watchOS 5 Needs Some Work When It Comes To Its Mail App

Posted in Commentary with tags on October 21, 2018 by itnerd

Yesterday I got a call for a woman who was highly frustrated. She had just gotten a Apple Watch Series 4 With GPS+Cellular and she had a very interesting problem that neither she or the Apple Genius Bar could solve:

  • When the watch was connected to her iPhone via Bluetooth, she had no problem sending or receiving mail via the Gmail account that was on the watch.
  • When the watch was connected to LTE, she was getting this error: “Cannot Get Mail, No connection available to retrieve messages for [Insert name of Gmail account here], Make sure to activate this account in “Apple Watch App” on your iPhone.”

Out of desperation she called me to have a look. I had a suspicion of what was going on even before I arrived at the client’s location. Gmail has a setting where you could enable or disable the use of “less secure apps”. A less secure app is one where the app can see your Gmail login and password directly. That’s a security risk if the app has been compromised by malware or is untrustworthy in some way. Instead, Google wants you to get your mail from Gmail via an app that uses an authentication protocol known as OAuth (specifically, OAuth 2). By using such an app, the app never sees your username and password. Instead, after being redirected to a Google sign in page inside the app, and using that to sign in, the app gets an OAuth 2 token that allows it get and send your email.  My suspicion was that the mail app on the Apple Watch does not support OAuth 2 while it is on LTE.

So when I arrived, I had the user log into her Gmail account. Then I had her do this:

 

  • Go to the Less secure apps section of her Google Account.
  • Turn on Allow less secure apps.

When I did that I had her leave the phone at home and then we took a walk down the block to force the Apple Watch onto LTE. Then I had her check her email from the watch and she found that she was able to get email.

Now this is an issue that Apple needs to fix as you should not have to downgrade the security of your Gmail account to allow it to be used on the Apple Watch. Thus Apple really needs to fix and add OAuth 2 support to watchOS 5.1 or later.

So I was finished with this client. Right? Well not so much.

We discovered that when you replied to an email, it would default to her iCloud account as she had both her Gmail and an iCloud account on her Apple Watch when the watch was on LTE. And there does not seem to be any clear way to change that behavior. This is something that I am continuing to investigate as I was able to replicate this behavior on my Apple Watch. However I am pretty sure that this is a bug that Apple will need to fix. But seeing as the client was able to receive email on her Apple Watch when it was on LTE for the first time since she got the watch, it was job done. But what this episode clearly illustrates that Apple does need to put in some more time and more effort into really doing meaningful QA on their products. I say that because Apple really has a great use case here with the Apple Watch as you could really utilize it to make yourself more productive when you are away from your phone. But the fact that they don’t seem to support OAuth 2 for Gmail, and they let a pretty clear bug slip through totally lets the side down. And that needs to change sooner rather than later.

 

 

Advertisements

Good Grief! Yet Another Extortion Phishing Scam Has Appeared!

Posted in Commentary with tags on October 20, 2018 by itnerd

One day after I told you about the latest extortion phishing scam, I have another one for you. Like yesterday’s scam and last four extortion phishing scams that I told you about in the last few months, this one again plays on the fact that you might have surfed for porn and that you might of done something else related to that. In other words, it is playing on your guilt about doing things that you perhaps should not be doing. Here’s the text of the latest scam email that I came across:

Hello.. .

This won\’t take too much of your study time, therefore direct to the point. I got a video of you commiting spermicide when at a pornpage you are went to, thanks to a fantastic arse software I\’ve been able to put on a few internet sites with that kind of content.

You click play and all the digital cameras and a microphone start working in addition it will save every damn detail coming from your personal pc, like contacts, passwords or shit such as dat, think where i got this e mail from?) And so now i know just who i will deliver that to, just in case you not necessarily going to compensate this with me.

I am going to put a account address down below so that you can send me 690 bucks within 3 days utmost via bitcoin. See, it\’s not that large of a sum to cover, suppose that would make me not that bad of a man.

You are allowed to complete whatever the shit you want to, yet in case i will not see the total in the period of time mentioned above, clearly… u undoubtedly realize what can happen.

So it\’s under your control at this point. I\’m not going to proceed through all the info and crap, just simply don\’t have time for this as well as you possibly know that internet is loaded with text letters similar to this, therefore it is also your final choice to believe in this not really, there may be just one way to figure out.

Here is the bitcoin wallet address- <Bitcoin Address redacted>

Have a great time and remember that time clock is ticking))

The first thing that I note about this latest scam is that it doesn’t offer up a password that you might of used as “proof” that they hacked your computer. But it does offer up all the usual elements of these scams like installing some sort of trojan that takes control of your computer, in particular the webcam and microphone, and steals stuff like contacts. I’ve said it before and I will say it again, such software does exist. But if you have functioning and up to date antivirus software, it should be a non-issue.

