Posted on

Why it’s proper to assume the worst

wJBvW7L

When you’re securing your devices, network, and data, you do so as if you’re expecting the worst.  This, of course, doesn’t mean the worst is going to happen, but if you can protect against it, you should, and if you don’t, and you get hit, it’s your own fault.

“Are you Paranoid???”

It’s inevitable that when you discuss standard security practices online, you’re going to run into some uneducated yahoo that loves to scream “paranoia!”.  If we used their “logic”, then we’d have no blinds on our windows, no bathroom doors, no bedroom doors, no locks on our homes or cars, no health insurance, no auto insurance, no life insurance, no home owners or renters insurance, no smoke detectors, and no fire extinguishers.  Just because you’re taking obvious and appropriate precautions, does not a paranoid schizophrenic make.

Reduce Your Attack Surface

A basic security principle is to reduce your attack surface.  That means that you simply turn off or disable avenues of outside attack, except for the few that you definitely need to use and protect those as best you can when they’re open, and close them when you’re done using them.

Capture

The fact is there’s plenty of money to be made and is being made by malicious users around the world, whether it’s phishing scams, viruses, trojan horses, worms, stolen databases, direct hacking attempts, webcam hijacking, bots, ransomware, or any number of other attacks, if it’s online, it’s definitely being scanned by malicious users and poked and proded for exploits.

Your current software and operating systems and devices are not secure

Today, in the second half of the second decade of the 21st century, if you put a fresh install of Windows 95 on a computer and hook it to the internet, it’s estimated that within 45 seconds, it will be compromised.  I’m not trying to scare you away from Windows 95.  By now, you’re certainly on a newer operating system.  That’s just an example of what kind of attacks are constantly running and scanning everything hooked up to the internet.  Newer operating systems are much less vulnerable.  Let me clarify that.  Newer operating systems are no longer vulnerable to those old, known attacks, but they are still vulnerable.  Every week, Microsoft releases security patches to Windows.  They’ve been doing this for at least 15 years.  And next Tuesday (no matter when you’re reading this), there will be another round of security patches to close up some of the security holes your up-to-date copy of Windows has right this moment.  But, it will not fix the security holes that are still in it.  The following Tuesday, even more holes will be closed.  And the cycle will continue ad-infinitum.  Even as Microsoft continues close up more security holes, they’re always making other modifications to Windows to add new features or fix bugs, that ultimately open new security holes.

Capture2

Conclusion

It doesn’t matter how much you try to protect yourself, there will always be holes open for attackers, but you should, of course, close up the holes you know about, keep your software up to date, encrypt your data, don’t re-use passwords, use long passwords, preferably computer generated, use a password manager, and even cover up your webcam on your laptop with a piece of tape.  You’re not paranoid if they really are out to get you, and believe me and all the others in the security industry… They Are!  However, they’re most likely not out to get specifically you, just anyone or anything that they find that’s not protected, and that’s YOU, me, and everyone else on the internet.  Just as you lock your front door, close your bedroom blinds, and buy insurance, protecting your digital content is no different.  You’re not expecting anyone to rob you tonight, but you’re going to lock your door anyway.  You don’t expect to die today, but you have life insurance anyway.  However, unlike your front door on your home, your home network is constantly being probed.

Now, go an encrypt your data.

Thank you for sharing this article.  See this image?

image

You’ll find actual working versions of them at the top and bottom of this article. Please click the appropriate buttons in it to let your friends know about this article.

Posted on

How to deal with Trolls Online

Years ago, back when Google+ was still in the invite phase, I wrote the following article on Google+ Netiquette:

Google+ Netiquette

Years have gone by and the pleasant days of invite only are gone and now we deal with trolls on a daily basis.  If you’ve spent any time online, you’ve dealth with trolls.  But what IS a troll?

Troll Defined

According to Google, it’s someone that “make(s) a deliberately offensive or provocative online posting with the aim of upsetting someone or eliciting an angry response from them.”

image

According to the Urban Dictionary, it’s “Being a prick on the internet because you can. Typically unleashing one or more cynical or sarcastic remarks on an innocent by-stander, because it’s the internet and, hey, you can.”

image

Let’s look at some real life examples of trolling, shall we?

