to what this could be... perhaps there is a static buildup within the CCD due to the high contrast between color and white that is discharging somewhere else and causing the scanner to pick up a bit that isn’t on the paper? I haven’t the faintest idea.
Anyone?
Post on Mashable? Only for your firstborn...
26.02.14 Filed in: Internet
Yikes; all I wanted to do is leave a comment on this Mashable article. That you have to sign in is understandable - who wants to read the opinion of an anonymous reader, after all.
But seriously, Mashable, do you really feel it is appropriate to ask for so much just for signing in via Twitter, Facebook or Google+?
For a Facebook signin, Mashable will receive your public profile and your friend list. No thanks.
Really cool is what happens when you sign in with Twitter:
Wow- “see who you follow and follow new people”? “Post Tweets for you”???? Are you completely off your rocker? I call that pirating my Twitter account, I don’t know what you would call it!
At least with google+, I was able to reduce the circles Mashable may see to a bare minimum, so I went with that.
The audacity some of these sites bring to the table really gets my goat, folks!
But seriously, Mashable, do you really feel it is appropriate to ask for so much just for signing in via Twitter, Facebook or Google+?
For a Facebook signin, Mashable will receive your public profile and your friend list. No thanks.
Really cool is what happens when you sign in with Twitter:
Wow- “see who you follow and follow new people”? “Post Tweets for you”???? Are you completely off your rocker? I call that pirating my Twitter account, I don’t know what you would call it!
At least with google+, I was able to reduce the circles Mashable may see to a bare minimum, so I went with that.
The audacity some of these sites bring to the table really gets my goat, folks!
Mavericks Update 10.9.2 and Mail crashes
26.02.14 Filed in: Mac
Wow, Apple’s first real security issue (the SSL GotoFail bug) and everyone jumps on the bandwagon to flog the company on not responding quickly enough.
Of course, I immediately updated both my systems with 10.9.2, which also includes some updates to Facetime, Mail, etc.
I had high hopes that my repetitive Mail crashes would be over after the update, but alas - Mail just crashed again. I guess it’s time to switch to Thunderbird...
Of course, I immediately updated both my systems with 10.9.2, which also includes some updates to Facetime, Mail, etc.
I had high hopes that my repetitive Mail crashes would be over after the update, but alas - Mail just crashed again. I guess it’s time to switch to Thunderbird...
FreeNAS Part 1 - bootable USB Stick
As time goes on, storage needs grow.
My RAID-1 IcyBox with 3GB was filling up fast, with less than half a TB left. NAS storage was maxed out (okay, its an older Synology 207+ with 2x 1TB, so nothing to brag about). Something bigger needed to be put together.
As I’m also using a single-drive Synology NAS (DS110J) for Email storage, SMTP and Surveillance Station, I know what Synology’s current NAS OS 4.3 can do (and can’t) - really, it is quite good, even though it has some issues with Jave and uses Flash (of all things) in its GUI.
Needless to say, I find the cost of a four-drive Synology NAS (or any other reputable manufacturer, for that matter) almost prohibitive, considering what you’re getting. By chance, I happened across several blog posts describing FreeNAS being implemented on an HP ProLiant Microserver. Surprisingly, you can get the current model (N54L) of that server for under 200€ on Amazon!
Since I’d done tests with FreeNAS, OpenMediaVault and NAS4Free in respective VM’s, I’d come to the conclusion that FreeNAS would be the way to go for my needs. It is based on FreeBSD and offers extremely simple boot from a USB stick image.
In this first part of a series of blog entries on FreeNAS, I’ll detail my first experiences with getting the software to boot from a USB stick.
1. Installation on bootable USB stick
Getting that image onto a stick and getting it to boot proved to be trickier than I expected. Reading several posts on the subject, the procedure that ended up working was as follows:
1) Extract run-time image from installation package
Download the IMG file for the installation package from here (make sure you choose the “Current Stable Release” on the right side).
There is an IMG inside the IMG used for a stick-based (or CD-based) installation that is the actual run-time image of FreeNAS. I.e.: open the IMG used for installation (which on a Mac is very easy) and copy the file FreeNAS-x64.img.xz to someplace where you’ll find it easily (i.e. the Desktop). The XZ format is a compression type used, for example, by
Then, pop the USB stick you want to install on (at least 2GB in size) into a port and open Terminal. First, you need to find out which disk device connects to the USB stick:
diskutil list
this should list the USB stick in a format similar to this (this is from my system, your device will be different).
/dev/disk3
#: TYPE NAME SIZE IDENTIFIER
0: Untitled *4.1 GB disk3
Next, you’ll want to unmount the stick (don’t eject it!) using the Terminal so that it becomes overwriteable:
diskutil unmountDisk /dev/disk3
Again, your device name may be different.
Lastly, you’ll write the runtime image onto the stick using the dd command:
sudo dd if=path_to_img of=/dev/disk3 bs=64k
Getting the path to the IMG file right is really simple on the Mac: just type in “sudo dd if=“ and then drag and drop the IMG file onto the Terminal window; Terminal will enter the path correctly. The bs qualifier indicates the blocksize to use for the copy. You’ll have to enter the password of an administrator account to run the command.
Copying everything over will take quite awhile; we’re talking over 220 MB after all (and the usual slowness of a USB stick in writing), so don’t be discouraged if, after an hour, the command still hasn’t finished.
Now you can pull the USB stick and pop it into the ProLiant’s internal USB port (on the N54L it is at the bottom left when you open the drive bay door).
