Sunday, November 19, 2017

PayPal Reminders

With the holiday season right upon us it seems time to share some PayPal reminders:

Am I the Last Person? - When you use PayPal on another site, it DOESN'T log you out.

PayPal Preapproved Payments - Many merchants send their request to PayPal asking for you to PREAPPROVE any payments to them that they want to make.

While these posts are from some time ago I confirmed today that they are still valid.

Sunday, November 12, 2017

Chip and PIN Cards

So do you have one of the new "Chip and PIN" cards? They are also known as "EMV" for Europay/MasterCard/Visa.

Instead of swiping you're supposed to "dip" them. Currently not all merchants have implemented the "dip" technology. There are fiscal liability implications related to that don't affect the consumer so I won't cover that here.

What I will try to explain is the part of the new EMV cards that is known as the Card Verification Method (CVM).

I have a USAA Visa card. In preparation for a trip to Ireland a couple of years ago I called USAA and asked for an EMV card which they supplied. When I received it I followed up with USAA and set a PIN for the chip.

I successfully used the USAA EMV card during my trip to Ireland. At most merchants I was asked to sign a receipt. This seemed to confuse most merchants but it never impacted the success of the transaction. No merchants' terminals challenged me for a PIN.

Subsequently US merchants have been replacing their credit card terminals with the new "dip" capable ones. These don't challenge me for a PIN and not always even for a signature.

This got more interesting recently at a self-service gas station in Quebec City, Canada.

The card reader on the pump was chip-enabled. It fussed at me in French for inserting and withdrawing my card like I would do in the US. Finally I understood enough French to leave the card in. Then it asked me how much to pre-authorize on the card. In the US this is just done silently. I wasn't ready to perform a quick calculation in a foreign currency so I just chose the largest amount 125$. Then it asked me for the PIN of the chip not the stripe. Thankfully I had activated a PIN on the chip in preparation for my trip to Ireland. It churned for a second and told me to remove the card and begin pumping.

That transaction got me interested in what the process was to determine whether an EMV card transaction will require a PIN or signature or nothing.

At a summary level, each EMV card has a prioritized list of verification methods (CVMs) that may vary with the value of the transaction. This list is processed by the terminal searching for a matching CVM from the card.

SpottersWiki has a database of EMV cards and associated CVM methods. When I searched it for my USAA Visa card it reported the CVM methods were:
1: Signature (paper)
2: Enciphered PIN verified online
3: Enciphered PIN verified by ICC (aka offline PIN)
4: Plaintext PIN verified by ICC (aka offline PIN)
5: No CVM required
There is another database here but it isn't being updated.

The kicker here is that gas pump in Quebec City obviously couldn't accept a signature as verification and therefore required a PIN. It is not clear to me that the chip PIN is necessarily the same as the magnetic stripe PIN. I suggest you contact your card issuer to make sure.

This process is due to be implemented in US gas pumps by October 2020.

A more in depth explanation is here.
Although EMV is often referred to as “Chip and PIN”, in fact EMV supports several different methods of verifying the identity of the cardholder, known as Cardholder Verification Methods (CVM). Every card contains a list of the CVM that it supports, and when they need to be applied (e.g. Use online PIN if the transaction is an ATM cash withdrawal, else use signature).
Whenever an EMV transaction is performed, the terminal’s EMV Level 2 Kernel processes the CVM list in order, until it finds a CVM that it supports and can process. In the event that no supported CVM is found or an error occurs during CVM processing (e.g. the PIN-Pad was malfunctioning), the EMV kernel will flag this in the Terminal Verification Results, which may cause the transaction to be declined or sent online for authorisation by the card issuer.
The CVM that EMV currently supports are Online PIN (required in certain countries for all transactions, and also for all ATM cash withdrawals), Offline PIN verified by the chip card (required in certain countries for all payment transactions), signature (for attended payment terminals in some countries), or a combination of both PIN and signature if additional verification is required.
Also, in some environments it is permissible to use no CVM for low-value transactions or for terminals that do not support any of the CVM on the cards.

Sunday, November 05, 2017

Windows Defender Doesn't Suck

While I realize that's a left-handed compliment there's some meat behind it.

I've mentioned Windows Defender a couple of times recently non-disparagingly. I still believe the best protection for your Windows system is discretion. Just don't go to stupid places.

However it still makes me feel better to have some kind of anti-virus tool lurking in the background just in case somebody tricks me.

The AV-TEST Institute runs a couple of anti-virus bake-offs each year. The most recent results are here.

Tom's Guide has a good summary of the AV-TEST comparison. I love their recap.
Microsoft’s [Windows Defender] Protection score was 5.5 out of 6. For a program that was bottom-of-the-barrel just last year - and comes free with Windows - that’s not bad at all.

Sunday, October 29, 2017

Controlled Folder Access

Windows 10 Fall Creators Update (aka 1709) was released October 17, 2017.
Windows 10 Fall Creators Update includes a number of new features, including a replacement for OneDrive Placeholders, support for Windows Mixed Reality, the ability to more seamlessly connect to Windows PCs from iOS and Android phones and an improved Photos app experience.
ZDNet
I've installed it on a couple of laptops with no issues. I haven't seen any problems with it nor really any new features.

Except...

Windows 1709 has a new Windows Defender capability called "Controlled Folder Access".
A below-the-radar security feature in the Windows 10 Fall Creators Update ... can stop ransomware and other file-scrambling nasties dead.
The controlled folder access mechanism within Windows Defender prevents suspicious applications from changing the contents of selected protected folders.
The Register
To turn it on, click on the Windows key and type "Windows Defender Security Center". Click it and then click on "Virus & threat protection".


Then click on "Virus & threat protection settings".


You're getting warm.

Under "Controlled folder access", slide it to "On" and click on "Protected folders".


You can also add programs to the whitelist.


Here are the folders protected by default:


Add any that Windows didn't choose.

The best write-up I've found is here.

Here's what it looks like in action:


Sunday, October 22, 2017

Chrome Search Engines

I came across this article recently describing how to add a new search keyword to allow you to go directly to Google Maps with an address in the search bar. It's very easy but ...

As I followed the simple steps...
In Chrome, go to Settings, then select “Manage search engines.” Next to “Other search engines,” ...
Whoa!

Look at all the stuff that was already there!