Here’s a typical one I encountered recently.  During an innocent conversation about someone that got a chip on their Gorilla Glass screen on their Samsung Galaxy S7 phone, which, has a premium build glass and metal body (that’s important to follow the trolliness here)…

image

So, this troll jumped into an ongoing, pleasant conversation instantly stating lies (or he’s just 2 generations behind on his knowledge of what Samsung phones are made of), then he jumps to drastically wrong assumptions, repeats his misinformation, jumps to massive conclusions, attacks the entire Android platform, then expands his insults to all Android users across the entire planet, then accused me of being the troll when I called him out on his trolliness.  This thread went on further with more of the same.

image

Good Luck Lifestyle Theme Trolls 5″ – Ballerina by Play Along

This is just the latest troll I’ve dealt with and is a typical example of the trolls I deal with almost daily.  No doubt, in true troll form, if this troll ever sees this post, he’ll make a new thread claiming this post is all about him.  Reminds me of the old Carly Simon song, “You’re So Vain” … you probably think this song is about you.  Would be the same with any troll that I used as an example here.  This is just the most recent one at the time of this posting.

Of course, you see this behavior on any subject where people have opinions… politics, religion, science, favorite devices, etc…

But, how do you DEAL with these trolls?

There are 2 schools of thought on this and they’re both equally valid:

  1. Ignore them and the’ll go away.  Also known as “Don’t feed the trolls”.
  2. Take them on.

The conventional wisdom is “don’t feed the trolls”.  The theory goes that they only post to get people riled up and if you ignore them, they’ll go away.

While that’s true for some trolls, and in my opinion, a very small minority of them, it’s not true for all trolls and it’s my experience that it’s not true for most of them.  Ditto for the claim that they just want to rile people up.  My experience in dealing with them going all the way back to 1988 is that most of them are just people with strong opinions, poor social skills, and an extraordinarily sensitive ego.  Their purpose is not to rile people, but to make themselves feel better by belittling others.  When uncontested, they feel vendicated and that is a reward to them to do more of the same.

image

So, step 1, Don’t be a Troll!

See these Google+ Netiquette tips

Step 2:  Understand that you’re not necessarily dealing with this one troll, but combating a larger problem of trolls everywhere.

Step 3:  Determine what kind of troll this person is.  Are they just confused and if you provide corrected information, will it fix them?  Or, are they a repeat troller or trolling in a known trolling topic (such as iOS vs. Android or Republican vs. Democrat)?

Step 4:  Always try to first resolve issues politely and respectfully, even when the other party isn’t being respectful… IF you’re not sure they’re a repeat offender or trolling on a repeat troll topic.

Step 5:  Establish yourself as a polite, honest, reasonable person.  Politely try to resolve the problem.  Don’t give them an opportunity to label you as a troll.  They’ll do this anyway, but when you’re being more than polite, it only makes them look more ridiculous.  This is a big hit to their ego.

Step 6:  Re-confirm that you’re goal is to get to the truth, not to argue, and that you’d appreciate being treated with respect and that you’ll provide him (or her) with respect too.  Killing them with kindness makes their heads explode.  On a few occassions, they realize what they’ve done and apologize.  Sometimes they just leave, licking their wounds, usually blocking you on the way out.

There are, however, times when a troll needs a true smackdown.  I caution against this unless you can hold your own and are an expert in the topic being discussed.  Don’t be rude for the sake of being rude (that’s trolling), but feel free to mirror their insults.  Copying and pasting their own text against them is a great way to mirror their bad behavior that they can’t tag you on, because they’re actually the ones that wrote it.  Make absolutely certain that your facts are correct, because if you make any factual mistakes, YOU will be called out.  Keep reminding them that you tried to be civil, rational, and respectful, but they chose this path and you’re simply reciprocating the style of discussion that they chose… that it appears to be the only style they’ll pay attention to.  Also, trolls hate it when you use complex sentences and multisyllabic words or sound educated in any way.

Conclusion

When a troll has an unpleasant experience trolling (when their ego is hurt), they’ll think twice before trolling again, especially against you.

Thank you for sharing this article.  See this image?

image

You’ll find actual working versions of them at the top and bottom of this article. Please click the appropriate buttons in it to let your friends know about this article.