My RAID-1 IcyBox with 3GB was filling up fast, with less than half a TB left. NAS storage was maxed out (okay, its an older Synology 207+ with 2x 1TB, so nothing to brag about). Something bigger needed to be put together.
As I’m also using a single-drive Synology NAS (DS110J) for Email storage, SMTP and Surveillance Station, I know what Synology’s current NAS OS 4.3 can do (and can’t) - really, it is quite good, even though it has some issues with Jave and uses Flash (of all things) in its GUI.
Needless to say, I find the cost of a four-drive Synology NAS (or any other reputable manufacturer, for that matter) almost prohibitive, considering what you’re getting. By chance, I happened across several blog posts describing FreeNAS being implemented on an HP ProLiant Microserver. Surprisingly, you can get the current model (N54L) of that server for under 200€ on Amazon!
Since I’d done tests with FreeNAS, OpenMediaVault and NAS4Free in respective VM’s, I’d come to the conclusion that FreeNAS would be the way to go for my needs. It is based on FreeBSD and offers extremely simple boot from a USB stick image.
In this first part of a series of blog entries on FreeNAS, I’ll detail my first experiences with getting the software to boot from a USB stick.
1. Installation on bootable USB stick
Getting that image onto a stick and getting it to boot proved to be trickier than I expected. Reading several posts on the subject, the procedure that ended up working was as follows:
1) Extract run-time image from installation package
Download the IMG file for the installation package from here (make sure you choose the “Current Stable Release” on the right side).
There is an IMG inside the IMG used for a stick-based (or CD-based) installation that is the actual run-time image of FreeNAS. I.e.: open the IMG used for installation (which on a Mac is very easy) and copy the file FreeNAS-x64.img.xz to someplace where you’ll find it easily (i.e. the Desktop). The XZ format is a compression type used, for example, by
Then, pop the USB stick you want to install on (at least 2GB in size) into a port and open Terminal. First, you need to find out which disk device connects to the USB stick:
diskutil list
this should list the USB stick in a format similar to this (this is from my system, your device will be different).
/dev/disk3
#: TYPE NAME SIZE IDENTIFIER
0: Untitled *4.1 GB disk3
Next, you’ll want to unmount the stick (don’t eject it!) using the Terminal so that it becomes overwriteable:
diskutil unmountDisk /dev/disk3
Again, your device name may be different.
Lastly, you’ll write the runtime image onto the stick using the dd command:
sudo dd if=path_to_img of=/dev/disk3 bs=64k
Getting the path to the IMG file right is really simple on the Mac: just type in “sudo dd if=“ and then drag and drop the IMG file onto the Terminal window; Terminal will enter the path correctly. The bs qualifier indicates the blocksize to use for the copy. You’ll have to enter the password of an administrator account to run the command.
Copying everything over will take quite awhile; we’re talking over 220 MB after all (and the usual slowness of a USB stick in writing), so don’t be discouraged if, after an hour, the command still hasn’t finished.
Now you can pull the USB stick and pop it into the ProLiant’s internal USB port (on the N54L it is at the bottom left when you open the drive bay door).
iBeacon vs. NFC
27.01.14 Filed in: Networking
This article by MotleyFool irked me. In it, two Fool guys are discussing the end of NFC, because Apple introduced iBeacon last year. Yikes, guys: you might be good at analyzing stocks, but apparently you don’t understand the technology and its uses quite that well.
To NFC or not to NFC, that is the question
First off, though, let me debunk a comment made by Rex Moore in the video linked to the article: “They actually used NFC in our badges this year, and it took a while -- like 5-10 seconds -- before you could get through the line”. This is how rumors are started.
I doubt that the tag used in the CES badges would qualify as an NFC tag, as this technology is quite specific. NFC stands for “Near Field Communication” and communication tends to imply that there isn’t just a monolog going on.
NFC was actually designed to get devices to talk to each other by getting them either very close or even touching them (initiating the bilateral communication by triggering the _ sensor in each device). NFC involves a somewhat complex protocol, which means that the circuitry that is used has to do a bit of work in formatting the communication. While there are unpowered NFC tags around, these, too, rely on very close proximity for activation, as they get the power for their chip from the device wishing to communicate with them (via induction).
For conference tags, I would generally assume that the much cheaper RFID standard is used. This, too, uses unpowered tags with a (much simpler) chip inside that are activated by inducing a current in the tag. Reading out an RFID tag takes less than a second; depending on the technology used (primarily the reader), you can read dozens of tags per second. In fact, RFID is used to identify items packed into crates that go into storage - by simply driving the crate through a high-power reader gate with a forklift.
If, as reported by Mr. Moore, getting past the conference entry gate took 5-10 seconds, then the problem isn’t reading out the tag but more likely an overloaded backend system that matches the information read from the tag with a database of valid badge ID’s.
NFC vs. iBeacon
In positioning iBeacon as a technology that will supplant NFC just shows how little understanding the two gentlemen from MotleyFool have of the positioning of each technology.
NFC’s primary reason-to-be is “willful” engagement of a transaction. I.e.: if you’re not bumping your NFC-enabled phone with the antennae pad of a vending machine, you’re not finishing the purchasing transaction of that bottle of water.
Technologies such as iBeacon, on the other hand, broadcast to and communicate with your device without your knowledge or even consent (though at least currently you have to install and activate an app to use it, which is consent in a way).
Yes, you could set up an iBeacon to transmit - to stay with Mr. Bleeker’s example - a “no chatting” instruction to an iPad used in the classroom. Unless students submit to device control software to be installed, however, that will hardly work. Also, since Bluetooth (the technology behind iBeacon) isn’t a line-of-sight transmission, it would also disable chat on any iPads used in the hallway in the vicinity of the iBeacon device in the classroom.
