A second thought on upgrading to Windows 10

(1)

If you seriously want to get Windows 10 for free on your computer, you might want to get started by mid-July, 2016. When I went to upgrade my newest brand-name laptop from its factory-installed Win 8, I had to fight with it for several weeks. Here are things to consider:

• If you are happily running Windows 7 or 8.1; consider keeping it. Microsoft will continue to support them for another 3-1/2 years and you won't have to worry about missing drivers or other quirks.
• Will your computer take the upgrade smoothly? In my experience, what Microsoft considers "adequate" hardware has always been very optimistic. It was very happy to install Win10 on my netbook with 1 GB RAM and a 1 GHz Atom CPU. I am telling my clients they need a minimum of 4 GB RAM and a 64-bit multi-core CPU. (2)
• Is your computer at all old or non-standard? Even if the hardware is capable, your manufacturer may not provide 64-bit or Win10-compatible drivers for components more than 2 or 3 years old. The same goes double for any non-factory components you've added or peripherals like printers or scanners.
• Perform a full-system image backup to facilitate a roll-back should you have any problems. Even better, clone your hard drive to a new one and upgrade the disc that hasn't already got several years usage on it. Then your old drive is your backup.
• Get the resources from Microsoft to install Win10 from a DVD or USB; even if you intend to allow the automatic upgrade. (3)
• Verify you can boot from your external media. I found the Secure Boot feature of new computers would not allow me to do so. These two steps alone took me a week to complete.
• Back up your data again. (4)
• Finally say "OK" to the nag you've been getting for months. I recommend you choose the "download now, install later" option to ensure a clean, continuous download. The entire package is 3-6 GB.

Bill Barnes

Notes:
(1) Share these notes here: http://fromthehelpdesk.blogspot.com/2016/06/a-second-thought-on-upgrading-to.html
(2) Find this information in Control Panel > System. If you have 32-bit Win7, but a new computer; the app at https://www.grc.com/securable.htm will determine your CPU's capability.
(3) https://www.microsoft.com/en-us/software-download/windows10/.
(4) Naturally, I recommend you buy Carbonite backup software from me: http://goo.gl/CXqBsB.

Quotes without comment (Windows 10 edition)

Some stories that were recommended for me to read/view:

On Friday I received:

But on Thursday I had already gotten a link to:



(These screenshots are linked to the documents. Click on them for the “full” story.
Open links are below to verify source. For the safest surfing, read the destination [// domain.com/] and copy the link into your browser.)

Microsoft:
https://channel9.msdn.com/Shows/TechNet+Radio/TNR1655?wt.mc_id=DX_840368&MC=MSAzure&MC=CloudPlat&MC=Windows&MC=EntMobile&MC=SecSys

Thurrott:
https://www.thurrott.com/windows/windows-10/67367/upgradegate-microsofts-upgrade-deceptions-undermining-windows-10?NL=WIN-01&Issue=WIN-01_20160526_WIN-01_114&sfvc4enews=42&cl=article_2_2

Microsoft will not call you

Pardon the redundant warning ...

I hope this reminder falls in the same category as “buckle your seatbelt” and just reinforces the diligence you already take to treat every offer from a stranger with a grain of salt. My saying it now was inspired by a warning in a WindowsSecrets (1) that there is a current rash of this type of scam.

Microsoft will not call you offering to fix a problem you didn’t know you had. (Neither will Dell, Google, Facebook, the IRS, or anyone else.)

If you get an unsolicited call, email, or popup on your screen  referring to some critical issue that you must use their assistance to repair right now – it’s likely to be a scam!

• Do not click anywhere inside a popup.
• Do not install anything that you didn’t go looking for.
• Do not ever give anyone you don’t know access to your computer or your money.

The exception to these rules might be if you can’t open any of your files and the only thing you can see is a message that you need to send some anonymous entity money – usually via Bitcoin. This is a ransomware infection and it is probably real! In this case, immediately unplug your computer and contact your computer professional. Most likely, you are toast. The only solution is to pay up or start over with your backup data. Also, unfortunately, if you delay or attempt to get around this on your own, you run the risk of even corrupting the good backups you do have.(2)

Actually, some people may legitimately initiate the call such as to inquire or warn about an atypical credit card charge. If they ask you for privileged information such as an account or Social Security number, you are perfectly right to make them identify themselves. The best thing is to for them to be able to give you a piece of non-public information such as the first digits of a Social Security or credit card. For more ways to verify a caller, see the tips in "Should I Open This Email" (July 2012). If you independently have a contact number for them such as the support number on a the back of a credit card or 911 if they claim to be police; hang up and call them back. do not trust a callback number they give you.