Posted on

Mobile: Encrypting All Internet Traffic

This is one of many articles in a series I’m writing to cover end-to-end encryption for everything…

Encrypt All The Things! [A Guide]

you do in your digital life.  I’ll cover encrypting specific types of …internet traffic (like E-Mail, Web sites, etc…) in other articles.

For a primer on encryption, please read my article “Understanding Encryption”…

Understanding Encryption

…as it teaches VERY IMPORTANT concepts that you need to know before moving forward here.

This works for rooted AND unrooted phones.

Big Disclaimer

Before going any further, let’s make one thing perfectly clear on THIS particular encryption.  This does NOT make all your internet traffic encrypted from your phone all the way to the final destination!

So… What does it do then?

This will encrypt your connection from your phone through and past your ISP.  It protects you from your ISP and anyone snooping on  your local end of the network.  This is great for when you need to use public wifi.  Scammers running a free wifi node will NOT be able to see your data NOR will they know where on the internet you’re going.

So… What does it NOT do?

Excellent question!  Let’s say you’re browsing a website that’s NOT encrypted (like this page you’re on right now)… Under normal circumstances, anyone snooping your network traffic ANYWHERE on the internet… from your local connection all the way to the connection on my end at my website, can see:

  • Your IP address.
  • The URL you’re wanting to visit.
  • Anything you type on my search page.
  • The contents of the pages my website sends back to you.
  • In short, everything is visible and in the clear.

Using the techniques in this article, you’ll be on an encrypted connection from your phone, through and past your ISP to some random computer on the TOR network, to a couple MORE computers on the TOR network, till your connection finally exits the TOR network and gets back on the regular internet, possibly in another country.  From THERE, your connection from THAT computer to my website is entirely unencrypted.

So… Why use TOR then?

To hide your network activity from your ISP, your cell phone provider network, your employer’s wifi, your local government(s) (including the NSA and GCHQ (the British NSA)), and anyone else snooping on the network near your end of the connection.  It will also hide your IP address from the websites you’re visiting.  You can make yourself appear to be in just about any country you choose.

Will this guarantee no one can see what I’m doing online?

LOL!  You’re cute when you’re innocent.  Of course not.  NOTHING is 100% safe on the internet, but it’s pretty darn strong protection and causes even the NSA headaches.  Someone with lots of resources would have to be specifically targeting you and it would be very difficult for them, even then.  You’re reasonably safe even against the NSA, but not totally.

What does it encrypt?

Note that this is a method to obfuscate ALL your internet traffic from your Android device, not just web browsing, but everything, including traffic to and from the Google Play Store, Google searches, game communication.  Again, it will NOT encrypt an unencypted connection.  It will encrypt all steps of the connection up to the exit node (see “How does it work?” below).

How does it work?

There are thousands of computers all around the world volunteering to be part of the TOR (The Onion Router) network.  When you connect to the TOR network, you’re randomly choosing an entry node computer somewhere in the world.  That computer then forwards your traffic to another, randomly chosen computer somewhere else in the world, which then forwards you to yet another computer on TOR somewhere else in the world, which then forwards you to a randomly selected TOR “exit node” computer… a computer on TOR whose purpose is to act as a fake YOU to the sites you visit.  It’s THAT computer’s IP address that your sites will see.

All traffic between you and all the TOR computers that your traffic passes through is encrypted.  The TOR computers do not know of your entire connection path through all the TOR computers you’re connecting through.  ONLY your own device knows that.  This is to prevent malicious adversaries from trying to reverse trace where you are.

Doesn’t this slow my connection down?

You betcha!  Yes.  Yes it does.  You do NOT want to do this for a first person shooter game.  YOU WILL LOSE!

Step by step instructions (FINALLY!)

If you’re device is NOT rooted, you’re going to change your Proxy address to “localhost” and your port to 8118 after you download and install Orbot. Below the installation steps are steps on doing that below:

  1. Download the app “Orbot” from the Google Play store.Screenshot_20160404-165041
  2. Optionally, you may want to ALSO install “Orfox”, a browser made to work on the TOR network.  It’s a modified version of the FireFox browser.  It works in tandem with Orbot.  But any browser will work.
    1. Screenshot_20160404-165051
  3. Launch the Orbot app.
    1. Screenshot_20160404-165126
  4. Long press on the screen to start Orbot.
    1. Screenshot_20160404-165118
  5. If you want to appear to be from a specific country, tap the drop down control in the bottom right of the screen and choose your desired country.
    1. Screenshot_20160404-165145
  6. If your device is rooted, skip the following steps about configuring your wifi connection and go directly to step #11.
  7. If your device is NOT rooted, it requires a little more work.  Steps 7-9 will need to be completed every time you connect to TOR.  Go to Settings->Wifi and long press on your wifi connection that you’re connected to and select “Manage network settings”.Screenshot_20160404-165310 BLURRED
  8. Now check the box “Show advanced options”
    1. Screenshot_20160404-165317 BLURRED
  9. Change your Proxy to “Manual”.
    1. Screenshot_20160404-165332 BLURRED
  10. Change your Proxy Host Name to localhost and your Proxy port to 8118 and tap “SAVE”.
    1. Screenshot_20160404-165404 BLURRED
  11. If everything worked (and it doesn’t always), you should have a secure connection on the TOR network now.  Open OrBot and click the “Browser” button on the lower left.Screenshot_20160404-165118
  12. If you have OrFox installed, it should open OrFox and load a page that tests.  It will tell you if you’re on a safe Tor connection.  If you don’t have OrFox installed, it’ll launch your default browser and do the same thing.  Here are 2 screenshots, one of OrFox and one of Chrome:

Screenshot_20160404-165205Screenshot_20160404-165422

If it didn’t work, you’ll see a page like this:

Screenshot_20160404-165246 BLURRED

If you see the “sorry” page, launch Orbot, then open its menu and choose “Exit”, then go to step #3 and try again.  There’s no guarantee that this will work all the time.  Some days it works.  Some days it doesn’t.

image

How to end TOR and go back to NORMAL networking

  1. Open the Orbot app, long press, and Orbot will end the TOR connection.  The onion icon will become gray.
  2. Open the menu in the Orbot app and choose “Exit”.
  3. Fix your wifi proxy back… Settings->Wifi.
  4. Long press your wifi network and choose “Manage network settings.
  5. Click the check box “Show advanced options”.
  6. Change “Proxy” back to “None”.
  7. Tap save.

You should now have a normal network connection again.  As a last resort, simply reboot your device if networking fails to restore to normal.

Thank you for sharing this article.  See this image?

image

You’ll find actual working versions of them at the top and bottom of this article. Please click the appropriate buttons in it to let your friends know about this article.

Posted on

Hangouts: “photo sharing is not available because of your administrator settings”

If you get the error “photo sharing is not available because of your administrator settings” in Google Hangouts (iPhone, Android, or any other platform) when you’re trying to send a picture (either by taking a photo within hangouts or just selecting an existing picture on your device), here’s what’s up with that and how to fix it…

Why you’re getting this:

You’re probably using an e-mail address that’s NOT @gmail.com.  You’re using Google custom domains (or whoever assigned you your account is using it) or Google domains for business or education.  Your account does NOT have “Google Photos” enabled.

Samsung Galaxy Phones on Amazon.com
Samsung Galaxy Phones on Amazon.com

How to fix it:

If you’re NOT the administrator for the domain, then contact your domain administrator (the person that set up your account) and have them follow the following instructions:

If you ARE an administrator…

  1. Log into your domain control panel and click on “User”.image
  2. Click on the appropriate user account.
  3. Click on “Google Apps enabled”image
  4. Scroll down to “Show more” and click it.
  5. Then click “Additional Google services enabled”
  6. Scroll down and click on “Google Photos”.  It’s probably “off”.  Turn it on.
  7. image

Now the user should immediately be able to send images from within hangouts.

Thank you for sharing this article.  See this image?

image

You’ll find actual working versions of them at the top and bottom of this article. Please click the appropriate buttons in it to let your friends know about this article.

Posted on

Slow Motion Galaxy S7 Video Tests

I bought a Samsung Galaxy S7 on March 11, 2016 (well, actually TWO of them) and have been testing the features.  Now, this slow motion video is not a new feature.  In fact, I’ve had it on my prior phone, a Samsung Galaxy S4 for almost 3 years, but I’ve had Cyanogenmod installed on it for the the last 2 and a half years, so I’ve been missing this feature.

Details of Slo-Mo

The Galaxy S line of phones since the S4 have had a camera feature where the camera can record video at 240 fps (frames per second) at 1280×720 resolution.