Personally, I believe using iBeacon to broadcast offers and special deals in stores (I wrote a business plan for such a scenario back in 2001!), or to use it for room-to-room services in hotels or even at home is a likely scenario. If NFC dies, it certainly won’t be because of technologies like iBeacon though.
------
Here is the comment I put on the MotleyFool site verbatim:
Comparing iBeacon and NFC as technologies that are very similar and suggesting that NFC will likely fail due to iBeacon shows you haven't understood the concepts behind the technologies that well.
To put it in just a few words: NFC implies a willful commitment to transact. That bottle of water won't be yours if you don't tap the vending machine's antennae pad with your phone. iBeacon (Nomen est Omen) is a technology to interact with your phone (or other device) without your consent, as long as you "opt in" by installing and enabling the required software.
These are two technologies are not competitors in any sense. If NFC fails, it will do so because the market doesn't want or need it, not because it is supplanted by iBeacon.
Oh, and the 5-10 seconds it took to get into CES wasn't because of a shortcoming of NFC, since the tags are RFID tags. These can be read out in a fraction of a second; the 5-10 seconds delay probably were due to an overloaded backend system trying to match the badge id to a database.
To NFC or not to NFC, that is the question
First off, though, let me debunk a comment made by Rex Moore in the video linked to the article: “They actually used NFC in our badges this year, and it took a while -- like 5-10 seconds -- before you could get through the line”. This is how rumors are started.
I doubt that the tag used in the CES badges would qualify as an NFC tag, as this technology is quite specific. NFC stands for “Near Field Communication” and communication tends to imply that there isn’t just a monolog going on.
NFC was actually designed to get devices to talk to each other by getting them either very close or even touching them (initiating the bilateral communication by triggering the _ sensor in each device). NFC involves a somewhat complex protocol, which means that the circuitry that is used has to do a bit of work in formatting the communication. While there are unpowered NFC tags around, these, too, rely on very close proximity for activation, as they get the power for their chip from the device wishing to communicate with them (via induction).
For conference tags, I would generally assume that the much cheaper RFID standard is used. This, too, uses unpowered tags with a (much simpler) chip inside that are activated by inducing a current in the tag. Reading out an RFID tag takes less than a second; depending on the technology used (primarily the reader), you can read dozens of tags per second. In fact, RFID is used to identify items packed into crates that go into storage - by simply driving the crate through a high-power reader gate with a forklift.
If, as reported by Mr. Moore, getting past the conference entry gate took 5-10 seconds, then the problem isn’t reading out the tag but more likely an overloaded backend system that matches the information read from the tag with a database of valid badge ID’s.
NFC vs. iBeacon
In positioning iBeacon as a technology that will supplant NFC just shows how little understanding the two gentlemen from MotleyFool have of the positioning of each technology.
NFC’s primary reason-to-be is “willful” engagement of a transaction. I.e.: if you’re not bumping your NFC-enabled phone with the antennae pad of a vending machine, you’re not finishing the purchasing transaction of that bottle of water.
Technologies such as iBeacon, on the other hand, broadcast to and communicate with your device without your knowledge or even consent (though at least currently you have to install and activate an app to use it, which is consent in a way).
Yes, you could set up an iBeacon to transmit - to stay with Mr. Bleeker’s example - a “no chatting” instruction to an iPad used in the classroom. Unless students submit to device control software to be installed, however, that will hardly work. Also, since Bluetooth (the technology behind iBeacon) isn’t a line-of-sight transmission, it would also disable chat on any iPads used in the hallway in the vicinity of the iBeacon device in the classroom.
Personally, I believe using iBeacon to broadcast offers and special deals in stores (I wrote a business plan for such a scenario back in 2001!), or to use it for room-to-room services in hotels or even at home is a likely scenario. If NFC dies, it certainly won’t be because of technologies like iBeacon though.
------
Here is the comment I put on the MotleyFool site verbatim:
Comparing iBeacon and NFC as technologies that are very similar and suggesting that NFC will likely fail due to iBeacon shows you haven't understood the concepts behind the technologies that well.
To put it in just a few words: NFC implies a willful commitment to transact. That bottle of water won't be yours if you don't tap the vending machine's antennae pad with your phone. iBeacon (Nomen est Omen) is a technology to interact with your phone (or other device) without your consent, as long as you "opt in" by installing and enabling the required software.
These are two technologies are not competitors in any sense. If NFC fails, it will do so because the market doesn't want or need it, not because it is supplanted by iBeacon.
Oh, and the 5-10 seconds it took to get into CES wasn't because of a shortcoming of NFC, since the tags are RFID tags. These can be read out in a fraction of a second; the 5-10 seconds delay probably were due to an overloaded backend system trying to match the badge id to a database.
Samsung Kies - Just not Apple Quality!
23.01.14 Filed in: Software
The connectivity software Samsung supplies (“Kies” - who thought of that name??? In German it means either “Pebbles” or “Money”) looks quite nice from the GUI but turned out to be a complete disaster.
There are two Mac versions you can download from the website: if you go to the direct download on the support site, you’ll get a version 3.0.1.14012_5 which shows a copyright of 2012 in the loading splash window and a copyright of 2011 in the “About” window. I hope product management does a better job with the hardware than with the software.
After several tries and finally doing a Tools -> Reinstall Driver (whatever that is supposed to do), I got the phone to connect. Connection is flakey - sometimes it doesn’t see the phone even though the phone itself shows that it is connected via USB, then you unplug and plug back in and it connects to the software. Weird.