Why would Google let bhphotovideo.com create an entry in my search engines?

Worse yet, the ones that are in the "Other search engines" are active.

The presentation infers that you have to use the Keyword to invoke them but there's a shortcut that lets them sneak in.

For example, the first entry in my "Other search engines" was "bhphotovideo.com" with a keyword of "bhphotovideo.com". But if I enter "bhp" in the address bar and press "Tab" guess where I go? To a Google search of bhphotovideo.com. There are hundreds of these entries in my Chrome "Other search engines". And there's no way to delete them en masse.

Stop that!

There seem to be at least 2 ways these get added. 1) Google will discern that there's a search box on a page and add an entry or 2) the site will use an API to add an entry.

There are discussions of this here and here. Oh, yes, the Chromium developers know about this and have marked it WontFix. See Comment 7.

There's even a Chrome extension that addresses this that I haven't tried.

Sunday, October 15, 2017

iOINK

If you remember my previous comments on iTunes, this post will come as no surprise.

I like to make my own ringtones. With Android, this is a piece of cake. Just find/create an mp3 file and e-mail it to yourself. Save it on the phone and then set it as a ringtone. Done.

As noted in the above referenced post, iTunes can accomplish this in 16 easy steps.

Ok, so I realize that I have to use iTunes with my iPhone 6s.

But I don't have to like it.

Recently I wanted to copy a couple of TV shows that I had recorded to my wife's iPhone SE. I converted them to M4V. Then I added them to my iTunes library.

But they didn't show up in the library. Consequently then they didn't sync to the iPhone.

Why on earth?

After a couple of hours of Google searches I finally came up on this forum post from 5 years ago:
I did believe that I have figured out what is going on though. In Itunes>Preferences>Store there is an option to keep playback synced between devices. I needed to uncheck that before the movies would show up in the itunes interface. Once that happened, I could go in and change the media type and organize it the way I wanted.
So if you want your home videos to sync in iTunes just uncheck the option to "keep playback synced between devices."

Why didn't I think of that?

Oh, now you want to WATCH these videos? Apple has removed the Videos app and put that function in the TV app.

Why didn't I think of that?

Sunday, October 08, 2017

iOS 11.Oh No!

Along with the iPhones 8 and X, on September 19, 2017 Apple released iOS 11. While it was full of new features it seems it is also full of bugs.

Apple quickly released 11.0.1 to fix a problem that Outlook/Exchange users couldn't send e-mail. It also contained other "bug fixes and improvements."

Apparently not enough.

On October 3, 2017 Apple released 11.0.2 to fix problems with iPhone 8 and iPhone 8 Plus users hearing a crackling sound during phone and FaceTime calls.

Now Apple has released a beta of iOS 11.1.

A word to the wise, avoid iOS 11.0.x like the plague.

If you're already getting nagged to upgrade here's some help.

Steve Jobs must be spinning in his grave.

Sunday, October 01, 2017

Firefox Send

I'm a regular listener to TWiT's Security Now podcast with Steve Gibson. On a recent podcast Steve mentioned Firefox Send, a new service from Firefox. ZDNet also covered it here (beware of auto-playing video with sound).

...you can securely send files to a contact using a link that only works once. The encrypted file, which is stored on Mozilla's server, is destroyed immediately after it has been downloaded once or after 24 hours have elapsed. 

This also works on Chrome and Edge and supports files up to 1GB. The files are encrypted before uploading, can only be downloaded once and deleted after 24 hours. Within the 24 hours you can revisit Firefox Send and you'll get a status page of the files you have uploaded that haven't been downloaded.


The page does say "Firefox Test Pilot, web experiment" so I wouldn't bet the farm on it for now.

If you're really geeky, look at the URL that Firefox Send gives you and then listen to Steve explain it.

Sunday, September 24, 2017

Microsoft's Resilient File System - Part 2

In a previous post I laid out the background for Microsoft's ReFS.

A recent article in How-To-Geek provides more details and compares ReFS to NTFS.

The points covered are:

  • What Is ReFS?
  • ReFS Protects Against Data Corruption
  • ReFS Drops Some Old NTFS Limitations
  • ReFS Can Be Faster, Sometimes
  • ReFS Can’t Replace NTFS (Yet)
  • How to Use ReFS

There's also a good video explaining ReFS.

And a series of really technical blog posts covering ReFS.

In a related event, Microsoft has "corrected" an error that allowed OneDrive to use ReFS. The same "error" impacted older file systems, such as FAT32 and exFAT, as well.

Winaero has reported that in Windows 10 Fall Creators Update Microsoft has "removed the ability to create ReFS partitions from regular retail editions of Windows 10. The updated list makes the ability to create new ReFS partitions exclusive to Windows 10 Pro for Workstations and Enterprise edition."

Hmmm.

Sunday, September 17, 2017

AT&T Messages

I didn't know you could do this!


Just go to https://messages.att.net.

It's a little bit clunky and AT&T seems to be deprecating some of it.

For example, you can click on the phone number in a message and a dialog box pops up offering to "Create New Contact" but that doesn't work.


And messages sent from this application don't get pushed back to the phone.

Still, pretty nice.

Sunday, September 10, 2017

LAN Diagram

I thought that I had posted about my LAN configuration before but I can't find it.

I'd been following Steve Gibson's Three Dumb Router solution to IOT insecurity. But I've also come across several discussions of using Ubiquiti's EdgeRouter X.

My equipment closet had become a rat's nest with long Ethernet cables wadded up behind all the equipment. Of course they were either not labeled or had the wrong labels on them.

So I redesigned my LAN segmenting it into a home (safe) network and Internet of Things (IoT) (unsafe) devices.

I bought color coded patch cables from Monoprice - red for Internet, green for home and blue for IoT.

To manage the connections to each segment I added a 8-port Gigabit switch to each segment.

I haven't implemented the EdgeRouter X yet so I'm actually not yet isolating the 2 segments. The dashed lines represent the current configuration.

Update: Did you find the problem in this configuration? Look again. Look closer. Then scroll down.















The NETGEAR ProSafe FS108NA is 10/100 mbps, not gigabit. I discovered this when I copied a large amount of data to the Drobo 5N. It was SLOW.

I have since replaced the NETGEAR with a D-Link GO-SW-8GE.