Feel free to share this with all your friends and relatives who have a computer or telephone and use the internet.

-------------
(1) Here’s the open link for WindowsSecrets, because you never click to go to unknown websites from a link you might not trust: http://windowssecrets.com/newsletter/better-localcloud-management-for-big-data-sets/
And a couple weeks later Windows Secrets alerts us to a "support" scam directed against Dell owners: Support scam alert for Dell users: http://windowssecrets.com/field-notes/tech-support-scams-take-a-disturbing-turn/ (note: this is a 2-part article; scroll down past "Windows 10 ..." to read the report on the new scam). 
   
(2) Which is where I make my pitch for you to buy your Carbonite automatic, online backup service from me:
http://partners.carbonite.com/thetechnologyinterpreter

. This work by Bill Barnes is licensed under a Creative Commons BY-NC-SA 3.0 US License. Permissions beyond the scope of this license may be available at http://zaitech.com/satellite/contacts.htm.
(cc) 2016- Bill Barnes - Disclaimer - Home Page - Blogs Home

Lost passwords

Lost WiFi passwords

Q. How can I find the WiFi password on my router?

If you know the login information to configure your router, just connect to it as an administrator and go to the Wireless > Security section.(1) The password should display there.

If you have a device that already connects to that router, you may be able to extract the password from it. Windows 7 (and XP) will display the plaintext password under Manage wireless networks in the Network and Sharing section. Some Android devices will also show the plaintext saved password.

If you’ve moved past Windows 7(2) (even as an upgrade), the password is not shown in the interface. It still is available as plaintext if you know where to look in the system. The easiest way to do that is with a utility; which I have recently done.

I usually document my research well, but can’t find exactly what I looked at or why this time. There may be a hint in my caveats, below(3). I thought my original impetus was an article in WindowsSecrets, but can’t find it now. You may be able to search for Key Finders on their site.

I did look at Magical Jelly Bean (https://www.magicaljellybean.com/wifi-password-revealer/) and NirSoft (http://nirsoft.net/password_recovery_tools.html) and eventually used a keyfinder program from Magical Jelly Bean to recover WiFi passwords on a Win10 computer. Both sites had been vetted and recommended … somewhere. A colleague frequently uses Magical Jelly Bean.

The program quickly displayed a list of almost 3 dozen sites I had connected to in the past with this computer with SSID, password, and some technical information. I captured it as a screenshot, blacked out my sites, and printed it to carry with my laptop. Yes, this exposes passwords for many friends and relatives to anyone who steals my bag. But there is no connection between my papers and my friends so all the thief can do is drive around the country looking for the SSID.

It is as important to protect your WiFi password as any other. You may not mind someone using your bandwidth, but anyone connected to your network (either WiFi or wired) could invade any computer on your system – and “computer” includes your phones, game devices, and connected appliances (like a thermostat or light controller) as well. Then any data or settings on them could be vulnerable to attack by stealing the data or malicious destruction. And one of those computers you don’t think of as such is more likely susceptible to becoming a gateway from the outside for bad guys to do even more harm.

---------

Notes and resources:

(1)     If you don't know the login for your router, you can return it to the default settings by pressing a recessed button with a pin. Then you must completely reconfigure all of your settings. Of course, if you don't know the login, you may have never changed the default settings. See my article for tips on critical settings to customize.

(2)     If you’ve got anything with Windows 7 (or XP) that connects with WiFi, you can display the password for each network directly in Windows. With Windows 7, find it at:
Control Panel\Network and Internet\Manage Wireless Networks – Get there from
Network and Sharing Center > Manage wireless networks (on left sidebar) > Security tab

(3)     As always, when researching and downloading non-commercial resources, ALWAYS be careful exactly where you click. (I sometimes use a sacrificial computer* to do my research and downloading.) I have a note with my saved passwords that this program tries to co-install a couple of unrelated programs that will return money to the publisher. For more information on using “free” software, see my post at http://TechnologyInterpreter.info (May 2016).