The first thing I wanted to do is back up the phone, something the software seems to make extremely simple (just select “Backup all” and click on “Backup” and off it goes), unfortunately it just didn’t do anything.
You get a spinning symbol on the first item to be backed up, but no data transfers; not even after waiting for a good 15 minutes. The software isn’t hung up, however, as it is possible to cancel the backup, after which the software informs you that everything backed up (it didn’t). Deselecting the first item that is backed up (which isn’t the first item in the list, mind you) doesn’t change anything - the same issue crops up with the next item in the list.
Trying to select a Podcast then ended up crashing my Mac in a manner that was so fierce, the poor GPU didn’t even have time to clear the screen: the restart information got written over the display! The system forced an fsck and found a load of orphaned files and directories, which really made me nervous. Also, my desktop picture was changed to the Mavericks standard...! Crazy!
I tried the Podcast subscription again and the system stayed stable; Kies, however, didn’t do squat with the Podcast - the subscription wasn’t registered. Crap!
If you look in the download - files section of the website, you are presented with a version 2.x of the software, and a clear statement that the software is only available for MacOS 10.5 - 10.7! I send an email to Samsung support in Germany, asking wether this was a negligence on part of the web admin or if the software really wasn’t made for any Mac OS junger than two years old.
I quote from Samsung’s reply:
Derzeitig wird Kies, wie angegeben, nur für Mac OS 10.5 bis 10.7 unterstützt. Leider liegen uns keine Informationen über ein geplantes Update vor.
Translated, this means that the software really is only compatible with 10.5 to 10.7 and there apparently are no plans to update the software to run on current Macs!
So I fired up Windows 7 in a VM and installed the Windows version of Kies. It’s a workaround I can live with, since I would only use the software to back up the phone and update it to a new version of Android.
Unfortunately, the freshly downloaded Windows version of the software seems to be similar crap to the Mac version: while the download actually did start moving some data across the USB cable (veeeery slowly, mind), it stopped at the third item with the same effect as on the Mac: it just kept the rotating symbol on that item and would probably still be there now, hadn’t I stopped the software after about an hour.
Interesting is also, that after stopping, the software correctly indicates that finishing the sync was interrupted; incorrect is the statement that the data was successfully stored (“erfolgreich gesichert”).
There are two Mac versions you can download from the website: if you go to the direct download on the support site, you’ll get a version 3.0.1.14012_5 which shows a copyright of 2012 in the loading splash window and a copyright of 2011 in the “About” window. I hope product management does a better job with the hardware than with the software.
After several tries and finally doing a Tools -> Reinstall Driver (whatever that is supposed to do), I got the phone to connect. Connection is flakey - sometimes it doesn’t see the phone even though the phone itself shows that it is connected via USB, then you unplug and plug back in and it connects to the software. Weird.
The first thing I wanted to do is back up the phone, something the software seems to make extremely simple (just select “Backup all” and click on “Backup” and off it goes), unfortunately it just didn’t do anything.
You get a spinning symbol on the first item to be backed up, but no data transfers; not even after waiting for a good 15 minutes. The software isn’t hung up, however, as it is possible to cancel the backup, after which the software informs you that everything backed up (it didn’t). Deselecting the first item that is backed up (which isn’t the first item in the list, mind you) doesn’t change anything - the same issue crops up with the next item in the list.
Trying to select a Podcast then ended up crashing my Mac in a manner that was so fierce, the poor GPU didn’t even have time to clear the screen: the restart information got written over the display! The system forced an fsck and found a load of orphaned files and directories, which really made me nervous. Also, my desktop picture was changed to the Mavericks standard...! Crazy!
I tried the Podcast subscription again and the system stayed stable; Kies, however, didn’t do squat with the Podcast - the subscription wasn’t registered. Crap!
If you look in the download - files section of the website, you are presented with a version 2.x of the software, and a clear statement that the software is only available for MacOS 10.5 - 10.7! I send an email to Samsung support in Germany, asking wether this was a negligence on part of the web admin or if the software really wasn’t made for any Mac OS junger than two years old.
I quote from Samsung’s reply:
Derzeitig wird Kies, wie angegeben, nur für Mac OS 10.5 bis 10.7 unterstützt. Leider liegen uns keine Informationen über ein geplantes Update vor.
Translated, this means that the software really is only compatible with 10.5 to 10.7 and there apparently are no plans to update the software to run on current Macs!
So I fired up Windows 7 in a VM and installed the Windows version of Kies. It’s a workaround I can live with, since I would only use the software to back up the phone and update it to a new version of Android.
Unfortunately, the freshly downloaded Windows version of the software seems to be similar crap to the Mac version: while the download actually did start moving some data across the USB cable (veeeery slowly, mind), it stopped at the third item with the same effect as on the Mac: it just kept the rotating symbol on that item and would probably still be there now, hadn’t I stopped the software after about an hour.
Interesting is also, that after stopping, the software correctly indicates that finishing the sync was interrupted; incorrect is the statement that the data was successfully stored (“erfolgreich gesichert”).
Samsung Galaxy S4 Active - First Impressions
23.01.14 Filed in: Android
Since updating my company iPhone 4 to iOS 7, the thing has basically become unusable. Since even the new iPhones sport a screen size that isn’t of much use to me, I finally decided to go for a 5” Android phone.
My first experiences with Android were - with the exception of the greatly underdimensioned Xperia Pro hardware - quite good, after all, so I wasn’t afraid of the switch.
