Sunday, July 14, 2019

Amazon Echo Show 5

I've been searching for a modern replacement for my wife's clock radio. It is a Timex and is so old that the programming for the dates for Daylight Saving Time are wrong!

Her requirements are fairly simple. Tell the time. Play the radio.

I had tried an Amazon Echo Spot. Close but no cigar.

Recently Amazon announced the Amazon Echo Show 5. That seemed worth trying.

She's comfortable with that.

radio.com almost made it a no go. She listens to FM 100. radio.com recently moved all its streaming to its own web service. Amazon has not (yet) included radio.com in its streaming providers supported by Echo routines.

What this means is that you can't create an Echo routine to start playing FM 100. You have to speak a command to the Echo to play FM 100. Worse yet, radio.com apparently has more than one FM 100.

To get the Echo to play FM 100 you have to say "Alexa, play FM 100 Memphis." And with our deep Southern accent, the Echo sometimes confuses "Memphis" with "minutes."

I created a routine to walk her through that.


We still struggle with the command syntax. As an example it would seem that if you start playing FM 100 by saying "Alexa, play FM 100 Memphis" that to stop it you would say "Alexa, stop playing FM 100 Memphis."

Nope. You have to say "Alexa, stop."

We're learning.

Here's a good review on the Amazon Echo Show 5.

Sunday, July 07, 2019

Android Q Beta 4

Somebody's gotta test this stuff. Might as well be me.

My Essential PH-1 has gotten a little banged up. I don't use a case and it shows. 2 corners are scratched up and there's a little crack of the screen on one of those corners.

I still love the PH-1 so I shopped for a replacement. I found one on swappa.com and got it.

As long as I'm going to reload everything why not just put a beta operating system on it? What could go wrong?


Pretty much nothing.

I haven't found much different in Android Q. The biggest change I've seen is the gesture navigation. This is a lot like the iPhone X's interface. Swipe up from the bottom to go home. Swipe in from the left or right to go back.

But...

Swiping in from the left is normally how you activate the "hamburger" menu. So I just don't do that.

Alternatively you can go back by swiping in from the right. That doesn't activate the "hamburger" menu but you have to be very deliberate to avoid the active app from sending a swipe on a menu item, e.g. delete a podcast in Pocket Casts.

The other gesture I've struggled with is to get the app list. The story is that you swipe up from the bottom part of the way and then stop. The app list will slide in from the left.

That has been difficult to execute dependably. Maybe Google will change that before the final release of Android Q.

Sunday, June 30, 2019

Windows 10 1903 Network Icon

More head-shaking here. After the discussion on Windows 10 1903 Explorer Icon, I've come across another one.

Do you remember the color-coded network icons? They had red Xs or yellow !s indicating problems with network connectivity.


In 1903 these have been replaced with a single icon that doesn't have the highlighting colors.


From Howtoconnect:
New disconnected network icon on Windows 10 taskbar
Windows 10 1903 will replace the disconnected network icon on Windows 10 taskbar. Not connected icon will appear for all types of networks whether it is WiFi, Cellular, or Ethernet. This new visual should help you quickly recognize network problems so that you can take action to resolve them. You used to see either a red cross or yellow exclamation mark for the same till Windows 10 version 1809.
Seems like a step backward to me.

Sunday, June 23, 2019

Windows 10 1903 ThinkPad Monitor Driver

I'm a HUGE ThinkPad fan. When I updated my X250 to Windows 10 1903 one of the few problems I had was that when the screen would turn off after not using the laptop, it wouldn't turn back on when you began using the laptop again.

You could tell that the laptop was working. The power light was on, Sometimes you could hear the fan running. It would even beep if you (blindly) clicked on something wrong.

Thankfully I have the Power button set to hibernate when pressed. I could hibernate and then resume and the display would come back on.

Still pretty irritating.

I had gone to the Device Manager and checked the driver for the display adapter. It was current with Lenovo's guidance.

Then while still in the Device Manager I checked the driver for the monitor. It was back-level and "Update driver" loaded a new one from Lenovo.


Seems to be fixed.

While on this quest I came across this workaround:
Solution 5 - Use a keyboard shortcut to restart the graphics driver
Now, this isn’t a solution but might act as a proper workaround until you resolve the issue completely. Maybe with one of the provided solutions or some of the future Windows updates address this. Either way, there’s a black screen and you can’t do a thing besides physically powering off your PC and starting it again. However, there’s a once keyword combination which will, when utilized, restart the graphics driver and the screen might just turn on.
This helped some HP users who were plagued by the same issue. The combination you should try out is Windows key + Ctrl + Shift + B. It’ll automatically restart the graphics driver and the screen should turn on from the Sleep mode.

