With as many as 70 reports of exploding batteries in the US alone, Samsung has officially announced that it is recalling all Galaxy Note 7 phones sold prior to, well, this week. In case you were considering ignoring the recall to continue using your shiny new phablet, know that even the US Consumer Product Safety Commission is recommending everyone stop using the device immediately. Still not convinced? Just do a search on YouTube for exploding batteries to gain a new understanding of just how Samsung’s “hot” new phone is really not one you want in your pocket or purse. While certain less savory media outlets may be sensationalizing Samsung’s flagship recall with lurid headlines, there are at least several lawsuits pending which allege grave bodily injury and extensive property damage.
What this means for you:
Make sure your important data is backed up somewhere other than the device, stop using your Note 7, and head to your nearest carrier service center/store. Know that in most cases, carrier personnel are being instructed by their leadership to not turn on the phone or assist customers in transferring data off the device (which they normally do). Expect your phone to go straight into a box, and if you’ve not retrieved your data, you will not see it again. Depending on your carrier, you will have options to replace the device with something else, get a loaner while you wait for a “safe” Note 7, or just get a full refund for your purchase. Here is Samsung’s official page on the “exchange” program. You should also know that Samsung plans to “nudge” Note 7 holdouts by sending an over-the-air update to lower the phone’s battery capacity to 60%, hoping to provide further incentive to reluctant Note 7 owners to turn in their phablets.
Even if you don’t own a Note 7, there are several valuable lessons that can be learned from the recall.
- Any mobile device that is too hot to touch, especially while being charged, is potentially very dangerous. Immediately unplug it, power it down (if you can do so safely/quickly), and set it away from any flammable materials until it cools down. Definitely replace the charger with a high quality charger – be careful of “booster” or “fast” chargers, especially cheap ones – even if they don’t explode your battery, you can do serious damage to your phone with repeated use if the amperage/voltage is not aligned with your devices requirements.
- Make sure your important data is backed up and retrievable from another device that isn’t your phone. This includes contacts, emails, photos and text messages, as well as any other content you create exclusively on your phone. Both iOS and Android offer “native” cloud platforms that can help you store your phone data, and most major carriers also have custom apps/plans that will also cover you there, but don’t assume these services are activated and working from the start. Most need to be set up, and depending on the amount of data that needs to be stored, may require additional payment to expand your cloud storage. Also, backing up data takes time, especially if your internet connection isn’t very fast.
If you can’t live without your mobile device for more than couple hours, why not swap to your older phone for awhile until Samsung can ship you a phone that has less potential to cause 3rd degree burns. At minimum, know how to check your phone voicemail from another number/device. This will allow you to answer all those concerned calls from friends and colleagues who know you are still walking around with Samsung’s “hottest” new phone.
Image courtesy of Stuart Miles at FreeDigitalPhotos.net
You know the general public is suffering from security fatigue when something as big as the Dropbox breach appears in the news, and almost as quickly, disappears. In case you blinked, online magazine Vice.com broke the news last week that a database recently surfaced which contains over 60 million Dropbox.com user accounts (email addresses) and hashed passwords. Almost immediately following this news, Dropbox itself issued an email warning to its users that it was resetting passwords of users who might have been impacted by a 2012 breach. Breach notification site HaveIBeenPwned.com also corroborated the reports that the account information found in the database does contain valid usernames and encrypted passwords.
What this means for you:
Even though breach data may be years old it can still be valuable, especially if the passwords are stored with weak, easy-to-crack encryption. In the case of the Dropbox breach, approximately half of the passwords are strongly encrypted, and are unlikely to be decoded, and the other half stored in a slightly weaker, but still formidable encryption method. As proof of their continued value, many databases from breaches as far back as 2012 and earlier as still actively traded and sold in the digital blackmarket, and as technology continues to advance, you can bet that even strongly encrypted databases will eventually be cracked. If your account and password only showed up in the Dropbox.com breach, you could consider your password relatively safe (change it anyways!) for now, but if you used it elsewhere, and that account was exposed in another breach, like the LinkedIn.com breach that happened in the same year, and you used the same password as you did for Dropbox, your security is considerably more compromised. Multiply that exposure for every other breach you were a part of and used the same password again, and we can’t even account for the breaches that haven’t yet been publicized!