. This work by Bill Barnes is licensed under a Creative Commons BY-NC-SA 3.0 US License. Permissions beyond the scope of this license may be available at http://zaitech.com/satellite/contacts.htm.
(cc) 2016- Bill Barnes - Disclaimer - Home Page - Blogs Home

Google Fiber Is Coming To Town

 Note: This article has been updated. Scroll to the bottom to see the status in 2019.

Perhaps you’ve heard: Google Fiber selected Charlotte as one of the first nine cities where they will offer their internet and TV service. They have completed their initial surveys, mapped out locations for their networking equipment and begun putting fiber optic cable in the ground. The next step will be running thousands of miles of cable along neighborhood streets to bring service to individual subscribers.

What is Google Fiber?

Google Fiber will be another carrier providing internet and television service to individuals and, presumably, small businesses. As such, they will operate in direct competition with carriers such as Time Warner and AT&T.

Although no specifics are available for Charlotte, service is already available in Austin, Texas. There they offer an option of high speed internet or internet plus TV. Internet only is priced at $70 per month and over 150 channels of TV plus 8-channel recording adds another $60. They also have a basic internet-only service for a one-time installation fee of $300 which can be paid at $25 per month for a year. After the $300 is paid, there are no more charges.

Google’s Gigabit Internet is advertised as “up to1,000 Mbps.” That is approximately 20 times the speed currently advertised by the currently available major providers. Their prices for “up to 50 Mbps” are $35 and $65 for the first year. Google Basic Internet offers “up to 5 Mbps” with no costs after the initial fee. Realistically, most home users with typical usage probably would not notice a significant difference at speeds greater than 25 Mbps. For more information, see my blog post “What’s a gigabit” at http://TechnologyInterpreter.info.

Why should you be interested in Google Fiber?
Telecom and internet providers are notoriously weak in most customer service surveys. The $430 billion Google is known for tackling technological problems with a different viewpoint from traditional players. At the very least, encouraging Google will bring competition to the near monopoly of service currently available, even if you choose not to change your provider.

Furthermore, Charlotte was honored to be chosen by Google immediately after the first three pilot cities. Supporting Google will prove to the rest of the country that Charlotte believes in the 21st century.

What’s next?

Building a completely new infrastructure is a major task and Google will not be able to offer it to the entire city at once. As yet, they have not announced what areas they will start in, but they are collecting addresses to determine what areas show the most interest. Register at https://fiber.google.com/cities/charlotte/ and if enough of your neighbors also do so, you may have another option for internet and TV soon.

NOTE: This item was originally published in The Spirit of Plaza Midwood, Fall 2015.

----------------------

Update: March 2019

 It’s been 3 ½ years and most Charlotte neighborhoods still don’t have Google Fiber. You might find some answers in this report from radio station WFAE's FAQ City: What Happened To Google Fiber? 

There are two hypotheses that seem feasible to me:

(1) They never intended to provide broad fiber service. Instead, the project is just a ruse to scare the incumbent internet carriers to offer better service. Then their core services including bandwidth-intensive YouTube and apps, as well as their bread-and-butter search would be more responsive for everyone. If so, they have succeeded as both Spectrum and ATT have significantly upgraded their service and the latter is even installing some fiber of its own.

(2) Google miscalculated how complex and expensive building out fiber in a dozen or more cities would be. They flat dropped some of the “second tier” locations and imposed a serious go slow on the others.

In fact, they have not abandoned Charlotte, but are still adding new customers. It appears those new customers are primarily in the gazillions of new apartments going up in millennial-friendly neighborhoods. Those are obviously less expensive to serve where they can get dozens to hundreds of new customers with a single installation. The buildings are likely even prewired so they only have to service the master utility connection.

----------------------

Open links: 
WFAE: https://www.wfae.org/post/faq-city-what-happened-google-fiber

Disclaimers:
The writer has no affiliation with any of the businesses mentioned. Google did not respond to a request for specific details. All information presented is from public resources.
. This work by Bill Barnes is licensed under a Creative Commons BY-NC-SA 3.0 US License. Permissions beyond the scope of this license may be available at http://zaitech.com/satellite/contacts.htm.
(cc) 2015- Bill Barnes - Disclaimer - Home Page - Blogs Home

What’s a gigabit?

What's a gigabit?


Short answer: it's a billion bits. Thank you. Y'all hurry back.


Honestly, when most people encounter a gigabit it's in the description of their network or internet speed. Usually written Gbps, it means one billion bits per second, which is equivalent to 1000 Mbps or 1000 million (or Mega) bits per second.