Sunday, June 16, 2019

Windows 10 1903 Explorer Icon

Sometimes you just have to shake your head.

With all the opportunities/problems in Windows here's an excerpt from Microsoft's post on Windows 10 1903.


Yes, Microsoft spent time updating the icon for File Explorer. If you can't tell the difference, I've included bigger images below.

Before

After

SMH

Sunday, June 09, 2019

Windows 10 1903 Explorer Windows

Recent versions of Windows 10 have had a new capability buried deep in an options menu. This capability was to launch folder windows in a separate process.

So what does that mean to you? Have you ever had an Explorer window stop responding, e.g. a network link that has gone offline.

Sure you could right click on the taskbar icon and select "Close window".

If you've ever done that you immediately regretted it.

That caused the entire Windows desktop and taskbar to restart and everything gets jumbled up.

With the new capability, each instance of Explorer has its own process. So if you force it closed the scope is just that instance. Your desktop and taskbar are undisturbed.

Some articles about Windows 10 1903 say that this is now the default. I didn't find that true on my laptop which I upgraded in place.

To check the status open an Explorer window. Select View then Options.



In the new dialog choose View. Scroll down to "Launch folder windows in a separate process" and check it.


Click on "Apply" and you're done.

Sunday, June 02, 2019

Windows 10 1903 Tamper Protection

If you're running Windows 10 Pro (and you should be) after you upgrade to Windows 10 May 2019 (Version 1903) you'll have a neat new feature that I haven't seen discussed anywhere.

Windows 10 1903 introduces Tamper Protection. Microsoft's support article is here.


Tamper Protection helps prevent malicious apps from changing important Windows Defender Antivirus settings.

Microsoft's page says "Tamper Protection is turned on by default." I didn't find that true.

To turn it on follow these steps:
  1. In the search box on the taskbar, type "Windows Security" and then select Windows Security in the list of results.
  2. In Windows Security, select "Virus & threat protection" and then under Virus & threat protection settings, select "Manage settings".
  3. Change the Tamper Protection setting to "On".
Enjoy.

Sunday, May 26, 2019

Windows 10 1903

Windows 10 May 2019 (Version 1903) was released on 05/21/19.

It will eventually get pushed to all Windows 10 users but if you want it early Microsoft's Update Assistant and Media Creation Tool are both available here.

Windows 10 1903 still has problems with removable drives, i.e. USB drives, so you should use the Update Assistant.


Before you start the install take a backup.

Then turn off Controlled Folder Access. I still don't understand why Microsoft doesn't whitelist their own applications.

If you're running Windows 10 Pro, the next thing to do is go to Settings / Windows Update / Advanced options. In the "Choose when updates are installed" section, reset all the days to 0. DON'T SKIP THIS STEP.


The upgrade should run about an hour.


When you're done, turn Controlled Folder Access back on. If you're on Windows 10 Pro, reset the days in "Choose when updates are installed".

So what's new in Windows 10 1903? Read these articles from Lifehacker and Thurrott.

And stay tuned to this blog because there's lots that they didn't cover.

Update: If you don't see 1903 at Microsoft's update page, try this link. Be aware that there might be a reason that it's not offered to you.

One of those reasons could be the following:


Yeah, I upgraded anyway and I've seen the problem.

Sunday, May 19, 2019

Amazon Fire HD 8

I know that Android tablets aren't really a thing but I use one every day. I've been through 2 Nexus 7s. My first was a Nexus 7 2012 and then a Nexus 7 2013.

I liked the size of the 2012 but it was soooo slow, even after I upgraded it to Nougat. It stays in my car now.

The 2013 was fast enough but the battery has just played out. It will indicate 100% battery available and then just cut off.

Then I came across an Amazon Fire HD 8 (2017) without special offers for $50. I didn't know much about Fire tablets but for $50 it was worth playing with.
Maybe...

The Amazon Fire HD 8 (2017) is a favorite with hackers. There are instructions on how to install the Google Play Store on it. That was easy.

But then Google Contacts didn't work. There's a fix for that.

And the Amazon launcher was odd. There's a fix for that.

But...

The launcher "fix" is still flaky. Amazon blacklisted the apk and it quit working. The creator rebuilt it with a different name. That's working for now.

Kinda...

Recently Amazon pushed an OS update. Suddenly the navigation buttons and the notification bar disappeared. You could navigate to an app but couldn't get out of it. Reboot and you still didn't get the navigation buttons and notification bar.