Long story short: check HaveIBeenPwned.com, change your passwords, and don’t reuse passwords!
With the hotly anticipated announcement of the next iPhone right around the corner, some parts of the technology media are once again navel-gazing about the world’s continuing love affair with Apple’s popular smartphone. It’s easy to see why so many are devoted consumers: the iPhone is a stellar example of a beautiful device that is highly functional. Long gone are the days where using high-tech tools were the sole domain of the unfashionably nerdy or productivity-obsessed workaholics, and there is no doubt who we have to thank for this change. But the eternal question is raised again: are we sacrificing function for form? Has the iPhone become of the stiletto heels of mobile devices?
Has Woo gone off the deep end?
Before you get the pitchforks and torches out, let me be clear: I’ve got nothing against stiletto heels. They are only one example in a sea of thousands that illustrated the “form over function” ideal, but they make for a handy and familiar analogy. Over time, the iPhone has become thinner because, let’s face it, chunky phones just aren’t “sexy” in today’s world. This had led to some interesting trends including antennae-gate, bend-gate, Touch disease, and the telling statistic that up to 1 in 4 of iPhones will suffer a cracked screen during their functional life, and that as many as 15% of all iPhone users are walking around with cracked screens rather than replacing them. What’s troubling is that an affordable, shatter-proof screen is readily available: use plastic instead of glass! But time and again, market research and testing shows that people don’t want plastic because it feels cheap, and right now, iPhones (and smartphones in general) are still very much a status symbol. Not that other smartphones aren’t seeing a similar trend in flawed design, but Apple is an easy, high-profile target that continues to market on its esthetics, and like a purebred pet with predisposition to genetic health issues, the iPhone could be evolving into a fragile, unsustainable extreme. How many more “flaw”-gates will people suffer through before demanding a more functional, practical smartphone? I still see a lot of stiletto heels out there.
Last week, the majority of US Windows 10 users received a big update from Microsoft nicknamed the “Anniversary Update”, primarily because it was initially released on Aug 2, approximately one year after the official launch of Microsoft’s latest operating system. Amongst a host of improvements to core features like Edge and Cortana and presumably numerous bug fixes, the update also managed to render millions of webcams inoperable. Depending on what you use your computer (and webcam) for, and even what generation you hail from, the impact of this could have been non-existant to a complete showstopper. In the ongoing videochat fight, Apple and Google just scored a TKO without even stepping into the ring.
What this means for you:
Obviously if you don’t use Windows 10 and a webcam, feel free to point and laugh or shake your head in sympathy. What might make this very aggravating for the average Windows 10 user is that they may not even know their computer was updated last week. All they know is their Skype or favorite videochat app is now locking up after a minute with no visible explanation. Even more exasperating is Microsoft’s new rollback policy for Windows 10. Previous versions of Windows allowed the user to uninstall any MS update applied to their system at any time. Now, with Windows 10, you have ten days to rollback your OS to a previous version, otherwise you are just out of luck. In the grand scheme of things, ten days is a very short time to figure out the root cause of an obscure problem like this, so you can imagine that many folks are discovering the root cause of this problem too late to easily solve it.
Though Microsoft has finally acknowledged the problem (WARNING: technical jargon galore!), a patch is unlikely to be released until September. Until that day arrives, the only fix is to rollback the Anniversary update (if you catch it within 10 days) or manually edit your computer’s registry. Buying another webcam won’t necessarily fix this problem unless you know for a fact it can process video through a codec known as YUY2, as Microsoft intentionally removed support for the more common MJPEG and H.264 protocols. According to them, these two older codecs have significant performance issues and support was removed to improve Windows 10. So now instead of degrading performance, your webcam will have zero impact on your computers performance. Working as intended?