The "per second" identifies the distinction between the quantity of information and the rate at which it can be transmitted. Transmission rate is usually expressed in bits while quantity is counted as bytes. Although a byte (the common unit of file size) is equal to 8 bits, communication overhead means the byte rate is approximately 1/10 the bit rate. Thus, to a first approximation, 1 Gbps might move data at about 100 MBps (note that bits are abbreviated with a lower case “b” while bytes are a capital “B”).

So, how fast is a Gbps?

Internet Service Providers often describe their speed in terms like “download a movie (or song) in x number of seconds.” Except that most people don’t care too much how long it takes to download a file. They want the movie they’re watching right now to play smoothly. With streaming media, they download a movie over two hours. One second of HD streaming video might require 4-5 megabits of data (cutting edge “4K UHD” video might be 25 megabits). Even doubling the numbers for a 100% reserve, that’s a long way from 1000 Mbps.

“Your mileage may vary…”

Despite the sales pitch, a promotion for 1 Gbps might not give 1 Gbps. Just about every internet package is described as “Up to xxx Mbps.” This implies they’re not actually guaranteeing any particular minimum speed. There are many factors more or less beyond the ISP’s control that affect the actual internet speed delivered to an end device.

Alert: tech talk coming up. You may want to jump to “What else is on the line?”

Obviously, the ISP has no control over the connections or devices inside the house. Until recently most computers shipped with wired network cards that wouldn’t communicate faster than 100 Mbps. While the computers’ connections got faster, upstream devices such as home routers may not have been upgraded. Some older routers were limited to only 10 Mbps input from the internet so internal computers could communicate much faster between themselves than with the internet. Ramping up speed with WiFi technology has come later and at much higher cost than for wired connections. Also, most WiFi specifications share a single total capacity with all devices connected to it so any one device’s speed is limited by what others may be doing, even if they're not using the internet.

Before it gets to the subscriber’s equipment, the ISP’s local modem may not support their maximum speed. Outside the house, there are mitigating factors for some neighborhood transmission technologies. On some systems all subscribers may share a single cable from a local hub. While the cable may be capable of more than the advertised speed, it may not be so if everyone is using it at the same time. Other systems may give a single wire to a single subscriber, but the potential speed falls off with distance from the hub. And at every hub from the user to the ISP’s connection to the internet more users are vying for a finite amount of capacity.

Leaving the ISP does not mean clear sailing for maximum speed. The web page still has to go through up to a couple dozen routers; any of which could be technologically limited, failing, or overloaded and slowing the connection. At the ultimate server the same failings on that end could slow down communications.

Another fly in the mud is the complexity of what’s in the content. With the proliferation of rich web page advertising some pages may contain content from scores of servers all over the world. This material has to be requested individually by the computer, each one going through its own gauntlet mentioned above. Some pages downloaded over excellent connections can take up to 45 seconds to complete even before the streaming services that are the goal of the connection start.

What else is on the line?

If the carrier really delivers a consistent 1 Gbps to the doorstep and all the subscriber equipment is up to the speed, there’s more overhead that could nibble away at the best rate. Services such as telephone or security systems may be constantly consuming capacity. Computers and other devices (is the refrigerator talking to the supermarket yet?) may not be friendly about when they request their updates (corporate internet services have been slowed to a crawl on days that smart phones got an update – without anyone requesting or expecting it). Online data backup and synchronization services need to move large amounts of data and they don’t want to wait until overnight in case it’s needed before then.

But the real bandwidth hogs are the subscription services many assume are separate from the internet connection. Streaming media – audio, and especially, video delivered on demand – consume capacity immediately and continuously. And, the higher quality delivered, the more capacity needed.

Television, even traditional television channels, is decreasingly being viewed via broadcast – one signal delivered to every viewer. Instead, the “tuner” is located at the provider’s offices and each subscriber receives a dedicated stream of the program; even if everyone on the block is watching the same football game. “Digital recording” works the same way with all the recordings and stop points stored in a database and generated from a central server on demand.

How much is enough?

Visualize 3 televisions or computers in the house in use at once. Add another stream for each simultaneous channel a “traditional,” on premise DVR is recording. That’s 5 Mbps each. Audio streaming is about one-half Mbps per channel. Online gaming is indeterminate, but allow 1 Mbps because it demands immediate response. Add up to a couple more Mbps for incidental services, mail, and web surfing as these demands are typically intermittent.

