Thanks, Apple, But I Think I’ll Pass on Yosemite

I have computers on Windows, Mac OSX, and Linux.  Various levels and flavors of all of the above actually.

There’s always the question as to when or whether to upgrade them.

Linux is pretty simple – when your distribution changes, give it a week or so and listen to the chatter.  If the chatter is clear, go for it.  I’ve never had a problem here.

Windows.  I have a Windows 7 machine that won’t get upgraded because it’s an old Core 2 Duo machine.  It will either die before Windows 7 does or it will get given away.  Windows 8 became Windows 8.1 as soon as it was offered to me.  Windows 8 was an abortion, Windows 8.1 is manageable.  Just add Classic Shell and it cleaned up almost all of that Modern/Metro hideousness and pushed it aside.  Classic Shell made that ugly block land go away and replaced it with all the desktop land goodness that I need to get things done.  It’s still there, lurking under the hood, but I couldn’t tell you the last time I had to use one of those ugly blocky programs that Microsoft mistakenly thinks I need to slice, dice, and make julienne fries.  Other than network access which the Modern/Metro interface gets in the way massively and then drops you back to a desktop app to actually get the job done to disable and enable things.

I don’t.  ‘Nuff said about that.

Then there’s the Mac.  I always liked the sleekness and the design of them.  Beautiful hardware, a well thought out interface.  When I need to use my Mac, it is almost always a pleasure.  I got the thing, installed Snow Leopard, and it purred.  When the Mavericks upgrade was offered, it was free so why not?  I noticed no real problems there, and since I am a lightweight user of my Mac it’s fine.

I’ve heard reports that Mavericks slowed memory access from the prior version, Lion, but like I said: I’m a lightweight user so I don’t notice.

They put out a new operating system, Yosemite.  Since I knew about the memory speed issue, I thought I’d wait.  Let the experts go after it.

I’m glad I did because there are some privacy issues that made me uncomfortable with things.

Everyone likes having search functions on their computers and generally don’t think twice about how things are done.  What happens is that that information you are looking for is sent back to the program to check its indexes and report back to you when it finds what it thinks is the right answer.

That was all well and good back in the good old days when it was enough just to search this current computer.  Some smart people decided that they’d go out and do a search on the internet to give back more content.   It’s a built in function on the desktop called Spotlight that phones home to Apple and does that search. 

Fair enough if you’re actually doing an internet search.  But why do you need that search to go back to Apple if you’re just looking for a file on “this” computer?  If you are searching for movie information or maps, it’s going to send back your current location, as well as the current device you are on, and anything else that it thinks is pertinent such as language settings and what apps you have used.

To be fair to Apple, you can turn this off, but I have done enough support to know that unless someone turns that sort of thing off for you it won’t get done. 

The flip side to that is that if you have turned it off, location services are one of those things that get rather naggy to have turned off.  Your searches get a helpful prompt asking you to turn on location services and eventually you wear down and just leave them on.

Checking my Android phone, location services is turned on there, and we know that all that sort of thing goes on there with Google.  If you want a smartphone these days, you are either going to have Apple or Google put their hand in your pocket and watch over every move you make that they believe they need to, it’s part of the game.

The idea of having big brother was scary enough when I read 1984, but the reality is that we all now have that big brother in our own pocket and don’t think too much about it.

Nothing to see here, keep moving on.

All this was reported in the Washington Post’s technology blog a while back, and apparently Apple has been taking heat about their decisions to make these changes. 

There is a website called fix-macosx.com that promises to give you information how to take back some privacy and turn off some of Apple’s data collection.

This all is a change of heart since the old days where the Mac was more privacy friendly.  Now, they’re going all in and sucking down all this info while you happily go along with it.  Since Apple is notoriously tight lipped about what they do internally, I suspect that it will be a long time before we find out just exactly what they’re doing with all that data.

No thanks, I’ll pass.