Enough already, let’s see some slo-mo video!

Fine!  Here you go!  This first one is a water bottle connected to a SodaStream, being carbonated.

Next is video of spraying water on the headlight of my car.   I have this uploaded to YouTube, but because of the extreme detail of the thousands of water droplets, YouTube’s video compression really destroys it, so I’m providing it as a downloadable MP4 file instead (46MB).

image

If you want to see the butchered YouTube version, here it is:

Thank you for sharing this article.  See this image?

image

You’ll find actual working versions of them at the top and bottom of this article. Please click the appropriate buttons in it to let your friends know about this article.

Posted on

Fitbit is a Major Privacy Peeping Tom

I ran the setup for my new fitbit Surge watch and during the Windows 10 fitbit app setup, it showed me this list of fitbit owners from MY PRIVATE CONTACTS!FitBit Contacts cleaned

In this list of fitbit owners:

  • Dude from High School I barely knew
  • Ex girlfriend from Jr. High.
  • Several people I don’t recognize.
  • Bunch of girls I knew from 1-12 grades.
  • A good friend’s cheating ex.
  • Little sister’s friend.
  • Brother in law.
  • Wife of brother in-law’s good friend (dont’ know why she’s in my contacts… probably through a facebook sync from years ago).

Also, everyone else in my contacts that do not have a fitbit account.

Some of these names are NOT in my contacts on my PC, which means they came from my phone.  And for the Windows 10 app to know that these 16 people have fitbits, my contacts had to have been uploaded to the fitbit servers so it could compare them to its database.  At no time was I asked permission to upload my private contacts (from either my phone nor my PC).  And I’m guessing these people didn’t explicitly grant it permission to let me know they have fitbits and they will likely be notified that I have one, even though I’ve given no such explicit permission to notify them nor any explicit permission to hijack my entire contacts list.

Fitbit spying

In addition to this, 100% of all health data that a fitbit collects is uploaded to the fitbit servers, viewable by fitbit employees… all done without notifying you and certainly without asking for explicit permission.  Turns out, the only way to use a fitbit without uploading all your private data is to not use the PC app or the mobile app, but, of course, the fitbit is mostly useless without them.  There’s no technical reason for uploading our data to the fitbit servers.  The PC and mobile software could easily have communicated with the watch without the involvement of the fitbit servers.

While on technical support today trying to resolve why my fitbit won’t charge, I discovered that they have access to all my health information collected by this watch, even though the employee I spoke with said it “only” uploads… then rattled off every thing the watch does… “for the purpose of knowing your fitbit is working”.  In addition to that, they know when we charge them, when we reboot them, and what devices we charge them from.  All this without permission from us.  Sure, some of this is somewhat inacuous data, but I did not give it permission and collected together, all this information can be used against you.  This is your HEALTH information.

Just about any kind of personal information online can be used against you and your _*personal health*_ information is especially vulnerable.  In this article, I list ways that seemingly innocent information can hurt you:

So, HOW do you stop it?

  1. Don’t run the mobile fitbit app.
  2. Don’t run the desktop fitbit software.

Of course, without the apps, the fitbit is pretty much useless.  Your only real option here is to stop using your fitbit.  There should be other smartwatches that can do similar or better things that DO NOT send all (or any) of your private data to remote servers.

[Update] I sent my fitbit back and got my money back and bought an Android Wear watch that does everything the fitbit does, and more, but without uploading everything to its owners servers.

Thank you for sharing this article.  See this image?

image

You’ll find actual working versions of them at the top and bottom of this article. Please click the appropriate buttons in it to let your friends know about this article.

Posted on

A Yankee’s Guide to drving in Southern Snow

First of all… Welcome Y’all!

image

We southerner’s love our northern friends and love to share stories of our different experiences.  One such difference is the way southern cities shut down at the first threat of snow and how people drive in the snow down here vs. up north.

Our friends from up North are usually flaberghasted at how “crazy” we react to snow, pile up at the local grocery stores, empty the shelves of milk, bread, and eggs, and how badly we drive in the snow, believing that there should be no excuse for any of it, because hey, “we have snow in the north ALL THE TIME and it’s no big deal!  What’s wrong with you people?”

We usually smile and nod, because we’re polite and pride ourselves on our Southern hospitality.