Get ready for 1000% of your daily dose of Irony: America’s top surveillance outfit, the National Security Agency appears to have been hacked, according to announcements made by a group known as the “Shadow Brokers” and backed by a sample of data released as proof. Not only that, it may have happened as early as 2013, just days after NSA whistleblower Snowden went public. The spy agency has yet to comment on the matter, though given their usual taciturn stance on sharing information with the public, further enlightenment is unlikely to come from that source. Snowden himself weighed in on the issue shortly after this news became public, attributing the original hack as likely being the Russian government. In a further dose of irony, Snowden currently resides in Russia, presumably as part American exile and part Russian political trophy.
What this means for you:
Before you grab your bug-out bag and head for your internet-proof bunker, make sure you freak out for the right reasons. In this particular instance, the data for sale appears to be code, and not data on Americans (which they are assuredly collecting). Offered as proof of the deed, the Shadow Brokers posted source code of known malware apps the NSA is alleged (by Snowden and others) to have used to break firewalls and other security platforms in use by foreign nations, presumably to allow the install of other covert surveillance software on the computers behind those security measures. Security pundits, including industry vet Bruce Scheier, have evaluated the data released, and in light of the the current political climate between the US and Russia, are of the opinion that this might be a manuever by the Russian government in anticipation of criticism or accusations from the US about the DNC hacks. To put it in more understandable terms, we may be seeing the opening salvos in a new, thoroughly modern Cold War. Instead of warheads and undercover spies as pawns, this one may be waged via the internet through cyber warfare and social media. Ready to head to that bunker yet?
Researchers from security firm Check Point announced at this year’s DefCon security conference that up to 900 million smartphones may be vulnerable to a set of up to 4 vulnerabilities that appear in Qualcomm-powered devices. Discovered earlier this year and reported to the manufacturer, Qualcomm has since published fixes, but not all manufacturers have pushed these fixes to all the affected models, including Google’s own Nexus line which normally has a reputation for being kept more current than most Android devices.
What this means for you:
Based upon the affected Qualcomm chipset impacted by these four vulnerabilities, the following models are impacted:
- BlackBerry Priv
- Blackphone 1 and Blackphone 2
- Google Nexus 5X, Nexus 6 and Nexus 6P
- HTC One, HTC M9 and HTC 10
- LG G4, LG G5, and LG V10
- New Moto X by Motorola
- OnePlus One, OnePlus 2 and OnePlus 3
- Samsung Galaxy S7 and Samsung S7 Edge
- Sony Xperia Z Ultra
To find out if your phone is affected by the vulnerabilities, you can run this app on the Google Play Store: QuadRooter Scanner. Buyer beware: the app developer is very transparently marketing its mobile protection app through the publicity surrounding their discovery. I don’t begrudge them the opportunity – after all they did the hard work to discover these flaws, but I didn’t install their software as I am confident I can keep my device safe, and I’m sceptical of mobile security apps in general. If the app reports that you are vulnerable, it will state which CVE’s are still unpatched on your device. You have a few options at this point:
- Check to see if any outstanding OS updates are available to be installed on your device. Where this is shown will vary depending on your phone’s manufacturer, but typically it will be found in “Settings”
- Avoid “side-loading” apps from dodgy sources. Only install apps from the Google Play store and nowhere else. Even then, think twice and read the reviews on any new apps, especially ones that seem to be very new – hackers have been known to sneak malicious apps onto the Play Store for a short while before being detected and removed.
- As usual, avoid opening strange emails, URLs and attachments on your device.
- Send an email to your device manufacturer asking them when they plan to patch the vulnerabilities on your phone. The more people that write in, the more likely the manufacturer will move faster on deploying the fixes.
Just when you think Microsoft might have its act together security-wise, some clever/persistent security researcher will do their damndest to shatter your fledgling comfort with the latest exotic bug. In this case, the bug has been around since 1997 – it’s so old it’s officially Bug #4 in Internet Explorer. As in the fourth bug discovered in Internet Explorer, ever. And never fixed! Sadly, this negligence has arisen as a critical security flaw in both Windows 8 and 10, and could lead to your Microsoft Live account being exposed.