Password Frustrations

So tell me why is it that some websites have a Fort Knox approach to passwords when it may not be appropriate?

Most of that is answered with a question:  Appropriate to whom?

The best way to answer all of this for myself is through examples.

I have a few passwords that I repeat all over the place.  The reason why I repeat them is because I don’t care if the account gets compromised.  Websites that require free registration are typical of this.  If you aren’t really invested in the information, a password is a nuisance and I generally give them “that password”.

“That Password” was one that I used at work, years ago.  It became something that quickly formed a “body memory” in that I could sit at a keyboard and just burst it through my fingers.  So why not, right?

The problem there is “Familiarity Breeds Contempt”.  You want a password you know, and that you think others won’t guess, but not too simple.  That leaves out things like your dog’s name, Mom’s name, your elementary school, 12345, password, or the ever favorite “qwerty”.

Why?  When someone tries to crack a password online, any given network for example, they typically won’t walk up to “your” computer and type away.  They’ll be noticed. 

Who was that guy in cubicle 9 anyway?

They will use software that will show up if someone is actually watching the store.  That network guy who is usually in cubicle 9 is probably down the hall watching the statistics on a remote computer or the phone, and locking down that specific port or address coming in to his network that someone outside is running the software on and will be back in a moment.  He’s got to stop off and visit the boss, grab coffee, hit the head, and fight a few fires.

The problem is that companies have decided that it is your problem to worry about your own passwords.  So they’re getting grumpy.  You’re asked to think of a new password every time you log in because you haven’t visited them in more than once a month, and there are rules.  Evil, sick, and twisted rules.  Something that you won’t remember because it requires Mixed Case, Punctuation – but not all punctuation, and a f3w numb3rs. 

Yeah, numb3rs.  That will show th3m!  The name Eric becomes 3R1q just because it is k3wl and L337.

Except it doesn’t.  All those remote attacks will be done via software.  The software has access to all the same books you read, plus the ones you didn’t read, plus the telephone book, plus many other aspects of popular culture.  I once came across some of those dictionaries to crack a computer that I was given and they’re massive.

I didn’t end up using that because on the fourth try, I guessed the password for the happy client.

My biggest complaint, though, is the Recruiting and Human Resources websites.  The worst of them assume that you actually care about them.  You end up rewriting your resume once you get in, and have to type in War And Peace while you’re doing it.  Oh, and don’t forget to log back in once every two weeks or we will delete your information!

No wonder why I try the “Low Security” password that I memorized and if that doesn’t work I click on the “I forgot” link.

Recruiters, you really are not all that significant and are a hurdle to get past, so relax on the security. 

So what do you do?

When I was doing Project Management at the University you would be shocked to know how many times I found people’s passwords.  Forget the Social Engineering tricks of their baby’s name plus their dog.  I would walk to their workstation and lift up their keyboard.  There would be a Post-It note with the passwords written on it.

Believe it or not, that isn’t as terrible as it sounds – if you convert that post-it note to a text file on your phone or on the cloud that you really really do know what the password is for.  After all, while I would lift  your keyboard, I won’t be able to get into your phone.  That is unless it is unlocked or your password is “1111” or something simple like that.

There is a file I keep on my computer.  It’s a clear text file.  Has the passwords on it.  There is a wrinkle though, it is only hints to the password and the hints are pretty obscure unless you are in my family.  But it is in a “safe place” that only I know where it is.

Now that you have found the place to store the hint file, what would I suggest you make the password?

Random numbers, letters, and punctuation is probably best, but make it a physical keyboard pattern you will find easy to memorize, and change it for truly important websites like your bank and credit cards and that annoying website you get all your financial advisor’s information from.

That last one emails me practically every day and I hate logging into it.

Find the file, open it up and remember what that password was…

Actually, this all makes me wonder where I put that post-it note.  Nope, not under my keyboard.  I’ll have to have a look. 

Security? Poodles? Sandworms? Here we go again.