Total everything up and double it for reserve and future demands to get a conservative number of need. Now match need to affordability. Currently, depending on package and promotion, 50 Mbps may cost $35-$120. If that cost is too high, most streaming services will automatically adjust their quality to the available bandwidth. Most people probably won’t notice the first couple steps back from ultimate quality in most cases. Also, ask the provider if the extra cost TV package consumes bandwidth already billed for. Then ask them again and write down their name.

If the cost for 50 Mbps is not excessive, then consider the upgrade. In some areas 1 Gbps is only $20 more than 50 Mbps. In most areas, 1 Gbps may be promoted but is actually pie-in-the-sky.

And still more gotchas.

While packages may be sold as 50 Mbps or 1 Gbps, these are download speeds. Most residential plans only offer 1 Mbps upload. Web surfing and media streaming have minimal and intermittent upload demands so 1 Mbps is sufficient. Online backups, synchronization, and media sharing may take longer to complete, but are rarely timely. However, more consumers are using two-way audio and video communications which may quickly saturate this capacity; especially if they originate a conference call. Unfortunately, greater upload speeds are mostly available only with business class packages, which are often much more expensive.

All of these discussions have only been concerned with rate of connection with no mention of total quantity of data moved. While most US wired ISPs have not (yet) started metering quantity, most cellular plans do. Cellular may offer up to 25 Mbps, a continuous download at that rate will burn through a 2 GB (gigabyte) plan in 10 minutes. A standard DVD movie (not Blu-ray) runs about 4 GB or an hour of good quality audio is 30 MB.


References:
Mega - Giga, etc.:     https://en.wikipedia.org/wiki/Gigabit


. This work by Bill Barnes is licensed under a Creative Commons BY-NC-SA 3.0 US License. Permissions beyond the scope of this license may be available at http://zaitech.com/satellite/contacts.htm.
(cc) 2014- Bill Barnes - Disclaimer - Home Page - Blogs Home

Is LastPass Hacked?

In the middle of June 2015, the password manager LastPass sent a message to their users announcing that their internal security had been breached and a some tens of thousands of records from one of their databases had been stolen.

Yeah, that’s technical PR talk for “We been hacked!”

Does this mean LastPass is worthless? Should you stop using it? Should you change your password?

Answers: No, No, and Maybe.

If your LP master password was weak, you definitely should change it. And if you used your LP master password anywhere else, you need to change every other site you used it.

A “weak” password is anything that looks like it might have come from a dictionary of any major language, including char@ct3r substitutions or random capitaliZation. A strong password should be at least 15-20 characters long, truly random, and include all four character types.

You can get a quick evaluation of how good your password might be at https://www.grc.com/haystack.htm. For randomness without any unconscious human prejudices, use a good password generator such as several available at grc.com or the one built into LastPass.

For more technical details on this topic, read on here.

What did LastPass lose?
Apparently records were stolen for a small number of their subscribers from a server containing user names, a hash of the user passwords, and the per-user salt used to create the hash.

A hash ensures that bad guys can’t just log in somewhere with the information they stole but have to decrypt your actual password from what they have. The fact that LastPass has a per-user salt prevents them from brute-forcing a dictionary once and comparing the results to their whole take. Instead, they have to individually brute-force (try every possible character combination) each user because the same password for multiple users will result in a different hash.

And now they have access to my account?
Now they can start attacking one person’s account, except that LastPass threw them another delaying tactic. Instead of hashing your password once, or 500 times; they hash it 100,000 times before they save it. This requires anyone trying to test the password they guessed against the hash they stole to spend microseconds on each try rather than picoseconds. Even with specialized computers, they can only test a few thousand possible passwords per second.

“Thousands of passwords per second! I’m toast!”

Not necessarily. A simple 6-character password like aaa&1B has 750 billion possible combinations. At 100,000 guesses per second, it could take over 40 days to come up with a match. And that match allows them to break into one account. They have no way of knowing whether the account BoyObama will give them nuclear codes or a teenager’s Twitter account.

Since you have one 12-character password out of half-a-septillion combinations it could take seven times the age of the universe to crack.


References:
How many combinations:     https://www.grc.com/haystack.htm
And the number is called:     https://en.wikipedia.org/wiki/Metric_prefix

. This work by Bill Barnes is licensed under a Creative Commons BY-NC-SA 3.0 US License. Permissions beyond the scope of this license may be available at http://zaitech.com/satellite/contacts.htm.
(cc) 2014- Bill Barnes - Disclaimer - Home Page - Blogs Home

Data for the ages

While publishing an obituary for a long-time member in a club newsletter, several people mentioned that he had a regular column in the newsletter years before. We thought it would be nice to share his representative writing with those members who remembered it as well as those who never met him.