What this means for you:
This flaw does not affect the following:
- Windows 7,
- Windows 8 or 10 computers attached to a domain,
- Windows 8 or 10 computers accessed via local accounts,
- Windows 8/10 users who do not use Internet Explorer, Edge or any version of MS Outlook.
The people who fall into #2-4 are what I would call a “select” demographic, which is to say that it’s more likely you are using Windows 8 or 10 with a Live account. Via trivial exploit, a hacker could obtain your login and a hashed version of your password, and depending on how complex that password is, that hash could be cracked in less than a minute, meaning your Live account is now fully compromised. In case you weren’t sure what Live accounts can do, they give you a wide variety of access to Microsoft services including OneDrive, Skype, MS Office, and XBox Live to name a few, not to mention your actual computer, should the hacker somehow gain access to your local network or the device itself.
Before you start panicking, there is a (relatively) simple solution: change your password and switch your Live account to use 2-factor authentication. This won’t change how you log into your computer, but it will force anyone trying to use your credentials elsewhere online from using them without that second authorization that 2-factor provides, even if they manage to steal your password again. To really circumvent this bug from impacting you, switch to using a local account on your computer, or to stop using IE/Edge and Outlook until Microsoft fixes this ancient, but dangerous bug.
Image courtesy of Stuart Miles at FreeDigitalPhotos.net
It’s time for Decision 2016, but unfortunately not the decision most of us would rather get out of the way to get on with our lives…or is it? Microsoft is ending its year-long offer this Friday of a free upgrade for Windows 7 and 8 machines to Windows 10. Though I may say with no small amount of sarcasm that I’m surprised more people haven’t taken advantage of this offer (or been taken advantage of, depending on your vantage point), Microsoft is sticking to its guns and after Friday, Windows 10 Home upgrade will be $119. And the decision, in case it hasn’t already been made for you (sound familiar?), is whether or not you should upgrade to Windows 10. With nearly a year of watching people being flung into the upgrade abyss without warning, my answer hasn’t changed, and the release of the cost of taking the free road makes it easier for me to explain why. For every single trouble-free upgrade I’ve come across, I’ve come across 3 that are in varying degrees of dysfunction. If you like those odds, or value multiple hours of your time at less than $119, then push that button before Friday.
Dang it, Woo, why you gotta be such a Debbie Downer?
Windows 10 on a brand new machine runs great. It’s a nice evolution of the Windows operating system, and for the most part it runs just like Windows 7 with a little 8 for spice. The new OS isn’t the problem – the problem is your old computer and its years-old operating system. Even if it’s been professionally managed, kept squeaky clean and “barely used”, all Windows operating systems build up what I call “cruft” over time. With use, Windows computers builds up the technical equivalent of barnacles, but unlike ship hulls, we can’t dry-dock your PC and scrape it clean. If you want to upgrade your computer to Windows 10, the most trouble-free experience will only come if the computer hard drive is wiped clean and Windows 10 installed fresh. Even then, there are no guarantees that your computer (despite Microsoft’s insistence) is really ready for Windows 10. The most common, aggravating problems my clients have experienced have come from buggy drivers for their video cards, network interfaces and peripherals, as well as forced upgrades to Internet Explorer 11 which many times will render older corporate web apps unstable or unusable. The latter problem will be fixed (over time, maybe), but for some older hardware, there won’t be upgraded drivers, forcing you to upgrade the affected device, if you even can. Another inexplicable and (eventually) untreatable problem is a slow degrade in performance after your OS is upgraded. Windows 10 will run, but parts will frequently crash or just won’t open their interfaces. Your computer will take long pauses for no apparent reason, sometimes for Windows updates being applied with no notice, and many times just because.
If you really want to upgrade your computer to Windows 10, here is the recommended path:
- Backup your entire hard drive – sometimes called “imaging” or making a bootable copy
- Backup your data and settings separately.
- Make sure you have installation media/files for all your critical applications, including activation keys, codes, proof of purchase, etc.
- Let Microsoft upgrade your computer to Windows 10, and then activate your copy online when the upgrade is complete.