After getting my contacts (that I had moved back to iCloud after switching back to the iPhone) moved to Gmail, I was good to go.
A colleague has a predecessor of the Note 3 and is very happy with it, so I was swaying in that direction, but when I saw that there was an “Active” version of the S4 with a slightly “smaller” screen, that seemed the ideal solution.
The Active has the same internals as the regular S4 but with an LCD screen instead of an AMOLED, as the latter is often too dim for use in bright sunlight. Also, the Active is rated IP67, which means you can actually take pictures under water (down to 3 feet). It also has a metal frame, which - I would hope - will make it a bit sturdier in case of a drop. On the negative side, the camera in the Active has a lower pixel count than on the regular S4.
Also, the Active is available in orange, which to me seemed a nice complement to the red case of the Xperia Pro. Speedy as always, Amazon Prime delivered on the day after it was ordered.
My first day with the phone wasn’t, however, so positive.
See my separate review of Samsung Kies, the connectivity software available for the Active.
Burning through the Battery
The main problem I had with the phone on the first day was an android service called CloudAgent, which apparently is used for all cloud sync activities such as backup to the Samsung account as well as Dropbox. This ended up using a major portion of the battery’s juice:
Just before the phone gave out (which wasn’t much after this screenshot was taken; don’t be fooled by the “3h 53m on battery” - it was charged in-between), CloudAgent had kept the CPU active for over 2 hours! Needless to say, the phone could have been used as a pocket hand warmer the entire 3 1/2 hours it stayed on.
Luckily, I got that fixed relatively quickly: I turned off all dropbox syncing and the problem went away.
GPS Fix
The second issue on the first day was that it wasn’t able to get a GPS fix - seemingly at all. One of the reasons for wanting a phone with a bigger screen was to replace my 2005 TomTom XL (shelling out 70€ for a new map for a device this old really bakes my cake!). My colleague had shown me a free-to-use navigation software that stored its maps on the device SD card, and this was one of the reasons for me to switch to Android.
However, the phone simply wouldn’t get the GPS fix. Okay, I was indoors, but right next to a very large window wall; the iPhone likely would have gotten the fix quite quickly.
On-Phone OS Update
One of the settings (About Device -> Software Update) showed that an update was available for installation. It turned out to be a 192 MByte download, quite a sizable package, considering I’ve read that Android 4.4 is “only” 56 MByte in size.
Comparison to iPhone 4
Besides the screen size (which is the reason I left the Apple universe in the first place), there are other, major differences to the iPhone 4 (and 5c, which I’ve used quite a bit).
For one thing, the phone is nicely and completely unexpectedly light in comparison. I’m not going to bother with gram figures; it’s the haptic experience I’m interested in. This thing weighs nothing in comparison to the iPhone 4!
The screen is great; one thing Android really does much better than iOS (even version 7) is to provide selectable font sizes that really work. Great for someone that needed his glasses on to use the iPhone - with the larger fonts and the larger display, I can read everything on the screen without glasses!
The display is, of course, much brighter and “prettier” than that of the iPhone 4, but that isn’t a fair comparison. But even comparing it to the 5c, it stands out.
My first experiences with Android were - with the exception of the greatly underdimensioned Xperia Pro hardware - quite good, after all, so I wasn’t afraid of the switch.
After getting my contacts (that I had moved back to iCloud after switching back to the iPhone) moved to Gmail, I was good to go.
A colleague has a predecessor of the Note 3 and is very happy with it, so I was swaying in that direction, but when I saw that there was an “Active” version of the S4 with a slightly “smaller” screen, that seemed the ideal solution.
The Active has the same internals as the regular S4 but with an LCD screen instead of an AMOLED, as the latter is often too dim for use in bright sunlight. Also, the Active is rated IP67, which means you can actually take pictures under water (down to 3 feet). It also has a metal frame, which - I would hope - will make it a bit sturdier in case of a drop. On the negative side, the camera in the Active has a lower pixel count than on the regular S4.
Also, the Active is available in orange, which to me seemed a nice complement to the red case of the Xperia Pro. Speedy as always, Amazon Prime delivered on the day after it was ordered.
My first day with the phone wasn’t, however, so positive.
See my separate review of Samsung Kies, the connectivity software available for the Active.
Burning through the Battery
The main problem I had with the phone on the first day was an android service called CloudAgent, which apparently is used for all cloud sync activities such as backup to the Samsung account as well as Dropbox. This ended up using a major portion of the battery’s juice:
Just before the phone gave out (which wasn’t much after this screenshot was taken; don’t be fooled by the “3h 53m on battery” - it was charged in-between), CloudAgent had kept the CPU active for over 2 hours! Needless to say, the phone could have been used as a pocket hand warmer the entire 3 1/2 hours it stayed on.
Luckily, I got that fixed relatively quickly: I turned off all dropbox syncing and the problem went away.
GPS Fix
The second issue on the first day was that it wasn’t able to get a GPS fix - seemingly at all. One of the reasons for wanting a phone with a bigger screen was to replace my 2005 TomTom XL (shelling out 70€ for a new map for a device this old really bakes my cake!). My colleague had shown me a free-to-use navigation software that stored its maps on the device SD card, and this was one of the reasons for me to switch to Android.
However, the phone simply wouldn’t get the GPS fix. Okay, I was indoors, but right next to a very large window wall; the iPhone likely would have gotten the fix quite quickly.
On-Phone OS Update
One of the settings (About Device -> Software Update) showed that an update was available for installation. It turned out to be a 192 MByte download, quite a sizable package, considering I’ve read that Android 4.4 is “only” 56 MByte in size.