During much of that period I was editor of that auspicious publication. I knew I had drafts of most monthly issues. More than that, I knew exactly where the electronic files were; but was afraid they wouldn’t be in a readable format. Amazingly, most of the dated folders contained at least 3 files: allFeb.doc, Feb99_1.p65, and 9902.pdf (http://1drv.ms/1B7kVBD).

I now had both a Microsoft Word (97-2003) file of the collected articles, as submitted, and a PDF of the finished newsletter. It’s been more than 15 years, but I was able to come up with a readable sample of his writing in just a few minutes.

How did this happen?

1) I could find it. Not only did I keep it in an orderly file structure, but I knew where those files were likely to be. Since home computers first came with hard drives, all my household’s data have been saved to a single logical area on a single physical disc. As new computers and technology came along, the data were migrated intact to the new drive in the same location.

I learned long ago that storage was cheaper than organization. When the PC finally drove my typesetting business into the ground in 1995, I had accumulated 2,000 to 3,000 floppy discs(1) on the shelf with all of my clients’ jobs for almost 15 years; from resetting a headline to an entire catalog or complex form. Any file was accessible if I had a single identifying number, which was often built into the finished print.

2) It was physically available. With every new computer, I copied the files to it. I know that the disc spins and the bits are still readable. For many files, I still have my previous computer, although it has not been powered on for over five years, now.(2) But I use Carbonite, a reliable, online(3), commercial backup service.

3) I could read the file format. By virtue of it’s ubiquity and longevity, Word .DOCs are still accessible by most modern word processors. While I wouldn’t count on Microsoft continuing to support it in another five years (it was superseded with Office 2007 and they are enforcing their standard 10-year end-of-life), there are a number of other programs that read it now. With even commercial software now being delivered by download, I’m also keeping the installation files for software on that cheap storage. Hopefully I’ll be able to reinstall an old version if I need it; as long as the x86 instruction set survives.

If anything, the .PDF format is even more universal than .DOC with many programs, including most browsers, now incorporating a reader. And I can always do a new install of Adobe Reader 9 from my archives.

Non Sequitor:

(1)     Those 3,000 floppy discs represent barely 500 MB of data. That reflects the efficiency of storing data in a time before multi-terabyte hard drives. Some of the documents included design complexity to rival what a good secretary would do in a word processor or the word count of a small newspaper, but it was stored as simple codes that gave the printer instructions as to font, size, style, and location to put on the document. It also did not include any images. The color photos alone in an 8-page brochure today could easily add up to that 500 MB.

(2)     It may sound like a compulsive waste of space, but I once thought I might need to recalculate a tax return from many years previous. Although I had the original CD for the software, it would not install on my new computer. Fortunately, the old computer booted with the program and all its updates as of April 15 of the necessary year. Caveat: I was lucky that the computer booted. Even in mothballs, CDs, hard discs and electronics that have sat on a shelf in the garage or attic can deteriorate fatally. And don’t forget, CD drives are fast becoming dinosaurs.

(3)     Carbonite, and most other backup programs, are usually only for backup, not archival purposes. This means when you delete a file off the source disc, the backup service will delete it from their system as well. (Carbonite will keep files that are no longer on your computer for 30 days and then remove them from their system.)

If you have files that you want to preserve, but may not look at for years, you need to take specific precautions. Some possible options might be:

• You can keep them on your active hard drive so they continue to be backed up.
• You can move them to your own offline storage and test them at least annually for accessibility. If you do this, you should replicate them on two different types of media such as CDs and flash drives.
• Or you could manually copy them to a cloud service that does not sync to a local file, including syncing the fact of deletion. At the moment Microsoft’s and Google’s online storage is free – up to a limit – and can be used without syncing. Remember, though, that even these companies have changed their focus and discontinued services; often with little warning.
• For the extremely technically competent, some paid backup services can give you detailed control over retention rules. Amazon has such a service that only super geeks are aware of for a pennies per gigabyte per month; but you might have to wait a day or two for them to retrieve your data.