Now,  like all the other variants of this scam, the scumbags behind it got the email address and password as part of a data breach. You can find out which data breach by going to haveibeenpwned.com and typing in your email address. It will likely come back with the fact that you’ve been part of a data breach of some sort. The fact that they don’t have a password that you might have used indicates that you were part of a breach that didn’t include passwords. Thus it is highly likely that the low life behind this scam is less sophisticated and not that bright when compared to the others who run scams like these.

Having said all of that, if you’re the least bit concerned about whether your system is compromised, consult a computer professional and have them check things over. Another thing I am strongly suggesting to my clients is that they change the passwords to things like email, online banking and the like as a preventative measure. That way if they get an email like this, they will know it is fake immediately.

These scams are starting to get out of hand. Thus I strongly suggest that you take measures to prevent yourself from becoming a victim. These scumbags want you to be the 1% of people who fall for something like this because they make lots of money off that 1%. Don’t be part of that 1%. Ignore an email like this and use my advice above to protect yourself.

Another Day, Another Extortion Phishing Scam….. Don’t Fall Victim To It!

Posted in Commentary with tags on October 19, 2018 by itnerd

Today, I am going to expose another extortion phishing scam email. And for the record, I will keep shining a light on these and others who try to take advantage of honest hard working people because cockroaches like them hate the light. Like the last four extortion phishing scams that I told you about in the last few months, this one again plays on the fact that you might have surfed for porn and that you might of done something else related to that. In other words, it is playing on your guilt about doing things that you perhaps should not be doing. Here’s the text of the latest scam email that I came across:

Hello!

My nickname in darknet is kevan45.

I hacked this mailbox more than six months ago, through it I infected your operating system with a virus (trojan) created by me and have been monitoring you for a long time.

So, your password from <Email redacted>  is <password redacted>

Even if you changed the password after that – it does not matter, my virus intercepted all the caching data on your computer and automatically saved access for me.

I have access to all your accounts, social networks, email, browsing history.

Accordingly, I have the data of all your contacts, files from your computer, photos and videos.

I was most struck by the intimate content sites that you occasionally visit. You have a very wild imagination, I tell you!

During your pastime and entertainment there, I took screenshot through the camera of your device, synchronizing with what you are watching.

Oh my god! You are so funny and excited!

I think that you do not want all your contacts to get these files, right? If you are of the same opinion, then I think that $811 is quite a fair price to destroy the dirt I created. Send the above amount on my BTC wallet (bitcoin): <Bitcoin Wallet Redacted>

As soon as the above amount is received, I guarantee that the data will be deleted, I do not need it. Otherwise, these files and history of visiting sites will get all your contacts from your device. Also, I’ll send to everyone your contact access to your email and access logs, I have carefully saved it!

Since reading this letter you have 48 hours!

After your reading this message, I’ll receive an automatic notification that you have seen the letter.

I hope I taught you a good lesson.

Do not be so nonchalant, please visit only to proven resources, and don’t enter your passwords anywhere!

Good luck!

The first thing that this email says is that they installed trojan on the computer that takes control of the system and allows the person who installed it to log your keystrokes and control your webcam and microphone. Now this software does exist. But if you have up to date and functional anti-virus software, it should be able to deal with it. But in this case, I can say that never happened.

So, how can I say that this never happened? That’s because like all the other variants of this scam, the scumbags behind it got the email address and password as part of a data breach. You can find out which data breach by going to haveibeenpwned.com and typing in your email address. It will likely come back with the fact that you’ve been part of a data breach that includes your email address and password. And chances are that the breach in question took place longer than the six months that the scumbags claim that they have had access to your system.

Having said all of that, if you’re concerned about an email like this, and if you’re the least bit concerned about whether your system is compromised, consult a computer professional and have them check things over. Another thing I am strongly suggesting to my clients is that they change the passwords to things like email, online banking and the like as a preventative measure. That way if they get an email like this, they will know it is fake immediately.

Only about 1% of people who get an email like this pay up Thus these scumbags want you to be the 1% of people who fall for something like this because they make lots of money off that 1%. Don’t fall for this. Never respond to an email like this. Never pay up. Just ignore them and make sure that whatever password that they have isn’t in use by any of your online accounts. They are scumbags and don’t deserve your attention or more importantly your money.