I suspected the launcher "fix" app. So after a hard reboot I uninstalled it and rebooted. That took me back to the Amazon launcher and the navigation buttons and notification bar were back.

Then the rest of the OS update kicked in. Afterwards I reinstalled the launcher "fix" and it worked this time.

That's pretty much the story of the Amazon Fire HD. It always seems to need something fixed.

That would be tolerable if it was blazingly fast but it's not.

It only has 1.5 GB of RAM so apps are constantly restarting. The launcher "fix" works by letting the Amazon launcher run then running the alternate launcher so you get a noticeable flash every time you press the Home button.

I'm just not sure.

Sunday, May 12, 2019

AT&T Does It Again

On May 3, 2019 at 5:15AM I was at the Memphis Airport. My daughter took a picture on her iPhone XS and added it to a long running iMessage thread (using MMS, not iMessage service, i.e. green bubbles).

I didn't get the text. That began a problematic weekend of missing some texts from that thread and, actually, any MMS thread. Sometimes I would get the message. Sometimes not. Sometimes I would get one of several pictures in a message. Sometimes none.

I spoke to a relatively knowledgeable rep at AT&T. He gave me the standard, and probably usually correct, advice of deleting that thread on an iPhone and rebuilding it. That wasn't going to happen. That thread has YEARS of pictures in it.

That was the response I got from Apple several years ago when I couldn't get my number disassociated from iMessage. Eventually something happened at Apple and I started getting messages.

So I was just going to ride it out and hope it fixed itself.

Then during the day on Monday, I got a notification from Essential that the May 2019 update was available. I went to the reddit subreddit to see the comments. Everything seemed good so I planned to apply it that evening.

While I perused that subreddit I came across this thread.


Turns out I wasn't the only one having this problem and it wasn't specific to Essential phones. Here and here are threads on the AT&T forums.

I applied the workaround suggested and all is well.

Obviously this was something that AT&T did in their network, apparently with no regard for non-iPhone users.

This reminded me of the situation back in August 2016. We were in Bar Harbor and Campobello Island and there were plenty of places that didn't have any AT&T coverage. Every time I would enter one of those areas, my BlackBerry PRIV would lose cellular connectivity and then not reconnect until I rebooted. Similar to this week's issue, there was a workaround to change the cellular connection.

BlackBerry finally pushed out a fix for it but AT&T never owned up to what they did.

Then in September 2016 Apple announced the iPhone 7 with an Intel modem.

BINGO!

I suspect that the iPhone 11 is going to only have a Qualcomm modem. Although iPhones have had Qualcomm modems before, since the iPhone 7 Apple has deliberately slowed the Qualcomm modem to be the same speed as the Intel modem.

I'm wondering if since Intel is pulling out of the cellular modem market that Apple is going to let the Qualcomm modem run at native speed in the iPhone 11. And if this is causing AT&T to adjust their network accordingly.

We'll find out in September.

Sunday, May 05, 2019

R.I.P. Dropbox

I have a long and varied history of file sharing tools. I've used FolderShareAllway SyncLive Mesh, and most recently Dropbox.

The Dropbox ride was a good one. I used referrals and got over 20GB of Dropbox space. I shared folders with my daughter and my mother. I even put my laptop's Desktop folder into Dropbox.

Then on March 1, 2019, without forewarning, Dropbox limited the number of devices for basic (free) users to 3. There was an uproar but Dropbox hasn't blinked.


I have over 20 devices linked. Most of these are obsolete entries but 1) 3 is way too few, and 2) reconciling the active vs. inactive devices is a big task. To relieve this restriction Dropbox wants you to upgrade to Dropbox Plus for $10 per month. Not gonna happen.

So I'm outta here.

I looked around at Box and OneDrive. Due to the kindness of a co-worker I have a free 50GB Box account. With OneDrive I exercised several promotions and have 40GB.

Given my experiences with a number of Microsoft syncing offerings I was reluctant to look at OneDrive.

But Box still requires a client on each device. And OneDrive's client is just built into Windows.

So I'm taking a run at OneDrive. I'm moving slowly though. As I touch a file/folder in Dropbox I'm moving that to OneDrive.

So far, so good.

Sunday, April 28, 2019

Primary, Secondary, Tertiary

I've been following the situation with Boeing's 737 MAX airliners. I came across an article (archive.is / image) on USA Today that was a pretty good summary.

