Tuesday, August 7, 2012

Online Security: We Are All at Risk

     I read an article on Monday on how a tech writer had his online life literally destroyed in under an hour. Not for who he was, but because someone wanted his Twitter account handle.  This could happen to any of us for the same reasons.  The thing that was interesting to me about this hack was that the hackers didn't have to crack his passwords to gain access to his accounts.  Apple and Amazon handed the information over.  Amazon has already responded and has changed internal procedures. Still no word from Apple.
     So, how do we stop this from happening to us? By making it as hard as possible to get in.  If someone wants in and is willing to spend the time, they will most likely gain access thru brute force attacks.  But you don't have to make it easy on them.
     One of the most common mistakes people make is using the same username and password for every website. DON'T!  If you already have, starting changing them today.  I know, "How do I keep track of all the usernames and passwords? Writing them down isn't good either."  One way is to use a password manager like LastPass.  While browsers like Google Chrome have password managers built in, I prefer LastPass for a couple of reasons. One is that they have browser plugins to make it easier to access your information, and it goes with you.  It's web based and can be accessed from any computer.  I'm not going to get into all the features here. Go to their website and check it out.
      Another thing people do is use dictionary based passwords.  These are easily hacked with the power of today's computers.  There have been many articles on what the best passwords are.  I try and combine all possible combinations when possible.  Short three or four word phrases will take years to crack with todays computing power.  Phrases like "he likes pizza" is more secure than "helikespizza".  When you throw in numbers, letters and special characters you have the making of a very good password "h3 Like$ pizz@".  And the longer the better.  Try to use the maximum number of characters the site will allow you to.
       Lastly, use 2-step verification when possible.  What is this? It's a security protocol that makes you have two steps to login.  Some of you may use RSA keys at work. This is a 2-step verification product. Most of the time the second step requires the use of your cell phone.  While this can add a few seconds to your login time, the security it provides is some of the best available.  With 2-step verification hackers will have to have both your password and your cell phone to gain access to your data.    If you have a Google account(either personal or business), they offer Google Authenticator.  LastPass offers this as well. They have 3 different options to use, Google Authenticator is one of them.  That's another reason why I like using LastPass.
       More and more sites are starting to offer different 2-step verification options.  Hopefully more will start using Google Authenticator.  It's free for site developers to use.  Everyone's favorite social site Facebook has "login approvals".  Not everyone can use it though.  I login into Facebook using the secure site(https:\\ not http:\\) and I keep my browser secure.  Facebook won't let me enable it.  Dumb. Hopefully they will change this in the future.
      Please leave any questions and comments below and be safe online.

Friday, January 21, 2011

Why T-Mobile Selling Their Towers is not a Big Deal

Everyone has been up in arms the last few days because of a report of T-Mobile USA thinking about selling their towers.  If they do, so what, nothing will change.  Not all carriers own their towers.  Towers are expensive to own and maintain.  Outside of the physical maintenance of the tower, there is a lot of FCC regulations that need to be met and paperwork filed annually showing those regulations are being met. By selling the towers and then leasing them from the company they sell them to they 1) get capital money for the sale of the towers and equipment and 2) they can eliminate the tower maintenance staff that they employ, thus having more money freed up for capital expenditures.
In no way will this sale, if it happens, affect their service.  It will affect the people they employ but not their customers.

Monday, January 17, 2011

Mobile Data Speeds or Lack Of

     We have all seen our data speeds go up and down depending on the time of day. But do you know why?  The tower has a predefined amount of bandwidth. The more users the less each user can get. So during peak times you get a lot slower speed than on non-peak times.  Sometimes less than half of what you are capable of getting.  All mobile carriers do it and we put up with it.  Let's use 3G as an example. In most cases it maxes out at around 3Mbps. Have you ever seen it? I haven't, and it's what you pay for.
      Now let's take your ISP, if you pay for 15Mbps down what will you do if you only get 7 Mbps down? You will call your ISP and tell them your data service isn't working correctly. You will continue to complain until you get the 15Mbps that you are paying for.
      Unfortunately we have allowed the mobile carriers to get away with doing this for way too long and I don't think we will ever get the speeds we pay for.

Monday, June 28, 2010

SlingPlayer for Android

I've been waiting for this app to come out since I purchased my Hero last October.  I used in on my Windows Mobile phone for over a year before that.  First thing that is going to hit you is the price tag, $30.  A lot for an app, yes, surprising, no.  When I was using SlingPlayer on my Mogul it cost me $30 for that app as well.

After downloading setup is incredibly simple.  Just log into your Sling account thru the app and all of your Slingboxes are listed.  Select the one you want to watch and away you go. The app runs incredibly smooth and has an incredible picture.  I was even able to watch a baseball game on it while going driving down the interstate. (No I wasn't driving).  I did notice that it appears to be a resource hog.  If you have apps running in the background(mail, twitter, facebook, ect.) they will FC after time.

I have found one thing I don't like about this app, it doesn't work on ROMs with JIT.  I tried several ROMs with no luck.  I even turned off JIT in one of them rebooted and no luck.  SlingMedia has a Twitter account with the name of @MisterSling.  MisterSling was on GDGT.com earlier this week answering questions about the new Android app.  I asked about JIT support and was informed that they only support official ROMs.  I can see that.  Still wish it work because I really like some of the ROMs with JIT built in.

 Hopefully with the source code release of Froyo (Android 2.2) to AOSP SlingMedia will start working on getting the app working with JIT before an official ROM gets released.  I can see more than one angry person that paid $30 for an app then upgrades to an official 2.2 release and the app not work.