Comparison to iPhone 4
Besides the screen size (which is the reason I left the Apple universe in the first place), there are other, major differences to the iPhone 4 (and 5c, which I’ve used quite a bit).
For one thing, the phone is nicely and completely unexpectedly light in comparison. I’m not going to bother with gram figures; it’s the haptic experience I’m interested in. This thing weighs nothing in comparison to the iPhone 4!
The screen is great; one thing Android really does much better than iOS (even version 7) is to provide selectable font sizes that really work. Great for someone that needed his glasses on to use the iPhone - with the larger fonts and the larger display, I can read everything on the screen without glasses!
The display is, of course, much brighter and “prettier” than that of the iPhone 4, but that isn’t a fair comparison. But even comparing it to the 5c, it stands out.
Moving contacts from iCloud to Gmail on Mavericks
21.01.14 Filed in: Mac
Yesterday, I ordered a Samsung Galaxy S4 Active as a replacement for my iPhone 4 - the latter of which just isn’t fit enough for iOS7 (and an attempt to revert to iOS 6 failed).
While my calendars have been - since my bout with a Sony Xperia Pro - on Google, I’d reverted my contacts back to iCloud when I switched back to the iPhone. Since my Mac Mini is running Mavericks and a local set of Contacts apparently doesn’t fit Apple’s grand plan anymore, I searched for a simple mechanism to transfer all my contacts from iCloud to Gmail. I was able to find these excellent instructions.
Interestingly, when I first attempted to export my contacts, iCloud crashed (!) with an error:
Here are the first few lines from the Details section:
ERROR
'undefined' is not an object (evaluating 't.objectAt(0).get'). The calling function is download@
FILE
https://www.icloud.com/applications/contacts/1U.114861/en-us/javascript-packed.js
Oddly enough, it worked on the second attempt without a hitch.
However: if you do the transfer this way, then you will loose all contact pictures, as those are not transferrable via Vcard objects.
Perhaps much easier and less error-prone is to set up the Gmail contact connection as described, make sure you have no contacts in Gmail at all (you can delete them in 250-unit bundles by clicking “select all” and then “delete Contacts”) and doing a copy-paste of all iCloud contacts to the Gmail contacts.
You can’t use Select All in the Contacts app, as this will also select any other contact accounts you may have set up (including the Gmail one). You’ll have to select the first contact in the iCloud list and scroll all the way down to the last, hit Shift and select it - this selects all contacts in iCloud.
Then, just drag the entire contact list to the Gmail account on the left and let it rip - depending on how many contacts you have in iCloud, this may take quite a while (my 1,600+ contacts took hours!). Don’t be shocked when your system doesn’t respond properly anymore; this process uses all CPU cores you have and the scheduler definitely seems to prefer the Addresses application, at least while it is copying the contacts locally.
Once all the contacts are copied over (you can tell by the spinning thingie
next to your Gmail account on the sidebar disappearing), you can go into system settings to remove the checkmark next to Contacts in the iCloud account setup and be left with all-Gmail contacts on your Mac.
When I did it this way, pictures were transferred. The only issue I came across was this error after about 240 contacts having transferred out to Google:
I quit Contacts and re-started it, and it continued uploading contacts. This happened a couple of times. With every re-start, Contacts seemingly re-uploaded already uploaded contacts again.
Running a “combine” in Gmail did remove the double entries, but - strangely enough - they were then uploaded again by Contacts. This didn’t affect all contacts, only certain ones; I have no idea what triggered a duplicate upload. Really odd is: the duplication only happened in Gmail - luckily. No duplicates were synced back to my Mac.
After combining the double entries a few times, I gave up on that until the transfer was through, as it seemed to slow things up, caused by the re-transfer of duplicates.
When it finally got done, I ran the “combine” on Gmail and forced a re-sync in the Contacts app (by removing the checkmark from Contacts in the Gmail account setup, quitting contacts, re-enabling and re-starting Contacts). Contacts did the sync back very quickly and I ended up with the same number of contact entries on both sides.
------------------------- Update 2014-01-22 -------------------------
here is a comment by Jimmy Obomsawin, who wrote the article I linked to at the top of this post:
Contact pics are included when exporting using Contacts in Mavericks, but I wanted instructions that worked universally, since many of my readers use Windows computers. When exporting from Contacts, just make sure that you go to Settings > vCard, and turn on “Export Photos in vCard”.
While my calendars have been - since my bout with a Sony Xperia Pro - on Google, I’d reverted my contacts back to iCloud when I switched back to the iPhone. Since my Mac Mini is running Mavericks and a local set of Contacts apparently doesn’t fit Apple’s grand plan anymore, I searched for a simple mechanism to transfer all my contacts from iCloud to Gmail. I was able to find these excellent instructions.
Interestingly, when I first attempted to export my contacts, iCloud crashed (!) with an error:
Here are the first few lines from the Details section:
ERROR
'undefined' is not an object (evaluating 't.objectAt(0).get'). The calling function is download@
FILE
https://www.icloud.com/applications/contacts/1U.114861/en-us/javascript-packed.js
Oddly enough, it worked on the second attempt without a hitch.
However: if you do the transfer this way, then you will loose all contact pictures, as those are not transferrable via Vcard objects.
Perhaps much easier and less error-prone is to set up the Gmail contact connection as described, make sure you have no contacts in Gmail at all (you can delete them in 250-unit bundles by clicking “select all” and then “delete Contacts”) and doing a copy-paste of all iCloud contacts to the Gmail contacts.