If you have any passing interest in computer security, you have noticed a few announcements go by.

If you don’t, you may think it is overwhelming.

Yes, and Yes.

If you are worried, there’s a simple solution.  No matter what the computer, no matter what the operating system – make sure you are up to date.

Most home users are set up “from the factory” to automatically get updates.  This is true on Windows and on Mac OSX.  My Linux computers pop up a friendly sunburst to say it’s got updates too.

In both cases this will solve these two problems.

Poodle – Make sure your browser is up to date.  Windows update will fix this.  It is a low level problem that is more of a headache for systems administrators. So it’s not a major headache for most people.

The long description that 99 percent of us can skip is that it’s a bug that Google has found in the Secure Sockets Layer (SSL) version 3 that is seriously out of date.  It shouldn’t be used at this point anyway, but some folks haven’t updated that.

Sandworm – It’s a worm that goes after Powerpoint files.  Since Windows machines are set up to ask you if you want to open the file, don’t.  If your computer asks you to open anything with a “.INF” extension, don’t.  That is how the worm will propagate.

How to fix it?  Home users, make sure you go through your Windows Update.  It’s a windows problem.  But anyone else should be running the most up to date version of their operating systems that they can.  If their operating system is no longer supported, it’s best that you upgrade as best you can.  No more XP for you.

While you are at it, make sure your virus protection is up to date and you may want to just force a run of a full scan.  You never know what is running around on your computers these days and it is just good practice to do this once in a while.

So how DO you know when your phone is obsolete?

I have a friend who visits about once a year.  I have a standing request that he brings his “Daily Driver” computer with him when he comes.

He calls it a tune up.  What I generally do is go through the machine, run a virus scan, uninstall spyware, and send him on his way.  It runs much faster because I’ve cleaned out the junk.

He’s also been using that machine for longer than even I have expected.  He’s gotten newer machines, but he keeps coming back to that beast of a 17 inch “laptop” because I’m able to keep it going.

Eventually, he’ll have to stop using it, and then it will have a second life as either a table leveler, something to hold a shelf down in the linen closet, or I’ll put Linux on it and it will be good for another 5 years of use.

I’m leaning toward Linux, but that is because I actually do like using the environment.

Computers have a longer life than the manufacturers want you to believe because they exist to make money by selling you new.  It’s Planned Obsolescence.

With a phone, it appears much more clear cut.  Especially with a smartphone, things have a shelf life.  The vendor puts out a new model, it can do more, but does it really warrant you getting a new one?

Again like with my friends beast of a laptop, to me, it appears that it is software driving the decision.

There are two schools here.  Apple and Android.  Not looking at this as a fanboy of either set up, I have a preference for Android because I can do things with it like use the phone as a multimedia computer much easier than I can with iOS.  I look at it as a use case to form a decision as to which works best for me.

Your Mileage May Vary.

With Apple, there is a clear end of life with their phones.  When you can no longer run their current operating system, it is time to consider moving on.  Apple has always done this with their computers as well.  For a while their PowerPC computers were supposed to be the best thing out there.  Then they came out with Intel based computers that made their old computers look horrible and they stopped supporting them after one more upgrade.

My iPhone is an old 3GS.  It will still make calls, but as a computer, Apple is actively pushing it away.  I have software that ran on it until I updated it, then all the sudden the older software is gone, and the newer one doesn’t work because I don’t have the current operating system.  One after another app is going away and eventually that will be the end of it.

Of course if you have the latest iPhone 6, it’s obsolete when you drop it on the ground on the first day it’s out because you just broke the screen.


Android is a different animal.

Android support varies with the company that made the phone or tablet.  Typically, an Android phone will get updates within the operating system version that it was bought with.  After that you are on your own.

My tablet, a Samsung Galaxy Tab 2, got updates until the current OS came out.  That doesn’t mean that the tablet is unusable, it merely means that it will get more behind the times as I run into the same problem that my old iPhone had.  Software won’t be written for it.