- Create Windows 10 installation media (either DVD or bootable thumb drive)
- WIPE THE DISK
- Reinstal Windows 10 from scratch
- Re-activate your install
- Restore your data and apps to your brand new Windows 10 computer.
- Have a much better day than your peers who stopped at step 4.
Image courtesy of Stuart Miles at FreeDigitalPhotos.net
Seagate recently announced a new hard drive that can store up to 10TB of data on a standard 3.5″ hard drive designed for consumer-class devices, raising the bar by two terabytes from their previous models. If you are having trouble visualizing how much data that is, think of it in these terms: A single terabyte (1000 gigabytes) is equivalent to 1400 CD-ROMs of data, 2000 hours of CD-quality audio, 27,000 36mb photos (super high-res), or 85 million Word documents. And that’s just a tenth of this hard drive’s capacity. For large companies, 10 terabytes might be a number that was surpassed a few years ago (depending on the nature of their work), but the average home computer user rarely amassed more than 1-2 terabytes of data, even with lots of photos, music and backups.
What this means for you:
Unfortunately, hard drives are like closets, attics and rental storage: they will fill up with stuff, and at some point, it becomes nigh impossible to find the thing you are looking for without digging through a ton of old, mostly useless stuff. Unlike physical storage, hard drive storage is becoming increasingly easy (and cheap!) to expand. You don’t even need to buy hard drives if you don’t mind storing stuff “in the cloud” (which is just a bunch of hard drives somewhere else). Software is improving constantly to help us sort through this mountain of data, but the one technology that is still struggling to keep up with exploding data sizes are internet speeds, and accordingly, offsite backups are affected. On an average consumer broadband connection whose upstream maxes out at 5 megabits/second, backing up a single terabyte of data would take over 500 hours, and that’s at optimum speeds! If you happen to be one of the lucky few that have something like Google fiber, you could theoretically backup that same amount of data in 2 hours, but only if your backup service could even sustain that transfer rate (insider tip: it can’t). Long story short: just because space is available, don’t fill it up without some solid planning. Determine what data needs backing up and what you could easily replace. Examples of the latter include downloaded music, videos or audiobooks, applications and local copies of photos that are stored in the cloud.
Image courtesy of Stuart Miles at FreeDigitalPhotos.net
Recently I wrote about why Windows 10 has been offered for free to the millions and millions of Windows 7 and 8 users: profit. Get ’em hooked on your shiny new OS, and then reel them in when it comes time to start upgrading your businesses, all who employ people who have become familiar with the new OS (whether they wanted to or not). But wait, Chris, isn’t Windows 10 free for businesses too? Maybe the small ones, but when you have more than a couple dozen computers, your Windows and Office applications are typically acquired through one of Microsoft’s myriad licensing programs. Up until now, one of the licensing options many businesses opted for was essentially a one time purchase of Windows for each computer, providing a license that did not need to be renewed (unless you wanted support directly from Microsoft), and in certain cases, was transferable from computer to computer as you upgraded. This model is changing with Windows 10 Enterprise, and presumably at some point in the future, for all flavors of Windows going forward. Starting this Fall, companies who want to upgrade their fleets of computers to 10 will pay $84/seat/year.
What this means for you:
With previous versions of Windows, Microsoft had committed to providing updates and patches essentially for the life of the product. You bought Windows once, presumably when you bought your computer, and never another dime to Microsoft after that. Though they haven’t outright said so, the subscription model for Windows implies that unless your subscription is maintained, updates and even certain functionality will cease when your subscription lapses. Any of you who have had your Office365 subscription lapse may have already experienced this: the software isn’t removed from your computer, but certain key functions are disabled, such as printing and saving, until your subscription is reactivated. This was a rude awakening for some who were used to the buy-it-once models of Office 2007 and 2010. Microsoft has gone on record stating that the Windows 10 licenses acquired through their free upgrade offer this past year will remain free for the “life of the machine” on which it is installed, but as you may have suspected, this free license is tied to that specific machine, and is not transferrable to a different computer. For the moment, the non-Enterprise versions of Windows 10 appear to be free of subscription hooks, but don’t count on it lasting much longer.