So, here’s the Yankee’s guide to dealing with snow in the south.  It’s actually more of a list of things you need to understand.

There are some differences between the north and the south that you need to understand.  I’ll try to list them in roughly the most obvious to the least.

  1. We get less snow than you do.
  2. We get a LOT LESS snow than you do.
  3. Snow is rare down here.  We actually look forward to it because it’s so rare and pretty when it falls and the kids love it because it means they get a day or two break from school and as adults, it frequently means a paid day or so off work and an excuse to relive our youth when we got to get out of school and play in the snow, and we do, even as adults.
  4. Because snow is rare down here, we don’t have many snow plows to deal with it, so our roads stay covered and dangerous.  This is why the cities shut down on those rare occassions we have snow.
  5. Because snow is rare, we will always be inexperienced drivers in the snow.  There’s no getting out of that.  It’s just a fact of life, and it’s not our fault.
  6. If we have to go out driving in the snow, we’re going to drive slowly because, quite frankly, we don’t know what the hell this white shit is that’s all over the roads.  We know it as crash causing slippery wet stuff that no one in their right mind would try to drive on.  We think that to ourselves as we’re driving on it, BTW.
  7. Most cars down here don’t have snow tires.
  8. Even fewer have chaines.
  9. Believe it or not, our snow is not the same as yours.  I was in Boston on a business trip recently and experienced what we in the south would consider a five hundred year blizzard.  It was 3 feet of snow that fell overnight.  Apparantly that’s normal up there and before the sun rose, the streets had been cleared… EVERYWHERE!  Unfreaking-believable for a Southener.  My northern friends hated it and were amazed at my amazement and beuty of it all.  Every house was photo postcard worthy.  Anyway, back to the snow… I noticed that the snow was dry and powdery and very easy to drive on… even I could drive on it.  That snow actually had some friction and was more like talcom powder than slipery, wet ice, like our snow is in the South.  I suddenly understood why Northerners drive on it… because they can!  Our snow is usually super slippery, wet, and frequently has black ice underneath that you can’t see and are unaware of until you’re on top of it and rotating out of control towards a ditch, mailbox, parked car, another spinning, out of control car, tree, or God forbid, a cliff or a child.
  10. When it snows down here, our power is almost certainly going to go out.  Trees down here are also unexperienced with snow, so weak limbs and trees are NOT constantly taken out with heavey snow.  They prosper and flourish down here, until it snows, then they like to fall, a LOT, and their favorite places to fall are on our power lines.
  11. Because we know we’re going to be without power or outside help for 1 to 3 days, and because we know that driving will be treacherous, we have to rush to the local stores to stock up on food and heating supplies NOW.  Why the food of choice is bread, milk, and eggs is still a mystery.
  12. Schools will be let out as soon as it’s known that snow is eminant.  It’s exceedingly important because every minute delayed, is another minute with more crazy ass slippery shit on the roads that our experienced school bus drivers with little to no experience of driving on that slippy stuff will be putting our kids’ lives in danger.  We need to get them home ASAP.  Last year, here in Knoxville, our new school superintendant (from the North, mind you), delayed letting the kids out until the “blizzard” was upon us.  Many buses crashed and children DIED!  He resigned last week, BTW.  This is a real issue and real threat.  Kids MUST be sent home ASAP.
  13. Perpetual inexperience (which will always be the case down here, due to lack of opportunities to become experienced) and always slippery, wet, black ice covered in wet snow, and lack of infrastructure (due to the rarity of the events) dictates that drivers will be scared, crashes will happen, supplies will be needed, and power will go out.

A surprising number of “our” crashes in the snow are actually caused by visiting or passing Northeners’ and their inexperiences with our type of snow, inexperience with our traffic patterns, and inexperience with how rightfully inexperienced drivers react.

So, next time you are down here in our rare snow, remember these major differences.  Yes, we are inexperienced in driving in the snow.  What would you expect in areas that rarely have it?  But, we love to have you down here, just be mindful of the fundamental and inescapable differences in snow, and we’ll get along just fine!

Y’all come back now, ya hear?  Winking smile

[UPDATE 2016-01-20] Since I wrote this. we in TN have had our first snow of 2016.  Here are some of the results:

Chattanooga

Knoxville

image

[Update again 2016-01-21]  Here’s some dash cam video of me unable to go a certain route home.  Then some idiot comes up behind me in their 4 wheel drive, get stuck, block me, and nearly hit me.  (the dates are wrong in the videos… It’s actually today, 1/21/2016.)