Sunday, September 03, 2017

AT&T Microcell

I upgraded my wife from an iPhone 5s to an iPhone SE over Christmas. Ever since she's been complaining about signal strength.

I called AT&T and they admitted that one of the towers near my house was down and had been down for a couple of weeks.

I whined at them for a while and finally convinced them to give me a free microcell.
The AT&T MicroCell acts like a mini cell tower in your home and connects to your existing broadband Internet service. You receive improved cell signal performance for voice calls, texts, and cellular data applications like picture messaging and Web surfing.
After a couple of odd interactions with AT&T a Cisco DPH154 arrived.
Activation was easy.

And it worked. Really well.

Before

After
An improvement of 45dB! Also, notice the difference of the indicator in the status bar, i.e. "Wi-Fi" vs. "M-Cell".

Sunday, August 27, 2017

Smartphone Battery

I've got a lot of experience with various smartphones. And I'm obsessive meticulous with tracking their battery usage.

I looked at 15 "typical" days for 3 different phones. I excluded days that I had tethered or been on calls an excessive amount. I can't say I used a rigorous scientific method but I believe that the sample is representative.

For this discussion I tracked 4 variables for each phone:
  • End of Day % - Percent of battery remaining at 10:00PM
  • OS Level - Operating system in use
  • Battery Capacity - in mAh (milliamp Hour)
  • mAh/hour - mAh consumed per hour

PhoneEnd of Day %OS LevelBattery CapacitymAh/hour
iPhone 6s55.5310.3.1171554.27
PRIV55.476.0.13410113.54
Nexus 542.536.0.12300104.48

At the end of the day, all 3 phones were generally in the same range of percent of battery left. The Nexus 5 was lower and that aligns with its reputation of poor battery life.

The PRIV has a big honker of a battery, almost twice the capacity of the iPhone 6s. And it needs it.

But the real finding for me was that the mAh/hour rate of the iPhone 6s was roughly half that of the Andoid phones. That's why the iPhone 6s' battery is so much smaller than the Android phones and why the iPhone 6s is so much thinner.

How does the iPhone keep the battery usage rate so low? Simple, it doesn't let apps run in the background.

Sunday, August 20, 2017

On the Way to VoIP - Follow-Up

I've been living with my Google Voice/OBi100 system (see 1, 2, 3, 4, 5, 6, 7, 8) for a couple of years and thought it was time for a follow-up.

Obihia and Google did a little dance a while back but finally kissed and made up. My service was never disrupted.

My OBi100 has gone end of life. The support was never outstanding nor really a problem. I bought a OBi200 to replace the OBi100 but haven't even bothered to install it.

The E911 support from Anveo has been fine I guess. Thankfully I've never used it. Their billing system is kinda wonky. The E911 service is $15 per year and you have to pay for it with a prepaid account. Then when the year lapsed and there wasn't sufficient balance to renew they Anveo just canceled the service and sent me an e-mail.
Customer,
We would like to inform you there was not enough funds in your account balance to extend your E911 coverage.
As of this moment the following E911 address is no longer covered and you can not make 911 calls:
<snip>
Your current account balance: $0
You may not be able to place outgoing calls without having at least one E911 address configured.
Please add funds and re-configure E911 coverage for the above mentioned address.
I deposited $15 and put a reminder on my calendar.

After a couple of months using Google Voice I went back and reviewed all the incoming calls. I added all the known callers to the Contacts on that Google account. Then I flipped the switch to screen callers that weren't in the address book. That only works so so since the OBi100 doesn't really support Google Voice's call screening in spite of them stating that it does.

What the OBi100 does is if Google Voice causes a prompt for screening, the caller hears the prompt and then gets transferred immediately on to the handset. The good news is that this pretty much causes the telemarketers to hang up. Good enough.

Sunday, August 13, 2017

Cloud - Office 365

Sometimes it's just too easy to make fun of a company.

In May 2017 Microsoft had gathered their favorite developers in Redmond for the annual Build conference. The focus of that conference was Microsoft's offerings of Office and Azure.

Yeah, you guessed it. Office 365 went down in the middle of the conference as documented by the Register.

Outages happen to everybody.

What I thought interesting were the comments on the Register post:
Cloud just means somebody else's computer that you have NO control over, and can go down at any time leaving you helpless.
Herby
Cloud: A computing service that signifies you do not know where any outage is, who is responsible for it, who else but you or your organization accesses the data on it, but nobody wants to do without.
Jeroen Braamhaar
Having worked with Cloud products for near 10 years now, I can say that in general they are much more reliable and lower cost than an on prem equivalent. ... [Y]ou do get a much better infrastructure from a company that invests millions/billions and has SLA's around it all than the bit of tin you got from the reseller round the corner.
Babbit55
This situation is kinda like when I was on a conference call with my CIO and his boss the CFO. It wasn't a pleasant discussion. When the call was over my CIO turned to me and said "I don't ever want to have that discussion again."

Don't find yourself or your company in the situation that Microsoft was in. Consider and act on the points in those comments.


Sunday, August 06, 2017

Windows 10 Tweaks


I've been happy with Windows 10 AFTER I've thoroughly tweaked it. Here are some links to Windows 10 tweaks that I like. I will continue to update this post so check back from time to time.

My posts (some overlap with those below)

How to get past Windows Defender SmartScreen in Windows 10

Remove "Windows Defender Security Center" Icon from Taskbar Notification Area

How to disable touchscreen edge swipes in Windows 10

How to Remove the User Password in Windows 10

How to prevent Windows 10 from requiring a password when resuming from sleep

Bypass the Lock Screen in Windows 10

Sign-in Automatically to a User Account in Windows 10

Increase System Restore Point Frequency in Windows 10

Create Shortcut to Open Any Settings Page in Windows 10

Enable or Disable Network Discovery in Windows 10

Get Classic Windows Defender in Windows 10 Creators Update
I rename the shortcut to "Windows Defender" and pin it to the Start menu

How To Disable Ads in Windows 10 (All Of Them)

Move Apps to Another Drive in Windows 10

Convert MBR To GPT With MBR2GPT In Windows 10 Version 1703

Windows 10 Tip: Turn Off Lock Screen, Start and Action Center Advertising

Windows 10 Tip: Turn Off File Explorer Advertising

Windows 10 tip: Turn on File History for automatic backups

Windows Update Blocker disables OS updates on demand

20 ways to hate Windows 10 less

Windows Containers on Windows 10

Backup drivers before reinstalling Windows 10 using DISM

Windows 10 Tip: Remove the Built-in Apps

Disable This Animation to Make Windows 10's Start Menu Open Faster

How to add Recent items to left pane of File Explorer in Windows 10

Windows 10 Tip: Disable Automatic Default Printer Management

How to create a system image in Windows 10

How to Disable the “Get Office” Notifications on Windows 10

How to Get Rid of the OneDrive Icon in Windows 10's File Explorer

Open Control Panel Applets Directly in Windows 10

Sunday, July 30, 2017

System Image Backup

In a couple of my previous posts (SSD Migration and Backup, Restore, Test) I mentioned Windows System Image Backup tool. These posts were written when the Windows system was running Windows 7.