Sunday, April 4, 2010

My Adventures in Flashing a New ROM

     I rooted my HTC Hero (Sprint) a few weeks after I got it back in October but have not put a custom ROM on it for several reasons.  One, I was very nervous about bricking it, and two, all the ROMs available were either still 1.5 or partially functional 2.x ROMs.
     I have been watching XDA closely looking for a 2.1 ROM.  A few weeks ago they got a hold of a leaked Eris ROM.  It still had a  few things that were not functional on the Hero.  Then I looked on Friday and they had two ROMs based off a Sprint Hero leak.  100% functional. Okay time to flash a new ROM.  This is when the fun (read STRESS) began.
      I downloaded the Fastrec one click rooting method and an Amon Ra recovery image. Rebooted, again and again.  I finally realized that the procedure to access fastboot is different for the Euro version and the Sprint version of the Hero. Finally got into fastboot, selected recovery.  NOTHING.  My phone rebooted and locked up.  Pulled the battery, did the same thing, over and over.  I called it quits for the night.
      New day, I reach out to the twitterverse for help.  Discovered that I had I bad recovery image. I got a new recovery image flashed via terminal on the phone and did a nandroid backup.  Here is where I made a mistake.  Fellow noobs pay attention.  I did the nandroid backup BEFORE I created an ext partition on my SD card.  Thus erasing my backup.  I didnt realize this until many hours later.  I rebooted, put a new ROM on my SD card and booted into recovery.  I installed the ROM and rebooted.  It started to boot fine then, NOTHING, phone locked up.  Not again. Tried several more times.  Still nothing.  Not good.  It wasnt a big deal when I couldnt get into recovery when I had a functional ROM but now my phone is unusable.  I pulled the battery again and booted into recovery.  I put a different ROM onto my SD card and tried again.  25 minutes later, NOTHING.  Not good.  Pulled the battery and tried again.  I discovered I was in a boot loop.
        I getting really nervous at this point.  I know its been said that if you can get into recovery all is good and can be fixed.  But as a noob I was nervous.  It didn't help that my wife follows my twitter stream and was on my case about breaking my phone.  Okay neither of the 2.1 ROMs I was interested in were working.  Phone is not a brick at this point but might as well be.  I decided to go with an older 1.5 ROM that was used by alot of people and try it.  IT LOADED!!  Wow, my phone was functional  again.  I let it sit and charge for a while then decided to try a 2.1 ROM again..  It worked this time.
         I have no idea what caused the 2.1 ROMs not to work the first time thru but they are working now.  I have tried both of the ones I was looking at and settled one one. When I flashed to the second 2.1 ROM it went flawless and was really easy.
        I think I spent about 3+ hours trying to get a functional ROM back on  my phone from the time I flashed the first time.  I want to thank @simms22 and @chickenfudge over on Twitter for helping me thru a very trying time yesterday afternoon.  The reason I was trying to use Fastrec and not the Android sdk was my computer was being tempermental and would not let me access my phone thru the sdk.  I tried changing the drivers but my Windows 7 64 bit OS had its own ideas for what the drivers should be.
        Feel free to leave any comments or questions below.

Thursday, February 4, 2010

The Phone Wars: Google vs Apple

Unless you have been living under a rock lately you know about the fight going on between Google and Apple.  This fight had been escalating for a bit now.  In my opinion here is how the fight is going:

Apple: blocked the Google Voice app from the iPhone. If it was at AT&T request is not the point they still did it and there are jailbroken phones that could of used it off of AT&T.  

Google: Launched the Nexus One even though it obviously was in development for a bit Apple's punch came first

Apple:  Mr Crapple (aka Steve Jobs) trashed Google at the Apple all employee meeting

Google: Turned on mutlitouch in Google apps on the Nexus One

Handicaps:  
        Apple: AT&T's network is being severely strained by data users.  To make matters worse for AT&T, they approved the SlingPlayer app for use over their 3G network.  I see data usage going up even more now.  More dropped calls on the iPhone now.
       Google:  the Android Market & app storage.  The interface is not great and there is no real good way to browse the market on the web. The App store may have more apps but that means more junk as well.  Developers are slowly moving apps to Android from the iPhone.  Google is working on Apps2sd as a default to make more memory for app storage, but currently storage is an issue.

Current state of the fight:  Google ahead.  The Nexus One running it's current enhancements is a stronger phone than the iPhone.  Once Google gets apps2sd running and the market in good shape the iPhone is in serious trouble, but we will just have to wait and see who lands the next punch and what it brings.  

Sunday, January 24, 2010

Rogers Fails Android Users AGAIN!!

WOW!!  Rogers (Rogers is a Canadian mobile phone/cable tv provider)  has really been failing their subscribers lately. First they have a  911 GPS issue on BOTH the Magic and the Dream.  Okay, not a big deal just push a fix and go on right?  Wrong!

Rogers tells everyone they  MUST install the patch by 6:00am EST on 1/24/10 or their internet access will be temporarily suspended ( http://bit.ly/7umNGy ).  Well in the biggest fail of them all they pushed out the fix on 1.5 taking anyone who had custom ROMs back to 1.5. With this they disabled the existing root path eliminating the possibility of putting custom ROMs back on the phone.  In a conversation with one Rogers customer he ended up losing at least 3 apps, including Google Goggles.

As a very poor consolation the new 1.5 was pushed with HTC's Sense UI.  As nice as the Sense UI is I would be pissed if my OS was downgraded and I couldn't fix it.

Wonder what Rogers subscriber base is going to look like in the next six months.