In that article they mentioned that Boeing's 777 airliner's flight computers were not only triple redundant but from different manufacturers.
For the 777, Boeing's twin-aisle intercontinental jet, engineers created triple redundancy for its computers, hydraulics, communications and electrical power. Perhaps the best illustration of the lengths the company was willing to go on backups was found in the plane's primary flight computer. It was built with three microprocessors instead of one, and each came from a different manufacturer: Intel, AMD and Motorola, according to an account by a Boeing engineer.
I like their thinking. One of our clients was doing a backup solution consisting of external USB drives that he was going to alternate weekly and take home. For his needs that was good but I encouraged him to buy two different brands of external USB drives. Just in case.

This reminded me of an old post of mine on redundancy.
At FedEx we learned to have primary, secondary, and tertiary plans. When loading an airplane 1) run weights and balances, 2) put ballast in the front of the plane, and 3) tie the nose wheel to the ground. And always have a backup plane, e.g. "Plan Z."

And an older post on "Belt, suspenders, and raincoat."

I've been known to carry an umbrella as well.

Sunday, April 21, 2019

Wyze Cam

I'm not big into surveillance cameras but a while back I thought I had deer playing in my back yard. I wanted to capture them jumping the fence.

I came across the Wyze Cam. It is a cube about 2" on each side. It takes 1080p video and automatically records a 10-15 second video when it detects motion or sound. These are encrypted and uploaded to Amazon AWS where they are available for 14 days with no subscription plan required. These snippets are also stored on the microSD card if available and the last 32GB are retained. That's a lot of 15 second videos.

.
While the Wyze Cam is intended for indoor usage, it is pretty tolerable of outdoors. I have mine on a screened in porch.

Watch the cat walk around!


Notice how it highlights motion.

It has infrared LEDs so you get black and white video at night. Initially I placed mine on the porch table near the screen. The infrared LEDs produced a glare from the screen so I taped over them. I still got good video with the ambient lighting. I could have just turned them off with the app.

It connects to your Wi-Fi and there are apps for Android and iOS. It will connect to Amazon's Echo if you have one with a screen.

You can set it to send you an e-mail when it detects an event, motion and/or sound. I haven't used that.

It comes with a variety of mounting bases but I have mine just sitting on a table.

Its power is USB and it comes with an AC adapter. I've thought about putting it away from the house and running it off of a battery pack.

The Wyze Cam costs $39 with shipping and a 32GB microSD it needs card to allow local recording. If you have a spare microSD card laying around you can get the camera and shipping only for $26.

There's even an open source project to let you connect the Wyze Cam to an existing security system. And of course there's a subreddit.

Here's some screenshots from the Android app.


The intruder in my back yard wasn't a deer but a raccoon.

Sunday, April 14, 2019

Outage Communication

This post isn't bashing cloud providers, although that's an easy target.

What this is about is to give some examples of outage communication from various providers. And yes, Google and Facebook are in different sectors but the wide differences in their outage communications are still interesting.

On March 12, 2019, Google suffered an outage that impacted Gmail and a variety of their services that depended on their file system. Over the next several hours they posted 3 updates on their G Suite Status Dashboard. The first noted that they were having an outage. The second update was posted in under 2 hours and stated that they were continuing to investigate. It also enumerated the services that were impacted. The final update was 2 and 1/2 hours later and said that the issue was resolved.


But Google didn't stop there. 2 days later they posted a thorough postmortem (archive.is) that identified a root cause and remediation and prevention.

That's the way to communicate.

On March 13, 2019 Facebook had a 14-hour outage which took down the Facebook social media service, its Messenger and WhatsApp apps, Instagram, and Oculus.

Here's Facebook's communication on that outage.


Yes, that's it.

Which of these would you prefer from your services provider? Ask about that before you sign a contract and consider putting a requirement for communication and follow-up in the contract.


Sunday, April 07, 2019

Just Don't Play Facebook Games

If you're my friend on Facebook, please don't play games on Facebook. When you do, you authorize Facebook to share your profile information with the game company. This often includes details such as the Facebook user ID, a list of Facebook friends (that's where I come in), likes, photos, groups, checkins, and user preferences like movies, music, books, interests, and other.

Once the game company has your data (and mine) Facebook has no control over what the game company does with it or who it shares it with.

Oh, I'm sure they have policies about what can be done with the data but there really is no way to enforce it.

As an example, the company that operated the "At the Pool" Facebook game, left all their Facebook user profiles, etc, on a publicly accessible Amazon Web Services (AWS) server for anybody to access.

Here's an excerpt from an article on ZDNet on this Facebook data leakage:
[T]he company has lost control over its most important asset - its users' data - which is now leaking left and right from all the no-name companies and mom-and-pop developer firms who've collected it over the past few years.

Sunday, March 31, 2019

Global Entry Follow-Up

We've been using Global Entry for a couple of years and I wanted to share how it works at various ports of entry.