The best solution is probably a combination of more than one of these options. And for the really valuable documents – drafts of your best-seller, masters to your gold record, Howard Hughes’ will naming you – include a classic analog copy: toner or pigment on archival-grade paper. Beware of inexpensive ink-jet printers. Die based inks can fade while pigments used with better photo printers are much longer lived.

To preserve non-text content such as images or sounds for generations without having to revalidate them every couple years, the only option is metal. Photos (still or moving) should be saved as color-separated (not an amateur process) silver on a stable base. Classically this is referred to as “black and white film negatives.” The copper master disc for pressing an LP should be sufficient for audio recordings. This is basically the strategy NASA used when they shot the world’s “Hello”s to the stars.

Unlike my 1990-version PageMaker digital files, all of these analog media should be readily decodable with the basic software built into most advanced terran life. Extracting the audio may be a little more difficult, but even 20th century technology should be able to come up with a way to turn physical squiggles on a disc into the corresponding sound, even without a turntable.

More information: https://en.wikipedia.org/wiki/Media_preservation

. This work by Bill Barnes is licensed under a Creative Commons BY-NC-SA 3.0 US License. Permissions beyond the scope of this license may be available at http://zaitech.com/satellite/contacts.htm.
(cc) 2014- Bill Barnes - Disclaimer - Home Page - Blogs Home

Cellphone supercookies

“Verizon and AT&T are adding ‘supercookies’ to your cellphone browsing.”

Cookies do not come from Keebler. They are files in your browser that a website asks you to hold and give back to it when it asks for it. When they were conceived soon after the birth of the Web they were an innocuous means for a web server to remember what you, among hundreds of people who may be browsing its pages, are doing. Since then clever programmers have found valuable and sinister ways to use cookies. In response users and browsers took steps that block not just bad, but good cookies and the arms race continues.

Thus is born the supercookie which does not reside in the browser. Generally it is some form of fingerprinting of specific characteristics of your computer. It is easy for a web server to ask the browser to report plug-ins and fonts it knows about and also CPU capability and screen resolution, among other features. It will use these statistics to better customize the web page, graphics, and video it sends you. A half-dozen pieces of information uniquely identifies me out of over 4.5 million computers. The website can then collect this information in a database correlated to personal facts it already knows about.

Recently the popular press has picked up on another type of supercookie being fed us by the cell carriers. Verizon has acknowledged that they’ve added this “feature” since 2012 and it has also shown up on tests of AT&T phones. The technique involves the fact that your cell carrier, like any ISP, is a man in the middle for everything you send out on their network. In this case, they are adding a text identifier to every HTTP transmission you send over cellular data – it is not included if you connect via WiFi.

Verizon’s goal was to allow websites,, for a fee to send them your code and receive some of the plethora of personal data Verizon knows about you. This could include details such as your demographics, phone number, and which store you just walked into at the mall. Unfortunately for Verizon, because the ID is included whether the website subscribes or not, the website could just as easily build their own dossier on that ID. The ID is still attached to your browsing even if you opt out of allowing Verizon to sell your data.

The only way to block this identifier is to make your communications on the cellular network all through a secure channel. They cannot attach the ID to HTTPS browsing. Fortunately major social networking sites such as Facebook, Google, and Twitter use HTTPS all the time. For all the other websites you might visit, your only recourse is to install and use a VPN.

Although Verizon is the only carrier to admit that they include and are monetizing this ID; the technology is available to every cellular company, ISP, or public access site.

---------------

References:

Steve Gibson’s Security Now

·         The entire podcast: http://twit.tv/show/security-now/479

·         His show notes and other text: https://www.grc.com/sn/sn-479-notes.pdf

Wired Magazine describes the process

·         http://www.wired.com/2014/10/verizons-perma-cookie/

My articles on cookies

·         http://fromthehelpdesk.blogspot.com/2012/04/are-you-following-me.html and following.

EFF fingerprint test

·         https://Panopticlick.eff.org
 

. This work by Bill Barnes is licensed under a Creative Commons BY-NC-SA 3.0 US License. Permissions beyond the scope of this license may be available at http://zaitech.com/satellite/contacts.htm.
(cc) 2014- Bill Barnes - Disclaimer - Home Page - Blogs Home

The slippery slope

I fell into a well. I knew it was there. The field is pockmarked with many wells and I knew they were out there. Some are camouflaged while others have a big sign that says “jump in here!” Some of the shallower ones are actually more dangerous.

The well I landed in is one of the deepest, but, hopefully, one of the less dangerous. Even so, I caught myself near the top and set a bosun’s chair, but it keeps slipping farther down the well.