Now all my systems are running Windows 10. And a couple of my systems have updated to Windows Version 1703 Creators Update.

Microsoft is step by step migrating from the legacy Control Panel to the new Settings app. Even when the function isn't available in Settings.

For example in Windows 1607 Anniversary Update you could type "Backup and Restore..." and the legacy Control Panel dialog would be presented.



Now in Windows Version 1703 Creators Update the legacy Control Panel dialog is not presented.


Notice that "Reset this PC" is presented. There's a message in that result. That's where Microsoft is steering you, to reset rather than restore.

Here's how to get to Windows' System Image Backup tool.

Press the Windows key and type "control panel".


Click on "Control Panel".


Click on "Backup and Restore (Windows 7)".


Click on "Create a system image".


Select your backup target and click on "Next".


Confirm your backup settings and click on "Start backup". This make take a while, up to a couple of hours for a big drive.

I fully expect that Microsoft will completely remove this System Image Backup capability in future versions.

You HAVE to read my previous posts (SSD Migration and Backup, Restore, Test) before you strike out using this technique.

Sunday, July 23, 2017

iPhone Task Switching

Maybe this is because of my long time use of Windows but my device usage often requires me to switch back and forth between 2 apps or windows.

Neither Android or iOS have readily supported this. Recent Android releases require you to tap the task list key and then tap the app you want to switch to. Nougat improves this letting you double tap the task list key to simply switch to the previous app. iOS has required you to double tap the home key and then swipe back to the previous app and tap on it.

Finally 3D Touch addresses this in iOS for the devices that support 3D Touch.

To do this just press firmly on the left side of the screen. Then swipe all the way to the right to go back to the previous app.

Source: iMore

Sunday, July 16, 2017

Windows 10 System Restore

From Windows 10 Forums:
System Restore is a way to undo system changes by using restore points to return your system files and settings to an earlier point in time without affecting personal files of users. System Restore uses a feature called system protection that regularly creates and saves information about your PC's drivers, programs, registry, system files, and settings as restore points.

If you are having recent problems with Windows 10, then you could do a System Restore to restore Windows back to an earlier point in time, called a restore point. 
But it's hard to use System Restore if it's turned off.

And Windows 10 tends to turn off System Restore every time you do an upgrade, e.g. Creators Update.

So....

After you upgrade Windows 10 press the Windows key and type "Create a restore point".


Click on it and you'll see this dialog.


Yep. System Restore is turned off. Click on "Configure".


Click on "Turn on system protection" and drag the "Max Usage" over to something 5% or greater.

Click on "OK" and you're done. And safer.

Sunday, July 09, 2017

Android Auto / Car Play

My 2017 Honda Pilot supports Android Auto and Apple's Car Play on its "infotainment" system with a 9" touch screen.

Overall the infotainment system is confusing and the smartphone support doesn't mitigate that.

The Pilot has a specially designated USB port for smartphones. When you plug the smartphone into this port the car app automatically launches. I bought a USB cord that supports both microUSB and Lightning connectors.

I've played with both Android Auto and Car Play. While generally similar in function, as expected, they differ greatly in execution.

For example, when Car Play launches the iPhone screen is still usable. You can still interact with the screen. On an Android when Android Auto launches the screen goes blank and the only way to interact is with the Pilot's touch screen.

On the iPhone apps have to be specifically designated as enabled for Car Play. This results in that you can only use Apple Maps for navigation and not Google Maps.

On an Android phone there is much more flexibility. There is a list of apps available in each category. In the audio section on my phone you can choose from Google Music, Pocket Cast or Tune In.

But most of the time I want to just listen to the radio. It took a little exploring but you can do that and the setting persists over turning the car off and on. What I did is after the car app launched, press "Home" on the Infotainment system then choose "Audio". Press "FM" and the radio will begin playing. The car app will still override with navigation prompts.

I played with both Apple Maps and Google Maps for navigation. Apple Maps is, well, Apple Maps. To my surprise the first time I used Apple Maps it cautioned me about traffic congestion ahead of me without my giving it a destination. Google Maps does that all the time but I wasn't expecting Apple Maps to do that.

That is about the only surprise I got from Apple Maps.

Comparing to Google Maps, Apple Maps doesn't give lane directions on upcoming turns, doesn't do pinch to zoom, and doesn't use the Pilot's dashboard display (more later). I probably don't need to tell you that Apple's directions still aren't as good as Google's. My daughter lives in a neighborhood with a street that has been closed for a decade or more. Apple Maps insists on routing visitors to that closed street.

Android Auto

As you approach a turn Apple Maps presents a redundant representation of the upcoming turn. I couldn't figure out why until I used Google Maps. When that same event occurs Google Maps sends that mini representation to the Pilot's dashboard where the mileage or tire pressure is displayed! How awesome.

Android Auto

When using navigation on Android Auto you can mute the navigation prompts. But even better you can mute the navigation prompts EXCEPT if there's a traffic alert.

Android Auto

Android Auto

And just as a bonus Google Maps will show you gas stations and prices.

Android Auto

I've liked using Android Auto so much that I've added a line to my cell phone plan and left my old Moto X in the Pilot all the time.

Sunday, July 02, 2017

iPhone Field Test Mode

I was investigating AT&T's signal strength in a specific location recently. On an Android phone getting a numerical reading for cellular signal strength was easy - Settings / About phone / Network.


But nothing is that easy on an iPhone.

But on an iPhone there's a really neat trick that is actually better.

Here is how the signal strength is normally displayed.


Dots.