Dublin

When we departed from Dublin, Customs and Border Protection (CBP) did the U.S. entry processing in Dublin.

First we checked our bags with the airline. Then we went to the Global Entry kiosks. We placed our passport on the reader, smiled for the camera, put our hand on the sensor and answered a few questions. They showed us pictures of our bags and we had to acknowledge that they were ours. We took the receipt that the kiosk printed and headed for the exit. We waved the receipt politely to the Immigration agents and kept going. We didn't see a Customs agent. Then we went to Starbucks and waited on the rest of our party.

Chicago

When we returned from Quebec through Chicago, the CBP did the U.S. entry processing in Chicago.

On the flight into Chicago, when the flight attendant passed out Form 6059B we didn't have to complete it. Then when we deplaned and went to the Immigration area (huge and packed), we went to the Global Entry kiosks. They were marked with bright yellow signs at the far end of the hall. Again we placed our passport on the reader, smiled for the camera, put our hand on the sensor and answered a few questions. The kiosk printed a receipt. We waved the receipt politely to the Immigration agents and kept going to baggage claim. We took our bags and found the Global Entry Customs agent. He was the one without a line. He waved us through and we were done in 5 minutes.

Nassau

Then there was Nassau. Somewhat similar to Dublin, the CBP did the U.S. entry processing in Nassau.

First we checked our bags with the airline. Then we went to the Global Entry kiosks. We placed our passport on the reader, smiled for the camera, put our hand on the sensor and answered a few questions. The kiosk printed a receipt. But then we had to queue up for an CBP agent. They asked for our passports and the receipts from the kiosk. The agent showed us pictures of our bags and we had to acknowledge that they were ours. They asked us a lot of the same questions that we had answered on the kiosk. I couldn't really tell much of a difference in processing us as Global Entry travelers from non-Global Entry travelers.

Campobello Island

We used the Global Entry Cards for our land entry and exit to and from Canada at Campobello Island. They worked just like a passport.

In summary, I still feel that Global Entry is worthwhile even for a casual international traveler. Obviously (and surprisingly) the benefit and process varies significantly by location.

Sunday, March 24, 2019

remove.bg


Every now and then I take a "great" photo of my family but the background is distracting. I've worked hours with editing programs to select the background and then paint it out. Often it works okay but takes a lot of effort.

Then I came across remove.bg. Here's how they describe themselves:
Remove.bg is a free service to remove the background of any photo. It works 100% automatically: You don't have to manually select the background/foreground layers to separate them - just select your image and instantly download the result image with the background removed! ...it only works if there is at least one person in the image.
Here's a before and after:



But wait, there's more.

After you have removed the background, you can replace it with another photo.


Wow!

Sunday, March 17, 2019

Facebook Tracking - Part 2

Go read this first.

Now go try this. Login to Facebook. You can even try my sandbox technique if you like.

Logout.


Leave that alone and go away for a while. Wait until you should have gotten some kind of Facebook notification.

Now go back to the tab where you were logged out.


You just thought you were logged out. Facebook was still tracking you and even updated your profile picture to show the number of notifications you've gotten while you thought you were logged out.

Evil.

Sunday, March 10, 2019

Facebook Tracking

I realize there's lots of noise on the Internet about Facebook tracking you but I just wanted to show you what it really looks like.

I've posted before about how I try to sandbox Facebook. I'm not naive enough to think that's bulletproof but at least I'm trying.

Similarly, I NEVER click on a link in Facebook. As I suggested in the previous post, I right click and copy the link. Then I go over to another tab and paste the link.Then I go and delete all the characters starting with "?fbclid=".