There is another problem with the older versions of Android.  The browser that shipped with every version of Android except the current one has a rather nasty bug in it.  The short of it is that if you have an older Android device, do not use the default browser.  Disable that browser, and install another.  I did that at the start and I use Firefox which is the suggestion that is made by most security groups.

Why is that a problem?  Because if you don’t have a current device that runs the current Operating System, you aren’t going to get an update and you are on your own.  That means you have just hit the wall with using that phone, it’s now obsolete – if you want to be secure.

It all seems a bit alarmist, but considering how many people use their phones and tablets as their main computing devices these days, it really does pay to be aware of what that device is capable of doing.  It is a computer and they do need to be kept up to date.  But when you can’t do that any more, you have to be aware what not being up to date can mean.

I See You!

Security Cameras.

They’re interesting beasts.  I have installed them professionally, and we installed one at home.

They’re not all they’re cracked up to be, but there are some things to be aware of.

Outdoor cameras don’t always perform as well as you might expect.

I think this was what I was being told when I received this picture.  Partly at any rate, and partly because Kevin was gone and looking at my porch from the Auto Train.  He was sitting there most likely somewhere in Georgia on that night, maybe feeling lonely, missing me, or just being curious as to whether he could catch me coming and going.

I’m a TV game now.

We’ve had the DVR, that’s like a VCR but no tapes used, for about 4 months now. 

We’ve seen some pretty odd things in it.  The scooters that ride past the house in the small hours amused me, but I am in Florida and a scooter can be viable as a “daily driver” here – if you don’t mind being hunted down by snowbirds who have yet to learn to drive.

The ducks on the lawn are amusing to watch.  The hedges that are “in frame” are visited each morning by them when they’re grubbing around in my indifferently maintained gardens.

No, really, there are hedges there, you just can’t see them.  On the left of that pole.  See the shadow?  That’s a hedge although you couldn’t prove it by this picture.

And that’s the rub.  They promise 30 feet of Night Vision, typically, although some promise more.   It is like the mileage claims for a car when they say “your mileage may vary”.

My version of that is “Never Trust A Chinese Manufacturer”.

You couldn’t use that picture in court to prove that yours truly was at the front door with his faithful sidekick, Rack the McNab Dog, could you?

You could try.  I’ve heard some pretty sleazy tricks in what passes for a court room in this country, and I try to avoid court rooms as a general rule.

So a few basic rules?  I’ll keep them as brief as possible.

TVL – TV lines.  We’re all used to HD TV now.  This camera is Standard Def.  Old school square, just like all the DVRs that are being dumped.  Do you need HD?  You might, but HD Is expensive.  This camera is 420 TVL (Lines) and Standard Def.

Night Vision.  They slap that array of Infrared LEDs around the lens of the camera.  It puts out a glow.  It will have a “Feet of Vision” attached.  Divide that by two to get your real distance, seriously.  Just like the MPG scores on a car, your mileage may vary.  After all, I can get 40 MPG rolling down hill in my Jeep at 40 MPH.  I’ve seen it.

HD vs SD.  My own opinion is why not both.  Put SD cameras (not as sharp) on things that you will watch from “close up” like your front door, and then put the good HD cameras on things that you want to see crisply.   You may even be able to use fewer cameras by using more HD where you need it.   Instead of my having two cameras on the driveway and one that leaks onto the front yard, one HD camera may do it.  That will save a couple channels for use elsewhere.

Number of Channels.  My DVR will record up to 8 channels.  Some do 4.  The most I have ever seen is 16.  You probably don’t need 16.  Really, you don’t.  You will want to save recordings, so get a big hard drive for the machine of at least 1 TB and roll with it.  It doesn’t have to be fast since you’re not recording a lot all at once.

I will say though after looking at that picture… it needs to have the camera moved.  That’s just too fuzzy to be worthwhile.   Maybe closer to the front door.