Now go into the Phone app and switch to the Keypad like you were going to dial a phone number. Dial *3001#12345#* and press the Call button.


This will launch the Field Test Mode app and where the bars/dots were in the top left corner of the screen, you'll now see a negative number. The negative number is the decibel signal strength reading and should be followed by the carrier name and then the network type.


Bigger absolute numbers are bad. Remember these are negative numbers. -100dBm and lower down to -115 is sometimes iffy but mostly usable.  -90s OK,  -80s good, -70s excellent, and -60s off the chart fantastic

To exit and return your iPhone to normal status, all you need to do is hit the Home button.

But here comes the trick.

If you want your iPhone to always display numerical signal strength instead of signal bars, you can perform the following process.

Once in Field-test mode (accessed by entering and dialing the code above), hold down the power button until you see “Slide to Power Off”, then release it.

Then hold the Home button until you’re returned to your main app screen. Now you’ll see your numerical signal strength while you use your phone, and you’ll be able to tap the signal numbers to switch to signal bars, and vice versa.

To exit this persistent field-test mode, simply re-load Field Test Mode and exit it via the Home button.

Source: UberSignal

Update: This doesn't work in iOS 11.

Sunday, June 25, 2017

Asus Transformer Mini

I've always been looking for a tablet solution that I could use to take handwritten notes that would convert to text.

On my Nexus 7 I tried MyScript Smart Note and on my iPad Air I tried MyScript Memo. That both platforms ended up with MyScript apps was just coincidence. But the coincidence doesn't stop there.

The Microsoft store carries the Asus Transformer Mini in a Signature Edition.


Tech specs
Display10.1 in LED-backlit touchscreen (1280 x 800), 10-finger multi-touch support
ProcessorIntel Atom x5-Z8350 1.44 GHz with Burst Technology up to 1.92 GHz
Memory4GB DDR3L 1600 MHz
Hard drive size64GB eMMC
Operating systemWindows 10 Home, 64-bit
PC type2 in 1
Optical driveNone
Media driveMicro SD card reader
AudioICEPower Audio Wizard, Realtek Audio Manager
VideoIntel HD Graphics with shared graphics memory
Ports1 USB 3.0
1 Micro USB
1 Micro HDMI
Headphone output/Microphone input combo
Battery2-cell polymer (up to 11 hours movie playback)
Camera2MP webcam
Wireless802.11ac (Miracast enabled)
BluetoothBluetooth 4.1
DimensionsTablet: 10.43 x 6.89 x 0.32 in (264.92 x 175.00 x 8.20 mm)
Tablet + keyboard: 10.43 x 6.89 x 0.54 in (264.92 x 175.00 x 13.90 mm)
Weight1.80 lbs (0.81 kg)
ColorGray
OtherModel number: T102HA-C4-GR
Instant ID sign-in
TPM 2.0
Includes keyboard and pen
Precision touchpad
Touchpad dimensions: 93 x 51 mm

The keyboard snaps on magnetically like the Microsoft Surface. And when you flip it around behind the tablet it is not sensitive to touch. It also has a kickstand like the Surface when you're using it on a desk. The keyboard has a small loop to hold the pen.

While the Asus Mini comes with its own charger you can simply use any microUSB charger. And you can easily make it all day on a single charge.

The light weight is impressive. Even with the keyboard the Asus Mini weighs 1/2 as much as the ThinkPad X220 that I was using and that's without the ThinkPad's charger.

For protecting the Asus Mini I got a sleeve from eBay. The one for a 10" tablet fits fine and I even store the Asus' pen in it.

The sleeve protects the Asus Mini when you are traveling with it but I wanted to protect it from scratching when I set it down on a rough surface. I found a faux carbon fiber skin for a Macbook. A few minutes with a razor blade and it looks like it was made for the Asus Mini.

It came with Windows 10 Home but I upgraded it to Windows 10 Pro with a key from SCDKey. I didn't have to have an new DVD. I just entered the key and sat back a couple of hours. Don't forget to cleanup the old files when you're satisfied with the upgrade.

Then I did a Windows 10 "reset" just to make sure it was clean. That took another couple of hours.

It also comes with a free copy of Office Mobile. While this is somewhat limited the functionality is fine for casual usage. It's a little bit picky about which versions of Word documents that it will open for update but it will convert most versions to the current format.

But the magic is the handwriting app. The program I use for handwriting is Nebo from MyScript (remember them?). I got it for free right after it was released. And I'm not the only one impressed by Nebo.

Nebo supports exporting to Microsoft Word. Handwritten notes can be exported to Word or saved as text. Headings, paragraphs, lists, color, bold, highlight, are all preserved. I use the "View in browser" feature to save as PDF.

In that the Asus Mini has an active pen, the Nebo app is insensitive to your palm touching as you write. The MyScript apps that I have used on other tablets have tried to address this with a palm "screen" but are generally unsatisfactory.

Besides its handwriting function don't forget it's a full Windows 10 PC, e.g. Chrome, Dropbox, etc. Yeah, it's not the fastest but everything works. If you need more disk space than the 32GB drive provides you can add a microSD card. I still have more than 20GB free on the internal drive.



Sunday, June 18, 2017

archive.is

I've been burned before when I link to a web page in this blog and then it disappears. (I'm talking about YOU Microsoft.) Sometimes I will even screen capture the pertinent parts of the web page and present it as a jpeg.

Recently I came across this article in Lifehacker that mentioned archive.is.

The idea is that archive.is will go capture the web page at the point in time and give you a shortcut to it. Further you can download a zip file with a stand-alone presentation of it.

Here is the archive.is copy of the Lifehacker article.


You still have the risk that archive.is goes away. I don't see any ads so I'm not sure of the business model.

Shrug.

Sunday, June 11, 2017

Back and Forth

I probably switch phones as much as anyone you know. I have loved my BlackBerry PRIV.

But...

It's big.

It's heavy.

And I don't use the physical keyboard.

So I crossed over again.

I found a refurbished carrier unlocked 64GB iPhone 6s on eBay for a great price. I Google-ized it and avoided the iMessage trap (so far).

The phone I got is model A1688. A1688 is known as the "everywhere" phone and supports all the LTE bands that the AT&T variant (A1633) does except that there is no LTE band 30. AT&T uses it as a supplemental band to increase capacity in urban areas.