Here's a recent example:
https://l.facebook.com/l.php?u=https%3A%2F%2Fgoo.gl%2FHoh4V9%3Ffbclid%3DIwAR1yCKf6gTjPq_YDl4Y-J37BZ7TIJZGXMvZvH8T9_Zn6OQf_gN0HMHp4kRM&h=AT1dP9OuIl5M0f_qB4pUFO3gx7feNV6B1whGiQYsb2QXb98_FfInyZf_H1u2BzGd15g61SR90EDeuHuljeRyLvmk6JyH_B4eVfEN30qN6ZO8d7o_uAZUyKqX4vqHE775UyKArv4Js_gcGEkBTU1p8gL84__GHE6Zv9zjA885LeHRoXSHCjvZ2SsPPRbmEjuWgkLFhmv_RNxkIW2iCoVIXjq_91x3aGNuRg5Cv26oCgHk0Jx6VYgFpGuhVWAhu22pYgHzvqFEej0iyjbvdJx3qNDxBXU9c57ggOrLcYf5rBp9zaW-RP5rxpZcmnC6RS5SRNbsVhCs1fjhGyI2ZVYfZJnR_WgeT_VgzuatreZLYzKMv9s2gajAttWgnM79qg28QFnADkQYaExt5CA1MotGiR1jCjgQP9nL1ImgQ3zTmNrlojfuzfHMzY9y7SExcHk8bMqvOU7KML1p--ds09Dbfi482AudxWzehwUdEYMUTWhQANMlLIDWBFbEzgeTyZqDD5HblobEqjYorDFd7aawWeIQhiQPIzWFarWKxXJrILwR6g4vhkP2WR_vpQ5P40IIxYmWF5zFrKdwcJpi4OaP4jkoErnnqUaeZrg4EOpho3tTJzu3Jb0xOzsX76SmgyCmMhym9o7bnKF5z7NIw2HLMIGHljlH
This URL is even encoded that further obfuscates what it's doing. I use a URL Decoder/Encoder to make it somewhat readable.
https://l.facebook.com/l.php?u=https://goo.gl/Hoh4V9?fbclid=IwAR1yCKf6gTjPq_YDl4Y-J37BZ7TIJZGXMvZvH8T9_Zn6OQf_gN0HMHp4kRM&h=AT1dP9OuIl5M0f_qB4pUFO3gx7feNV6B1whGiQYsb2QXb98_FfInyZf_H1u2BzGd15g61SR90EDeuHuljeRyLvmk6JyH_B4eVfEN30qN6ZO8d7o_uAZUyKqX4vqHE775UyKArv4Js_gcGEkBTU1p8gL84__GHE6Zv9zjA885LeHRoXSHCjvZ2SsPPRbmEjuWgkLFhmv_RNxkIW2iCoVIXjq_91x3aGNuRg5Cv26oCgHk0Jx6VYgFpGuhVWAhu22pYgHzvqFEej0iyjbvdJx3qNDxBXU9c57ggOrLcYf5rBp9zaW-RP5rxpZcmnC6RS5SRNbsVhCs1fjhGyI2ZVYfZJnR_WgeT_VgzuatreZLYzKMv9s2gajAttWgnM79qg28QFnADkQYaExt5CA1MotGiR1jCjgQP9nL1ImgQ3zTmNrlojfuzfHMzY9y7SExcHk8bMqvOU7KML1p--ds09Dbfi482AudxWzehwUdEYMUTWhQANMlLIDWBFbEzgeTyZqDD5HblobEqjYorDFd7aawWeIQhiQPIzWFarWKxXJrILwR6g4vhkP2WR_vpQ5P40IIxYmWF5zFrKdwcJpi4OaP4jkoErnnqUaeZrg4EOpho3tTJzu3Jb0xOzsX76SmgyCmMhym9o7bnKF5z7NIw2HLMIGHljlH
And notice that Facebook is not only passing a tracking ID along to the target site but using a redirect service (https://l.facebook.com) to launch it.

Once you eliminate all the tracking information, here's what you get:
https://goo.gl/Hoh4V9
Facebook is just evil.

Sunday, March 03, 2019

Zoolz Update 2

I continue to be impressed by Zools as a backup tool. You can get Lifetime of 1TB Instant Vault and 1TB of Cold Backup Storage here for $45.

Since my last post I have tried the Instant Vault storage. Think of it as 1TB of shared storage like Dropbox shared files. But you have to login to the Zoolz web interface and drag and drop files/folders onto a web page.


Then you can request shared links to the files/folders. Those files/folders are NOT automatically updated. This is a separate terabyte of storage from the Cold Backup Storage.

But what really got me looking back at Zoolz was that my CrashPlan for Small Business at 75% discount for a year expired and my monthly charge went to $10. Not a big deal but $10 more than I used to pay.

In revisiting Zoolz I came across a feature that I hadn't noticed before - Hybrid+ backup.
Zoolz Hybrid+ doubles your backup protection by creating a copy of every backed up file to a local server, external or network drive; ensuring faster recovery when needed. Zoolz restore is intelligent enough to minimize recovery time by checking your local Hybrid storage for the file before restoring it from the web, reducing time and bandwidth resources.
And it's included with the regular Zoolz offering.

So I bought a 2TB Western Digital USB 3 drive and plugged it into the back of "The Trump".

Here's how you turn it on.


It took about 4 hours to sync the 400+ GB that I have selected to backup with Zoolz.

Zoolz support was excellent in helping me understand how Hybrid+ worked, even doing some experiments to answer some of my questions.