The well is called an ecosystem and its purpose is to ensure that once you are in one company’s ecosystem, you will consume more and more of their products to the exclusion of their competitors.

In personal computing the first serious ecosystem competition was Apple vs Microsoft. Once you made a commitment to one operating system or the other, your choice of software was pretty much determined with little overlap. With the beginning of broadly available online connectivity the battle was between networks such as AOL and CompuServe which initially couldn’t trade email. Now the competing ecosystems are the likes of Amazon and EBay for merchandise and Facebook and Google for everything else.

Why does business need an ecosystem? It’s branding to the nth degree. When I was growing up, you were either a Chevy or a Ford person. Later it was Coke or Pepsi. Loyalty to a name could ensure prosperity for a company, independent of the quality of the product. Now it’s “do you live on a wall or in a hangout?”

Say you want an e-reader with a mostly broad and reliable supply of books. You download the Kindle apps and register for an account to buy books and synchronize your desktop reader with your phone’s. The next best seller you buy “you can get the Audible version too for $3.” And, “this book was made into a movie – watch it on Prime.” Later you need a toaster for a cousin’s wedding – order from Amazon because you get free shipping. That’s an ecosystem.

The ecosystem I fell into is Google. Beware the credo of the internet that “if you can’t figure out what the website is selling, you are the product.” Google delivers us to its advertisers. More than that, it delivers our profile to its advertisers.

Early in the commercialization of the web online advertising was like magazine advertising. A site might attract sci fi junkies or wine aficionados, but if one person moved from one site to the other there was no way to know it was the same person. Then along came DoubleClick. They realized if everyone had ads from them, they could read their own cookies regardless of who owned the content. Then they would know that I drink wine, watch Dr Who, and also am shopping for a snowmobile. So, I get skiing ads on Wine Spectator and comiccon ads at Eddie Bauer.

Google’s got a pot of money and is looking for synergistic businesses to buy. So they pick up DoubleClick and then YouTube (lots of interest-specific profiling to do there). Hop over to their core product and what takes up the prominent position in any search? Ads. Ads that not only apply to your current search, but also all of your web surfing.

They also created an email service where people spend lots of time and provide a pretty decent online office suite. Of course, to use those personalized services, you have to sign in to their system. For convenience, one sign in gives you access to all these services and leave the “keep me signed in” box checked so you don’t even have to enter your password every time you restart your browser. Now your searches are not just an anonymous cookie, but you with a detailed profile with a name, email address, chronic diseases, and more. Don’t worry, Google’s motto is “Don’t be Evil.”

How do I cope with the ecosystem?

I take the effort to uncheck “keep me signed in” and try to remember to sign out when I’m done. I avoid logging into other sites while logged into high value sites (financial or personal information). I have four browsers and never sign in to any account from two of them. I seek out my browser’s configuration to ensure “do not track” is enabled and third party cookies are disabled. I also set all cookies to be cleared when I close the browser – but that can be a real nuisance sometimes. I use the Firefox plugins Ghostery to alert me who (besides the site I actually went to) is watching what I do and NoScript to ensure those third parties can’t sneak malicious or tracking code onto the pages I’m viewing.

By the way, if you carry a smartphone, you’re permanently in Google’s or Apple’s ecosystem (or Microsoft’s for a couple of you). This is in addition to Verizon’s and ATT’s ecosystem, or whoever your carrier is, which has been true as long as there have been portable phones. You might also be in Samsung’s or Amazon’s or HTC’s ecosystem if the phone manufacturer chooses to watch over you for more than system upgrades.

If you’ve installed an app from Facebook, Twitter, or a myriad of others; they also could be watching over you even if you’re not actively using the app. And now some retailers and entire malls have technology that can identify the radio signals your phone is constantly putting out to track you from sweaters to socks or from Gap to Banana Republic to Sears Automotive.

The only way to stay out of the well is to stay out of the field. But we know that means living in the 20th century. Why did we so expectantly await the future?


NOTE: Products and companies are named as representative. It is not my intention to imply any one person or company is better or worse than any other.


. This work by Bill Barnes is licensed under a Creative Commons BY-NC-SA 3.0 US License. Permissions beyond the scope of this license may be available at http://zaitech.com/satellite/contacts.htm.
(cc) 2014- Bill Barnes - Disclaimer - Home Page - Blogs Home