It has worked fine for me on AT&T even supporting HD Voice. The A1688 also has CDMA so it supports Sprint and Verizon.

I really like:
  • Form factor
  • OS updates
  • Stability
  • Apple Pay
  • Mute switch
  • Not getting nagged about having a Android phone

BlackBerry PRIVApple iPhone 6s
DESIGN
Device typeSmart phoneSmart phone
OSAndroid (6.0, 5.1)iOS (10.x, 9.x)
Dimensions5.79 x 3.04 x 0.37 inches (147 x 77.2 x 9.4 mm)5.44 x 2.64 x 0.28 inches (138.3 x 67.1 x 7.1 mm)
Weight6.77 oz (192 g)5.04 oz (143 g)
FeaturesFull keyboardFingerprint (touch)
DISPLAY
Physical size5.4 inches4.7 inches
Resolution1440 x 2560 pixels750 x 1334 pixels
Pixel density541 ppi326 ppi
TechnologyAMOLEDIPS LCD
Screen-to-body ratio71.58 %65.71 %
Colors16 777 21616 777 216
TouchscreenMulti-touchMulti-touch
FeaturesScratch-resistant glass (Corning Gorilla Glass 4), Light sensor, Proximity sensorPressure-sensitive, Oleophobic coating, Scratch-resistant glass, Light sensor, Proximity sensor
CAMERA
Camera18 megapixels12 megapixels
   Aperture sizeF2.2F2.2
   Focal length (35mm equivalent)
29 mm
   Camera sensor size
1/3"
   Hardware
   Features
Optical image stabilization, Autofocus (Phase detection)Sapphire crystal lens cover, Autofocus, Back-illuminated sensor (BSI)
   Software
   Features
Touch to focus, Face detection, Digital zoom, Geo taggingTouch to focus, Face detection, Self-timer, Geo tagging
Camcorder3840x2160 (4K) (30 fps), 1920x1080 (1080p HD) (60 fps)3840x2160 (4K) (30 fps), 1920x1080 (1080p HD) (120 fps), 1280x720 (720p HD) (240 fps)
   FeaturesOptical image stabilization, Continuous autofocus, Video calling, Video sharingTime-lapse video, Continuous autofocus, Digital image stabilization, Video calling, Video sharing
Front-facing camera2 megapixels5 megapixels
HARDWARE
System chipQualcomm Snapdragon 808 MSM8992Apple A9 APL0898
ProcessorHexa-core, 1800 MHz, ARM Cortex-A57 and ARM Cortex-A53, 64-bitDual-core, 1840 MHz, Twister, 64-bit
Graphics processorAdreno 418PowerVR GT7600
System memory3072 MB RAM2048 MB RAM
Built-in storage32 GB64 GB
Maximum User Storage

Storage expansionmicroSD, microSDHC, microSDXC up to 2000 GB
BATTERY
Talk time
14.00 hours
Stand-by time
10.0 days (240 hours)
Capacity3410 mAh1715 mAh
Not user replaceableYesYes
Wireless chargingBuilt-in (Qi, Powermat)
MULTIMEDIA
Music player
   Filter byAlbum, Artist, Genre, PlaylistsAlbum, Artist, Genre, Playlists
   FeaturesAlbum art cover, Background playbackAlbum art cover, Background playback
SpeakersEarpiece, LoudspeakerEarpiece, Loudspeaker
YouTube playerYesYes
INTERNET BROWSING
Built-in online services supportYouTube (upload), Picasa/Google+YouTube (upload), Picasa/Google+
TECHNOLOGY
CDMA

GSM850, 900, 1800, 1900 MHz850, 900, 1800, 1900 MHz
UMTS800, 850, 900, 1700/2100, 1900, 2100 MHz850, 900, 1700/2100, 1900, 2100 MHz
FDD LTE700 (band 12), 700 (band 17), 700 (band 29), 800 (band 20), 850 (band 5), 1700/2100 (band 4), 1800 (band 3), 1900 (band 2), 2100 (band 1), 2300 WCS (band 30), 2600 (band 7) MHzBands 1, 2, 3, 4, 5, 7, 8, 12, 13, 17, 18, 19, 20, 25, 26, 28, 29
DataLTE-A, HSPA (unspecified), HSUPALTE-A Cat 6 (300/50 Mbit/s), HSPA, HSUPA
micro-SIM

nano-SIMYesYes
PositioningGPS, A-GPGPS, A-GPS
NavigationTurn-by-turn navigation, Voice navigationTurn-by-turn navigation, Voice navigation
CONNECTIVITY
Bluetooth4.14.2
Wi-Fi802.11 a, b, g, n, n 5GHz, ac802.11 a, b, g, n, n 5GHz, ac
   Mobile hotspotYesYes
USBUSB 2.0Yes
   ConnectormicroUSBProprietary
   FeaturesUSB chargingUSB charging
HDMI

OtherNFC, Tethering, Computer sync, OTA syncNFC, Tethering, Computer sync, OTA sync
OTHER FEATURES
NotificationsService lights, Haptic feedback, Music ringtones (MP3), Polyphonic ringtones, Vibration, Flight mode, Silent mode, SpeakerphoneService lights, Haptic feedback, Music ringtones (MP3), Polyphonic ringtones, Vibration, Flight mode, Silent mode, Speakerphone
SensorsAccelerometer, Gyroscope, CompassAccelerometer, Compass, Gesture
Hearing aid compatibilityM3, T4M3, T4
OtherVoice dialing, Voice commands, Voice recordingVoice dialing, Voice commands, Voice recording
AVAILABILITY
Officially announced25 Sep 201509 Sep 2015
FCC Approval22 Oct 201509 Sep 2015
Source: phoneArena.com

While my BlackBerry PRIV supported Android Pay my bank didn't support my debit card on Android Pay. Apple Pay is supported and works great.

As I mentioned before I struggled to get my photos off the iPhone. What I'm doing this time is letting Google Photos back up the photos. Google Photos actually seems to upload sooner on iOS than on Android. I can't explain that.

I use Air Transfer to download the photos to my PC from the Camera Roll then delete them from the Camera Roll. More on Air Transfer in a future post.

Given that Google is fumbling their messaging solutions I had already separated my carrier's SMS messages from my Google Voice text messages. I still can't set a custom notification tone for Google Hangouts.