So now I have cloud backup with Zoolz Cold Backup Storage, local backup with Zoolz Hybrid+, and offline backup with Macrium Reflect.

Sunday, February 24, 2019

PrtScn

If you liked my earlier post about Snip and Sketch I've come across another feature of this. Remember that this capability was introduced in Windows 10 1809.

Go to Settings and search for Print Screen.


Click on "Use the Print Screen key to launch screen snipping".


Slice this button to "On".

Now when you press the PrtScn key the new Snip and Sketch control will be presented.

Clicking on the screen icon will capture the entire screen.


Don't forget the old capability of holding the Alt key when you press the PrtScn to capture just the active window. This still works with the PrtScn key remapped. As well, if you press the PrtScn key first and then hold the Alt key while you click on the screen icon you'll only capture the active window.

Try it.

Sunday, February 17, 2019

VPNs


Recently one of my co-workers sent me this article (archive.is). He asked:
What do you think of his assessment that VPNs are worthless and you are better off with HTTP Anywhere, etc?
That's not going to be a quick answer.

Just before a promotion for a commercial VPN service, the author says:
VPN services don’t make you more secure on the internet. Install HTTPS Everywhere, install an ad blocker and change your DNS settings to Quad9 or Cloudflare’s 1.1.1.1.
There are 3 points in there:
  1. Install HTTPS Everywhere
  2. Install an ad blocker
  3. Change your DNS settings to Quad9 or Cloudflare’s 1.1.1.1
HTTPS Everywhere forces HTTPS connections to any site that supports HTTPS even if the initial request is HTTP. I haven't tried HTTPS Everywhere but that's a good idea. Personally most sites that I use already force me to HTTPS anyway.

Oh, HTTPS can be spoofed. If someone has put a root certificate authority (CA) certificate on your device it could self-sign an HTTPS certificate and take a man-in-the-middle position decrypting your supposedly HTTPS traffic. At that point they could send it as HTTP or just scrape off your confidential information. This has happened more than once.

At one time, Google's Chrome validated the HTTPS certificate in use for Google sites to the one that they had issued and complained it there wasn't a match. I've heard that that is no longer happening.

To mitigate this risk, run sigcheck.exe (my blog) regularly.

And to ad-blockers.

I use uBlock Origin. Here's a comparison of cnet.com without and with uBlock Origin active.

Without

With

Not only does a good ad-blocker block the presentation of ads but it blocks any malware that potentially goes along with it. And it significantly reduces the bandwidth required.

Now to DNS.

While changing your DNS to or 1.1.1.1 or 9.9.9.9 seems like a good idea, it's not that simple.

If your scope of control DOESN'T include the Internet facing router, e.g. in a network that's not YOURS, then you really don't have ANY control over what server resolves your DNS queries. Even if your device sends a DNS request to 1.1.1.1, a malicious router can map that to a malicious DNS server and you'll get the response back from it. It can even NAT the responding IP address back to 1.1.1.1 so you'll never know.

If your scope of control DOES include the Internet facing router, e.g. in a network that is YOURS, then set the DNS server in your router to 1.1.1.1, 8.8.8.8, or 9.9.9.9. I don't really distrust Comcast's DNS servers but why not use one whose goal is to be secure and fast?

But back to the non-owned environment. Since you really can't trust legacy DNS resolution you have a couple of choices.

First, you could use a VPN provider that you trust. You do need to make sure that the VPN sends DNS requests through the tunnel and not just lets the local network (malicious?) resolve them. I'm not sure how to determine that but there's probably a way.

Second, you could use a client app that implements DNS over HTTPS (DoH) or DNS over TLS (DoT). Both of these protocols send DNS requests through an encrypted session so it can't be intercepted in flight. Even then you have to trust the DNS server that is at the end of the encrypted tunnel. There's a deep dive on this here (archive.is). There's a cryptic article from Google here (archive.is).

This is not a simple discussion.

Sunday, February 10, 2019

Chrome Password Checker

If you're not using Google's Chrome browser you should be.

Now that you are using Chrome, install the Password Checker extension.

This new extension will automatically check whether your user id / password has been exposed in a data breach. If it finds a match it will warn you.


Sunday, February 03, 2019

Friends Don't Let Friends

Microsoft Azure has had another round of problems.

Microsoft Office 365 users in Europe unable to access mailboxes for a full day

Microsoft cloud services see global authentication outage

Microsoft threw Level 3 under the bus on the second outage.
On the Azure status page, Microsoft indicated that the source of the problem is with Level 3, an US-based ISP that provides connectivity and various other services to Microsoft data centers.
At least customers could get to the Azure status page this time.