You can’t use Select All in the Contacts app, as this will also select any other contact accounts you may have set up (including the Gmail one). You’ll have to select the first contact in the iCloud list and scroll all the way down to the last, hit Shift and select it - this selects all contacts in iCloud.
Then, just drag the entire contact list to the Gmail account on the left and let it rip - depending on how many contacts you have in iCloud, this may take quite a while (my 1,600+ contacts took hours!). Don’t be shocked when your system doesn’t respond properly anymore; this process uses all CPU cores you have and the scheduler definitely seems to prefer the Addresses application, at least while it is copying the contacts locally.
Once all the contacts are copied over (you can tell by the spinning thingie
next to your Gmail account on the sidebar disappearing), you can go into system settings to remove the checkmark next to Contacts in the iCloud account setup and be left with all-Gmail contacts on your Mac.When I did it this way, pictures were transferred. The only issue I came across was this error after about 240 contacts having transferred out to Google:
I quit Contacts and re-started it, and it continued uploading contacts. This happened a couple of times. With every re-start, Contacts seemingly re-uploaded already uploaded contacts again.
Running a “combine” in Gmail did remove the double entries, but - strangely enough - they were then uploaded again by Contacts. This didn’t affect all contacts, only certain ones; I have no idea what triggered a duplicate upload. Really odd is: the duplication only happened in Gmail - luckily. No duplicates were synced back to my Mac.
After combining the double entries a few times, I gave up on that until the transfer was through, as it seemed to slow things up, caused by the re-transfer of duplicates.
When it finally got done, I ran the “combine” on Gmail and forced a re-sync in the Contacts app (by removing the checkmark from Contacts in the Gmail account setup, quitting contacts, re-enabling and re-starting Contacts). Contacts did the sync back very quickly and I ended up with the same number of contact entries on both sides.
------------------------- Update 2014-01-22 -------------------------
here is a comment by Jimmy Obomsawin, who wrote the article I linked to at the top of this post:
Contact pics are included when exporting using Contacts in Mavericks, but I wanted instructions that worked universally, since many of my readers use Windows computers. When exporting from Contacts, just make sure that you go to Settings > vCard, and turn on “Export Photos in vCard”.
Internet Appliance Botnet-Attack
This article by Proofpoint seems to indicate that everyday, connected appliances such as TV’s, Media Centers, Network Routers and even a Refrigerator have been “assimilated” into a Botnet to send out Spam Emails.
While a Media Center likely has a full-blown Linux (or Windows, in the case of Microsoft devices) on it, a Router certainly will not. I’ve used a number of different Internet routers in the last 15 years, such as a simple D-Link device, an AVM Fritzbox and, in the last couple of years an appliance with m0n0wall installed.
I can’t, for the life of me, imagine that these offer the ability to install a botnet. Sure, give an experienced hacker a device that is open to the WAN side (none are when you pull them out of the box!) and enough time, they will likely gain access to at least the admin menu. Using that, I would imagine it is possible to install a different, roll-your-own firmware that would render the device into a “Borg”. This would, in all likelyhood render the router incapable of doing “it’s thing”, which would obviously uncover the heist very quickly.
That said, botnets aren’t installed by a human taking an hour to hack into the device and load a new firmware (or install malware), but by automated mechanisms run - usually - on other “assimilated” bots.
TV’s and refrigerators will likely also have slimmed-down Linux OS’s that would probably require replacing at least the Kernel to function as a bot; in the case of a TV, that should make using the device spotty at best.
Also, don’t forget: generally, these devices are all in a private network of some sort, protected by IP filters. Again, hackable by a human (given enough time) for sure, but likely not by an automaton.
I’m not a botnet expert, but this sounds too outlandish to be more than a highly interpreted piece of marketing...
While a Media Center likely has a full-blown Linux (or Windows, in the case of Microsoft devices) on it, a Router certainly will not. I’ve used a number of different Internet routers in the last 15 years, such as a simple D-Link device, an AVM Fritzbox and, in the last couple of years an appliance with m0n0wall installed.
I can’t, for the life of me, imagine that these offer the ability to install a botnet. Sure, give an experienced hacker a device that is open to the WAN side (none are when you pull them out of the box!) and enough time, they will likely gain access to at least the admin menu. Using that, I would imagine it is possible to install a different, roll-your-own firmware that would render the device into a “Borg”. This would, in all likelyhood render the router incapable of doing “it’s thing”, which would obviously uncover the heist very quickly.
That said, botnets aren’t installed by a human taking an hour to hack into the device and load a new firmware (or install malware), but by automated mechanisms run - usually - on other “assimilated” bots.
TV’s and refrigerators will likely also have slimmed-down Linux OS’s that would probably require replacing at least the Kernel to function as a bot; in the case of a TV, that should make using the device spotty at best.
Also, don’t forget: generally, these devices are all in a private network of some sort, protected by IP filters. Again, hackable by a human (given enough time) for sure, but likely not by an automaton.
I’m not a botnet expert, but this sounds too outlandish to be more than a highly interpreted piece of marketing...
Phishing wird "intelligenter"
Die Zeiten von “I am the brother of the president of Nigeria” sind zwar nicht vorbei, dafür werden die Phishing-Betreiber “intelligenter” was die Aufmachung ihrer Emails angeht.
Heute ist diese Email bei mir angekommen:
Ich habe explizit die Bilder nicht geladen, da in Bildaufrufen oft eine Kodierung versteckt wird, die Rückschlüsse wie eine Empfangsbestätigung ermöglicht. Zum anderen aber, um aufzeigen zu können, dass die Bilder tatsächlich von telekom.de gezogen werden (die gelb hinterlegte Anzeige kommt beim Mouse-Hover über dem Bild und gibt die Quell-URL an).