GasBuddy updated their Android app and made it less friendly than on iOS. No loss there.

Google has ported their keyboard to iOS so that's familiar. Apple still is insistent on not using an alternative keyboard for password or lock screen widgets but it's better than the Swype problems I had before.

I found Call Friends to create direct dial icons  This works fine. If you hit the limit of 2 free icons just uninstall and reinstall.

The iPhone 6s' Touch ID works much better than the iPhone 6's.

In the above chart, notice in Camcorder Features the iPhone has Digital Image Stabilization. Here's an example of that.


As I related my iOS experiences with a friend who is making the same journey I shared with him my boss' statement:
iPhone users just don't understand what they're missing.
My friend laughed and said "Yes I do!"

Sunday, June 04, 2017

Microsoft's Resilient File System

As I mentioned in this post when I built "The Trump" I used Windows Storage Spaces to create a mirrored data drive.

For the Storage Spaces I used Microsoft's Resilient File System (ReFS).

ReFS was relatively new to the consumer space as I had problems even finding a backup solution.

Recently though Winaero had an article on ReFS.

I don't understand some of the statements in this article, e.g. "ReFS is intended for file servers only. In Windows 10, it is in fact locked for server OS only." I'm using ReFS just fine on Windows 10 Pro 1607.

Regardless of the details, the Winaero article lays out the advantages of ReFS better than I'd seen before. These details came from Microsoft.
  • Integrity. ReFS stores data in a way that protects it from many of the common errors that can normally cause data loss. When ReFS is used in conjunction with a mirror space or a parity space, detected corruption—both metadata and user data, when integrity streams are enabled—can be automatically repaired using the alternate copy provided by Storage Spaces. In addition, there are Windows PowerShell cmdlets (Get-FileIntegrity and Set-FileIntegrity) that you can use to manage the integrity and disk scrubbing policies.
  • Availability. ReFS prioritizes the availability of data. Historically, file systems were often susceptible to data corruption that would require the system to be taken offline for repair. With ReFS, if corruption occurs, the repair process is both localized to the area of corruption and performed online, requiring no volume downtime. Although rare, if a volume does become corrupted or you choose not to use it with a mirror space or a parity space, ReFS implements salvage, a feature that removes the corrupt data from the namespace on a live volume and ensures that good data is not adversely affected by nonrepairable corrupt data. Because ReFS performs all repair operations online, it does not have an offline chkdsk command.
  • Scalability. As the amount and size of data that is stored on computers continues to rapidly increase, ReFS is designed to work well with extremely large data sets—petabytes and larger—without performance impact. ReFS is not only designed to support volume sizes of 2^64 bytes (allowed by Windows stack addresses), but ReFS is also designed to support even larger volume sizes of up to 2^78 bytes using 16 KB cluster sizes. This format also supports 2^64-1 byte file sizes, 2^64 files in a directory, and the same number of directories in a volume.
  • Proactive Error Correction. The integrity capabilities of ReFS are leveraged by a data integrity scanner, which is also known as a scrubber. The integrity scanner periodically scans the volume, identifying latent corruptions and proactively triggering a repair of that corrupt data.
Try it. You'll like it.

Sunday, May 28, 2017

Laser Parking

Recently we traded cars. I got to playing around with the parking position in the garage and found that if I parked the Pilot just right I could open the liftgate with the garage door closed. That seemed like a good plan. The challenge was how to park in the right place every time.

I found Park Right Garage Laser Park with dual lasers on Amazon.


I mounted it high on the wall ...


... and pointed each laser to a car. It have the target on the crown of the instrument panel in front of the driver.


Works like a charm.

Sunday, May 21, 2017

Traffic Signal Preemption

Every now and then my propeller beanie comes out.


Here I go again.

Now I knew that emergency vehicles have a way to make traffic lights change to allow them to traverse managed intersections but I really never had seen it happen.

Then I did.


That is called line of sight traffic signal preemption.

Watch that video in HD. Slow it down to 1/4 speed. The preemption light is the bright white light above and to the right of the middle signal light. It comes on just before 4 seconds in. At that time, the signal begins cycling the cross traffic to orange and then red. At about 10 seconds the signal turns green for the ambulance.

Isn't that cool?

Sunday, May 14, 2017

Windows 10 MBR2GPT

Windows 10 keeps giving me pleasant surprises, e.g. this post.

The Windows 10 Version 1703 (Creators Update) has another feature that would have saved me DAYS.

Back in early 2015 I needed to migrate my Drobo from a MBR (Master Boot Record) volume to a GPT (GUID Partition Table) volume to allow me to expand the Drobo beyond 2TB,

I got this done by configuring a second Drobo to GPT and copying all the data from the MBR volume to the GPT volume. That took a couple of DAYS.

The Creators Update includes a includes a new tool, mbr2gpt, which converts an MBR volume to a GPT volume WITHOUT modifying or deleting data on the disk.

Winaero has an article with the complete instructions. It's not trivial but it's easier that what I did.

Sunday, May 07, 2017

Nougat

I've been using CyanogenMod for years on a variety of phones. I've always had good luck with it. When Google announced that the Nexus 5 wasn't going to be updated to Nougat I decided to do it on my own.

I did my research and decided to do the upgrade between Christmas and New Years.

Then I saw this on 12/24/16: Cyanogen is shutting down all services and nightly builds on December 31st

Bummer.

But then I saw this on 12/28/16: CyanogenMod Is Dead, and Its Successor is Lineage OS

It was going to take Lineage a while to get up to speed but the CyanogenMod blood line was going to survive.

I had time over the holidays so I went ahead and flashed the final nightly of CyanogenMod Nougat. It worked fine.

As I had done previously I had to unlock the bootloader, flash TWRP using Fastboot, flash the CyanogenMod ROM and then the nano OpenGApps. I'm getting pretty comfortable with this.

By mid-January LineageOS had a nightly for the Nexus 5.

To migrate from CyanogenMod to LineageOS (LOS) I had to flash an "experimental" version of LOS and then the signed LOS ROM.

Just as with CyanogenMod this all went well.

The great folks at LineageOS are cranking out "nightlies" for the Nexus 5 every week. There isn't yet an "official" ROM for the Nexus 5 but the "nightlies" have been rock solid.

They have even gotten SafetyNet to run cleanly.