Here’s the same event from the rear view camera.  Note that it is recorded in a mirror image.

Thank you for sharing this article.  See this image?

image

You’ll find actual working versions of them at the top and bottom of this article. Please click the appropriate buttons in it to let your friends know about this article.

Posted on

Encrypt Your Entire Non Boot Disk

This is another entry in my list of articles on encrypting your entire digital life…

Encrypt All The Things! [A Guide]

…from end to end.  Click here for the lead article.  This article is about encrypting your entire NON boot disk on your server, desktop, or laptop computer.  These instructions are DIFFERENT from encrypting your boot disk, which you can find here.  I’ll be giving specific instructions for Windows, but Mac & Linux steps are similar.   These instructions are using free, open source software that’s NOT from Microsoft.

Short (VERY short version)
    1. Install encryption software.
    2. Backup the drive (no, seriously!  DO THIS!)
    3. Select an empty drive letter.
    4. Select device.
    5. Encrypt.

The rest of this shows you the details of those steps.

Let’s begin
  1. Download and Install VeraCrypt fromhttps://veracrypt.codeplex.com/releases/view/616110
  2. Select an available drive letter (your encrypted volume will have this drive letter, NOT the original drive letter).
  3. Click the “Select Device” button and choose your drive to be encrypted.  (3 lines for each drive show up.  Choose the line that contains your drive’s current drive letter).
  4. From the “System” menu, choose “Encrypt System Partition/Drive”.
    1. image
  5. Follow the directions in the software.

DO NOT FORGET YOUR PASSPHRASE!!!!!

After that, you’re all done.  Now, every time you reboot, if you want to open your encrypted drive, you’ll need to mount it with VeraCrypt.  SO DON’T YOU DARE FORGET YOUR PASSWORD!  Seriously!  If you forget your passphrase, there’s NO WAY to recover it.  That’s it.  It’s done.  The data on your non boot drive will be gone forever.  You’ll have to reformat your drive and start all over OR pull out the drive and set it aside, hoping you’ll remember your passphrase some day.  I cannot stress this enough.  You CANNOT forget your passphrase!  I recommend storing a HINT of your passphrase in an ENCRYPTED password management tool, like LastPass.  I use the “secure notes” feature to store mine.

Your drive is now much more secure.

Thank you for sharing this article.  See this image?

image

You’ll find actual working versions of them at the top and bottom of this article. Please click the appropriate buttons in it to let your friends know about this article.

Posted on

Encrypt Your Entire Boot Disk

This is another entry in my list of articles on encrypting your entire digital life

Encrypt All The Things! [A Guide]

…from end to end.  Click here for the lead article.  This article is about encrypting your entire boot disk on your server, desktop, or laptop computer.  I’ll be giving specific instructions for Windows, but Mac & Linux steps are similar.  Note that encrypting your boot drive is performed differently than encrypting non boot drives (which I’ll also cover in a separate article).  These instructions are using free, open source software that’s NOT from Microsoft.

Short (VERY short version)

    1. Install encryption software.
    2. Backup boot drive (no, seriously!  DO THIS!)
    3. Select boot volume.
    4. Provide passphrase.
    5. Reboot.
    6. Enter passphrase on boot prompt.
    7. Wait for boot.
    8. Encrypt volume.

The rest of this shows you the details of those steps.

Note the following trade-offs to encrypting your boot drive:

  1. When powering on or rebooting, your PC will stop until you enter your encryption passphrase.  This means you can’t reboot your PC remotely.  Someone has to physically be there.
  2. After typing in your passphrase, there will be a delay.  My PC takes 48 seconds that it didn’t take before.