So I went of to downdetector.com. Here's what they showed several hours after the problem seemed to be resolved.


1600 incidents reported to downdetector.com at the peak.


And impacting several continents.

But Level 3 (CenturyLink) is a backbone provider. Shouldn't a Level 3 problem have affected many service providers?

So back to downdetector.com. Here's what they reported for Amazon Web Services (AWS).


No apparent correlation to the time of the Azure outage and less than 10 incidents reported in the worst hour.

So it must not be a backbone issue impacting multiple service providers?

Not so quick.


AWS' incidents were from the same geography as Azure's.

My assessment:

  • Level 3 (or some backbone provider) probably had an incident that affected all its customers.
  • AWS was able to tolerate the backbone outage better than Azure.

YOU get to decide where you want to put YOUR data.

Sunday, January 27, 2019

Controlled Folder Access - Windows 10 1809

I've been a big fan of Windows' Controlled Folder Access. Some of my coworkers have been "surprised" when it was enabled without their knowledge but I haven't experienced that. In fact I turn it on immediately when I build a new Windows system.

Over a recent long weekend I got on a tear upgrading 4 systems, desktops and laptops, to Windows 10 1809. I still haven't experienced any problems.

I've been posting about several new features in Windows 10 1809 that I think haven't gotten much press here, here, and here.

After my mass upgrade I've run into another unannounced feature that is valuable in relation to Controlled Folder Access.

In Windows 10 if a program violates the Controlled Folder Access you have established you get an ambiguous notification without enough information to act.


I Googled this and found that there is an event in the Event Viewer that has more information (archive.is). Here's how to get to it:

  1. Right-click on the Start button and select Event Viewer.
  2. Navigate to Applications and Services > Microsoft > Windows > Windows Defender > Operational
  3. Filter for (or just look for): Event ID 1123

Or you could just upgrade to Windows 10 1809.

Here's what the Controlled Folder Access Settings screen shows after an exception in 1803:


Not much help.

In 1809 here's what you get:


When you click on "Recently blocked apps" you get:


Nice.




Sunday, January 20, 2019

Viewing HEIC Pictures on Windows 10

Your new iPhones may be taking HEIC pictures. If you can't see them on Windows 10, install these 2 Microsoft Store apps.

HEIF Image Extensions

HEVC Video Extensions from Device Manufacturer

You will get prompted to login to Microsoft. I don't do that and choose to just install on this PC.

That was easy.

Sunday, January 13, 2019

Nexus 7 and Nougat

I've been playing with my Nexus 7 2012 for a long time. For me it's the perfect size.

When I last posted about it 2 1/2 years ago, I had updated it to Android 5.1.1 Lollipop.

Rereading that post this is what jumped out at me:
[I]ts performance is consistently Ok.
That was generous. It was so slow that I eventually set it aside and bought a Nexus 7 2013.

Recently I decided I wanted a cheap tablet to keep in the car. I looked at Amazon Fire Tablets but then came across my old Nexus 7 2012 in my junk pile.

I spent some time Googling for ROMs for it and found a couple of Android 7.1 Nougat ROMs.

The people who had flashed Nougat had good things to say.
Still have plenty of memory space. It all runs nice & smooth. Very well done guys!Everything works great with the latest version of the rom. Thank you for your work !Thank you very much for this rom. It's very smooth and fast.
So I dug out my old ThinkPad with adb and the Nexus drivers and got to work. adb is always a little bit of magic and the busted screen on the ThinkPad didn't help any.

First I had to install twrp. As usual this was the hardest part.

Then I flashed the ROM and pico Gapps.

After a couple of hours the Nexus 7 2012 was booted on Nougat.

Now it's on Android 7.1.2 with the September 2018 security patches.


Yeah, It's slow but usable and not bad for a 6+ year old device.

Sunday, January 06, 2019

Squoosh

I guess all the good domain names are gone. I've recently posted about Sweech and Zoolz.

Now there's Squoosh.

Squoosh is a web app from Google that will optimize image sizes to reduce page load time.

I would have thought that web image optimization has already jumped the shark what with 100+ Mbps home broadband but what do I know? I realize that not everyone has that bandwidth. My mother only has 10Mbps.

Squoosh runs all in the browser and after you load it the first time you can run it offline. Again, not sure WHY you'd need to do that but it does work.

Anyway, on to what it does.

I sent a 1.44MB jpeg to Squoosh and it optimized it to 521KB, a savings of 66%. There was no discernible difference in the image.

Original

Squoosh

That's nice.