I wonder if I can convince someone else to go up on the ladder.  I hate those ladders.  Nothing looks more ridiculous than a tall man well over 6 feet trying to balance on one of those things.

Is It Me Or Is Everyone Updating Computers These Days?

The short of it is that since you’re reading this on a computer go and do your system’s update.

Windows almost always has updates.
Mac OSX has one for Safari for the supported operating systems.

Even my Linux system needed it, but that’s normal when you have 1500 projects updated by probably as many different groups of people.

What got me started on this was that this morning before sunrise when I started the main computer, I saw a “helpful” yellow text show up on Windows.  It was warning me that there was an important update available.

I’ve gotten so that Windows seems to be the Boy That Cries Wolf, but ok let’s check.  Definition Update for Windows Defender.   It’s a built in virus scanner in Windows 8 and above.  It’s the love-child of the old Microsoft Security Essentials.  I’ve used it for quite a few years now, and while I trust it, I have grown to expect a message telling me to update.

Since it is Windows, it is the operating system everyone seems to like to attack.   More ways than one, I’m afraid.

I installed that particular update, and since it didn’t demand a restart of the system, I shrugged and got on with my business.

I also have a Linux machine, two actual laptops, and a number of virtual machines, so just for giggles, I thought I’d check.  172 updates on Linux, but that’s not a shock.  With Linux, avoiding viruses is easy, just go to a known repository and use their software – in Windows terms, only use Windows Update and don’t install from an unknown source.

That doesn’t help with backdoors, and that is what the Heartbleed bug was last month.  Someone had found a backdoor into the software and everyone needed to change passwords.

You did change your password didn’t you?

It went on its happy way, and I realized that I had a couple other virtual machines that needed attention.  Since they’re all lightly used, they’ll get it when I run them.  Virtual Web Servers and the like.

Even Apple has gotten in the mix of it all, since they want an update to their browser.  Part of being popular I guess, and that means that iPhones will probably need it too.

I know for a fact that my Android phone needs an update, but that’s a very different thing.  It’s a very old version of Android that’s named Gingerbread, on a very old phone, relatively speaking.  Even the “alternate ROMs” don’t support this phone fully.  Not to mention the software that I installed through Google Play needs updates.  Since I don’t actually want Facebook on my phone, I tend to ignore things like that.

So if you got this far, go find out how to update your Windows Computer (Start, Windows Update), Apple Computer (Apple Menu) and Linux Computer (Software Update or Synaptic or “apt-get update”) and watch the pretty thermometers go.

Now, if you will excuse me, my Linux Virtual Computer says Restart is Required.  Strange that Windows didn’t need it, but Linux did… Never mind that, time to restart!

Got Windows? Hit Windows Update – Even Windows XP

So that bug I have been banging on about?

The one that is a bug of doom, effects every version of Internet Explorer from Version 6 through present?

Windows XP
Windows Vista
Windows 7
Windows 8
and
Windows 8.1?

Yeah, the fix is in.

Microsoft has relented since 1/4 of the entire PC Market is still running Windows XP.  Not to patch this one would cause havoc on the Internet and crash web servers, and make little babies cry.

This morning, I started finding messages in the security blogs that mentioned it.  This bug, the 1776 bug, with a rather nasty hole has been exploited.

As far as XP is concerned, Microsoft has said in the past that while support has ceased for it, they may at their own choice make patches to it in the future.   Since this was a big one, and it is the future, take advantage of it.

Even if you don’t use Internet Explorer, you will want to get this fix.

The steps are simple.  You may have already downloaded the fix and there could be a message waiting for you to either shut down or restart your computer to apply the fix

If not, just:

Click Start
Click Control Panel
Click Windows Update
Click Install Updates

and you’re on your way!

Now, if you will excuse me, my computer wants to be restarted.  I guess I really do need to take a break anyway!