Lediglich der Link für den Download zeigt nicht auf die Telekom, sondern auf die URL http://581khg.nuusi.net/telekom/ (bitte nicht testen!!!).
Wäre ich Telekom-Kunde, hätte ich ggf. ungeprüft draufgeklickt. Um so wichtiger ist die Funktion, die jeder moderne Mailclient bietet: via Mouse-Hover sich ein Bild von der URL zu machen, die tatsächlich beim Anklicken aufgerufen wird. Oft werden nämlich http: URLs angegeben, hinter denen sich ganz andere URL’s verbergen.
Heute ist diese Email bei mir angekommen:
Ich habe explizit die Bilder nicht geladen, da in Bildaufrufen oft eine Kodierung versteckt wird, die Rückschlüsse wie eine Empfangsbestätigung ermöglicht. Zum anderen aber, um aufzeigen zu können, dass die Bilder tatsächlich von telekom.de gezogen werden (die gelb hinterlegte Anzeige kommt beim Mouse-Hover über dem Bild und gibt die Quell-URL an).
Lediglich der Link für den Download zeigt nicht auf die Telekom, sondern auf die URL http://581khg.nuusi.net/telekom/ (bitte nicht testen!!!).
Wäre ich Telekom-Kunde, hätte ich ggf. ungeprüft draufgeklickt. Um so wichtiger ist die Funktion, die jeder moderne Mailclient bietet: via Mouse-Hover sich ein Bild von der URL zu machen, die tatsächlich beim Anklicken aufgerufen wird. Oft werden nämlich http: URLs angegeben, hinter denen sich ganz andere URL’s verbergen.
Check your router!
I was pretty surprised to read in this article, that a number of brand-name routers offer a “backdoor” via their WAN IP, Port 32764. Via this port, it is possible to read out various variables and settings, the knowledge of which greatly aid a hacker trying to get into the private network behind the device.
In some cases, it was apparently possible to change settings in the router via this port!!!
So: you may do well to make sure your router isn’t affected. Heise Verlag of Germany offers a free scan service that - using your IP address (which your Webbrowser knows about) - scans your router from the outside to see if it can find any open ports (that shouldn’t be).
For all you non-German-speakers out there, just click the “Ich bestätige, dass ich berechtigt bin, die IP-Adresse x.x.x.x zu scannen.” Checkbox (which indicates that you’re permitting the port scan to happen, and that you have the right to have that address scanned) and select the “Router-Backdoor” radio button. Then hit “Scan starten” and you get a result nearly instantly.
You may also wish to run the “Router” version of the test, which checks more ports as well as the just discussed “backdoor” port:
If the result is green, you’re good to go - if it is red, well then you have a problem.
If you’re versed in IP ports, you may also want to do the check with either the “Windows standard” or “UNIX standard” radio buttons selected - these do extensive port scans based on wether you’re using a Windows or a UNIX-based (MacOS, Linux, etc.) computer.
In some cases, it was apparently possible to change settings in the router via this port!!!
So: you may do well to make sure your router isn’t affected. Heise Verlag of Germany offers a free scan service that - using your IP address (which your Webbrowser knows about) - scans your router from the outside to see if it can find any open ports (that shouldn’t be).
For all you non-German-speakers out there, just click the “Ich bestätige, dass ich berechtigt bin, die IP-Adresse x.x.x.x zu scannen.” Checkbox (which indicates that you’re permitting the port scan to happen, and that you have the right to have that address scanned) and select the “Router-Backdoor” radio button. Then hit “Scan starten” and you get a result nearly instantly.
You may also wish to run the “Router” version of the test, which checks more ports as well as the just discussed “backdoor” port:
If the result is green, you’re good to go - if it is red, well then you have a problem.
If you’re versed in IP ports, you may also want to do the check with either the “Windows standard” or “UNIX standard” radio buttons selected - these do extensive port scans based on wether you’re using a Windows or a UNIX-based (MacOS, Linux, etc.) computer.
Gartner-Study: Borderline Rediculous
09.01.14 Filed in: Opinion
Here is a new study by Gartner that really gets my goat. Who on earth thought of putting operating systems for different types of equipment into the same study?
Matching MacOS vs. Windows or Android vs. iOS is ok, but what’s the point of throwing them all into the same pot? And: why is Linux missing? Linux is - in one form or another - likely to be the most-used OS anyway.
Most NAS units, plenty of IT-Appliances (Routers, Access Points, Firewalls, etc.), Car Radios, consumer equipment, some Smartphones, etc. run Linux. Had Linux been included, my educated guess would be that it beats all of the named OS’s hands down.
Ah, by the way Gartner, did you forget that both Android and Chrome are based on Linux?
C’mon Gartner, don’t you have better and more intelligent things to do?
Matching MacOS vs. Windows or Android vs. iOS is ok, but what’s the point of throwing them all into the same pot? And: why is Linux missing? Linux is - in one form or another - likely to be the most-used OS anyway.
Most NAS units, plenty of IT-Appliances (Routers, Access Points, Firewalls, etc.), Car Radios, consumer equipment, some Smartphones, etc. run Linux. Had Linux been included, my educated guess would be that it beats all of the named OS’s hands down.
Ah, by the way Gartner, did you forget that both Android and Chrome are based on Linux?
C’mon Gartner, don’t you have better and more intelligent things to do?