Let’s begin

  1. Download and Install VeraCrypt from https://veracrypt.codeplex.com/releases/view/616110
  2. Open the “System” menu and choose “Encrypt System Partition/Drive”.
    1. image
  3. Follow the directions in the software.
  4. After you’ve answered all the prompts in the software, it will require you to reboot.  During boot, BEFORE Windows boots, you’ll be prompted to enter your passphrase.  Go ahead and enter it and hit [Enter].
  5. You’ll then be prompted for “PIM”.  Honestly, I have no idea what this is.  I just left it blank and hit [Enter].  All is good.
  6. Your PC will work on decrypting for a while.  My Quad-Core i5-4690K CPU @ 3.5Ghz takes about 48 seconds here.  Your mileage may vary depending on the speed of your CPU.
  7. Once it’s done there, Windows will boot.  Go ahead and log in.
  8. You still haven’t actually encrypted your disk yet.  You just got the VeraCrypt bootloader installed.  Shortly after you log in, VeraCrypt will automatically open and walk you through actually encrypting your disk.  That will be the final step.

DO NOT FORGET YOUR PASSPHRASE!!!!!

After that, you’re all done.  Now, every time you reboot, you’ll be prompted for your passphrase SO DON’T YOU DARE FORGET IT!  Seriously!  If you forget your passphrase, there’s NO WAY to recover it.  That’s it.  It’s done.  The data on your boot drive will be gone forever.  You’ll have to reformat your drive, install a fresh copy of Windows, and start all over OR pull out the drive and set it aside, hoping you’ll remember some day.  I cannot stress this enough.  You CANNOT forget your passphrase!  I recommend storing a HINT of your passphrase in an ENCRYPTED password management tool, like LastPass.  I use the “secure notes” feature to store mine.

Your drive is now much more secure.

What you NEED to know about Windows 8 and 10 disk encryption

And by “Windows 8 and 10 disk encryption”, I mean the built-in encryption capabilities of Windows.  I’m NOT talking about what we just did above with a third party product called VeraCrypt…

  • If you install Windows 8 or 10 on your own PC, then log into your Microsoft account, at that time, your DECRYPTION KEYS are UPLOADED to Microsoft servers!!!  Yes!  Without asking!
  • If you buy a PC with Windows 8 or 10 already on it, your decryption keys are ALREADY uploaded to Microsoft servers.
  • You can request that Microsoft delete your decryption key, but it’s already too late.  Once your decryption key leaves your hands, you can no longer trust that it’s secure.
  • To fix this, you’ll need to RE-Encrypt your disk, which requries generating a NEW key, then NEVER log into Windows with your Microsoft account.  Just… DON’T!  But DO create a LOCAL user account and use that from now on.

Thank you for sharing this article.  See this image?

image

You’ll find actual working versions of them at the top and bottom of this article. Please click the appropriate buttons in it to let your friends know about this article.

Posted on

Quicken 2016 Riddled with bugs and Errors

I’ve been writing about the bugs in Quicken for years and I’ve been complaining to Inuit about it.  For many of the bugs, they refuse to acknowledge they exist.  For others they simply don’t care.  Don’t expect any of these to be fixed… ever.

Here’s a short list of bugs and problems I’ve experienced with Quicken 2016 in just the first couple of days of use:

  1. Linking bills to online crashes 100% of the time on first attempt of each bill.
  2. App hangs with high CPU% when trying to update online transactions frequently (not all the time).  Must forcibly kill app.
    • image
    • image
  3. I canceled a repeating online payment.  It will never send the instruction and complains that I have a pending instruction to send every time I exit the app (pictured).
  4. No audio (happened before the upgrade and still no sound).
  5. Every time you contact support, they claim your file is corrupt and want you to do a file repair, which never fixes the problem, though that, itself, is both a customer service problem and a serious bug that their software continuously corrupts the data file.  This has been a problem for at least a decade (possibly more).
  6. Redraw routines are incredibly inefficient with too many redraws happening — readily apparent and an actual problem when remoting in to your PC.  Also a problem when moving the app window around the desktop.  It’s very choppy even on high end desktops with high end graphics cards.   This is something a 20 year old PC should handle easily.
  7. Non standard text entries — When you click in it, it auto-selects the text.  This has been a problem for decades.  They seem to think it’s a feature, but to power Windows users, it ALWAYS interferes with our way of doing things.  It’s impossible to get used to it because 99% of all other apps do it right (by not doing this).
  8. [Update 2016-02-16] I changed a password to a credit card, now Quicken can’t connect and asks for the pw every time, instead of storing it in Quicken’s password locker with all the others.

image

Thank you for sharing this article.  See the image below?

image

You’ll find actual working versions of them at the top and bottom of this article. Please click the appropriate buttons in it to let your friends know about this article.