This means that Android Pay works fine.

The Over The Air (OTA) updates to LineageOS have started working and I've OTA updated each week.

Battery life seems generally unchanged from the OEM Marshmallow. I swapped from the PRIV to the Nexus 5 for a week or so but went back when I felt like the camera was much poorer than the PRIV.

Sunday, April 30, 2017

Google Saying Nice Things about Windows Defender

In a previous post I said:
Recently I heard a discussion that recommended Windows Defender over third party alternatives since Windows Defender didn't add any new attack surfaces to Windows, e.g. Symantec.
Now even Google engineers are promoting Windows Defender for similar reasons:
Browser makers don't complain about Microsoft Defender because we have tons of empirical data showing that it's the only well behaved AV. https://t.co/ClGwEWCoWu
Google engineer, Justin Schuh
And it's free.

And it's fast.

And it's quiet.

You could do worse.

For an alternative view, read this.


Sunday, April 23, 2017

Punycode

Wordfence is a security service for WordPress sites. I heard Leo Laporte talk about a recent post Wordfence had demonstrating a potential phishing technique.

To demonstrate this Wordfence created web site using an technique known as Punycode to encode the URL.

Here is a link to their demonstration site. Look closely at the address bar when you get there.

     https://www.ะตั€ั–ั.com/

Here is a link to the real site. Look closely at the address bar when you get there.

     https://www.epic.com

Can you tell the difference?

So you think you're a real geek and you always right click on a link and select "Copy link address" and then paste it into Notepad to see what the link REALLY links to. Knock yourself out. Try it.

Now is a good time to start worrying.

The only way to discern the difference in the URL is to actually browse to the demonstration site. Then highlight the URL and copy it. Now paste it into Notepad.

     https://www.xn--e1awd7f.com

That "xn--" is the Punycode.

I hope you noticed that the demonstration site also showed the padlock in the address bar. You can thank LetsEncrypt for that.

There's a workaround in Wordfence's post for Firefox and reportedly a fix in version 59 of Chrome.

In the meantime, do you think this would fool your mother?



Sunday, April 16, 2017

Shadow Breakers

There have been several leaks of supposed NSA hacks recently. Generally they have been older vulnerabilities and minimal impact.

Microsoft responded with a blog post.
Our engineers have investigated the disclosed exploits, and most of the exploits are already patched.
However there's somewhat of a back story.

You'll remember that Microsoft mysteriously pulled their February updates with no explanation.

Then in March Microsoft fixed several flaws with no attribution. You have to back into this discovery by matching this with this.

This Engadget article speculates on how/why this happened. There's more speculation from Quartz here.

Whatever happened the result is that Microsoft did a good job of protecting their current platforms from the 0-day vulnerabilities. The same can't be said for the NSA.

Sunday, April 09, 2017

iOS 10.3.Whatever

tl;dr Install iOS 10.3.1 now

On March 27, 2017 Apple released iOS 10.3 with little fanfare. Here are their release notes:
iOS 10.3
iOS 10.3 introduces new features including the ability to locate AirPods using Find my iPhone and more ways to use Siri with payment, ride booking and automaker apps.

Find My iPhone
  • View the current or last known location of your AirPods
  • Play a sound on one or both AirPods to help you find them

Siri
  • Support for paying and checking status of bills with payment apps
  • Support for scheduling with ride booking apps
  • Support for checking car fuel level, lock status, turning on lights and activating horn with automaker apps
  • Cricket sports scores and statistics for Indian Premier League and International Cricket Council

CarPlay
  • Shortcuts in the status bar for easy access to last used apps
  • Apple Music Now Playing screen gives access to Up Next and the currently playing song’s album
  • Daily curated playlists and new music categories in Apple Music

Other improvements and fixes
  • Rent once and watch your iTunes movies across your devices
  • New Settings unified view for your Apple ID account information, settings and devices
  • Hourly weather in Maps using 3D Touch on the displayed current temperature
  • Support for searching “parked car" in Maps
  • Calendar adds the ability to delete an unwanted invite and report it as junk
  • Home app support to trigger scenes using accessories with switches and buttons
  • Home app support for accessory battery level status
  • Podcasts support for 3D Touch and Today widget to access recently updated shows
  • Podcast shows or episodes are shareable to Messages with full playback support
  • Fixes an issue that could prevent Maps from displaying your current location after resetting Location & Privacy
  • VoiceOver stability improvements for Phone, Safari and Mail

Weren't we all waiting for improvements in "Cricket sports scores?"

Well, there were a few more things in iOS 10.3. Good things. Things worth talking about. Things worth shouting from the roof tops about. But Apple didn't mention them in the release notice.

MacRumors noted:
iOS 10.3 introduces a new Apple File System (APFS), which is installed when an iOS device is updated. APFS is optimized for flash/SSD storage and includes improved support for encryption. Other features include snapshots for freezing the state of a file system (better for backups), space sharing, and better space efficiency, all of which should result in a more stable platform. Customers updating to iOS 10.3 should first make a backup given that the update installs a new file system.
More on the storage savings from APFS later...

In a separate document from the release notice Apple casually mentioned a few security updates. Specifically it documents 89 CVEs (Common Vulnerabilities and Exposures).

You'd think Apple would tout that.

Maybe there was a reason they didn't though.

On April 3, 2017 Apple released iOS 10.3.1 with ONE security fix.
Wi-Fi
Available for: iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later
Impact: An attacker within range may be able to execute arbitrary code on the Wi-Fi chip
Description: A stack buffer overflow was addressed through improved input validation.
CVE-2017-6975: Gal Beniamini of Google Project Zero
Read that again. Especially this part:
Impact: An attacker within range may be able to execute arbitrary code on the Wi-Fi chip
This is NASTY. The Register has a good summary. This is a problem in Broadcom's Wi-Fi stack which is used by iPhones after the iPhone 4 and in newer iPods and iPads and some Android phones including Google's Nexus 5, 6 and 6P, most Samsung flagship devices.

The good news is that Apple's ecosystem is able to respond very quickly to vulnerabilities such as this. The bad news is that Android can't.

On a related topic, the implementation of new Apple File System (APFS) that comes with the installation of iOS 10.3.Whatever yields significant savings in storage.

On my 16GB iPad Air, my available storage increased more than 1GB. It took about half an hour to install.