Caudabe Announces Lineup Of Ultra Slim, Minimalist Cases For iPhone XS/XS Max/XR

Posted in Commentary with tags on October 19, 2018 by itnerd

Caudabe is proud to introduced its lineup of premium cases for the iPhone XS, iPhone XS Max, And iPhone XR. The new products are the latest iteration of Caudabe’s well-recognized design philosophy of combining sleek, minimalist design with smart functionality.

In addition to the Veil XT, the gold standard for ultra thin cases, this year’s lineup includes cases like the popular Sheath and Synthesis, both of which feature drop-tested shock absorption in an ultra sleek design, and Lucid Clear, a crystal clear, impact-resistant case made from the same polymer used in bulletproof glass.

5.8_sheath_black_2048x2048.jpg

The Sheath Case

Available in: Classic Black, Classic Navy, Classic Camo Green and Classic Ultravoilet | MSRP:$24.95

The perfect blend of minimalism and shock absorption. An exquisitely slim iPhone case manufactured from ShockLite™, a soft, gel-like, flexible polymer with excellent shock absorption. Provides cushion from everyday drops and tumbles while maintaining the slim profile of your iPhone. Drop tested to 2m / 6.6 ft.

5.8-veil-product-image-JH18-frost_db2a8529-bd7a-4c3b-9e53-9c18a3c22005_2048x2048.jpg

The Veil XT

Available in: Stealth Black and Frost | MSRP: $19.95

Impossibly thin case at a mere 0.35mm; perfect for scratch and bump protection Ridge around the camera cutout to protect the iPhone’s protruding camera Micro-etched matte surface providing excellent grip.

lucid-product-image-JH18-5.8-crystal_2048x2048.jpg

Lucid Clear

Available in: Crystal, Gold Metallic and Silver Metallic | MSRP: $24.95

An ultra slim, crystal clear case manufactured from the same impact resistant thermoplastic polymer used in bulletproof glass. Lucid Clear is perfect for protecting against everyday drops while showing off your iPhone’s sleek design in stunning clarity. Available in crystal clear and two stunning chrome metallic finishes that tastefully accentuate your iPhone’s design.

5.8_synthesis_black_599a33b4-4972-4206-868a-cfa5752d192c_2048x2048.jpg

The Synthesis

Available in: Stealth Black and Gray | MSRP: $29.95

Caudabe’s most protective iPhone case, drop tested to 2m / 6.6 ft. A fusion of a soft, flexible perimeter manufactured from ShockLiteTM, our shock-absorbing polymer, and a hard, micro-etched, clear back shell. Rugged protection in a slim, minimalist design.

Review: Urban Armor Gear Metropolis Case For The iPhone X/XS

Posted in Products with tags on October 19, 2018 by itnerd

I am the proud new owner of an iPhone XS and seeing as it is such an expensive phone I wanted to make sure that it was protected. So I went to my go to company for cases which is Urban Armor Gear. I had their case for the iPhone 7 Plus and that case protected that phone from drops and the like. Thus I had no issue pulling the trigger to get their Metropolis Case for the iPhone X/XS:

This slideshow requires JavaScript.

As you can see from the pictures, this case has a flap that covers the screen. I felt that I wanted to have a case that did that as I didn’t want anything to scratch or crack the OLED screen that the iPhone XS comes with. Inside the flap is a felt like surface to ensure that the screen remains as pristine as possible. It also has a slot for a bank card or the like. That’s handy for me when I go out for a bike ride and I want to have a bank card in case  I want to buy something along the way. The flap has a magnetic closure to keep it closed and the magnet is strong enough that it does that really well. It’s also solid which means an impact will not make it to the screen.

The outside is textured so that your phone does not slip out of your hand. On the sides are redundant buttons for the power switch as well as the volume controls. The mute switch is still fully exposed though. Along with the Lightning connector and speakers at the bottom of the iPhone, and the camera lenses at the back. But to me that’s not an issue. Most of the phone is surrounded by a soft “ish” rubber material which is meant to take the shock from an impact. It all is put together very nicely as I could not find any build quality issues. The key thing is that this case meets military drop-test standards [MIL STD 810G 516.6] without adding bulk. Given that the iPhone XS is smaller than the iPhone 7 Plus that it is replacing, that means that I can put my phone in this case in my pocket with ease. That’s a total win as far as I am concerned. Finally, because it isn’t bulky, you can still use Apple Pay and wirelessly charge the phone.

Gripes? None really. I think that this is a great case option for someone who wants to protect their phone and doesn’t want to add a lot of bulk to the phone in question. The Metropolis case from Urban Armor Gear is totally worth looking at. Expect to pay $39.95 USD for one which is a very good price for a case of this type. 

 

 

OVH Outlines Plans to Liberate the Cloud

Posted in Commentary with tags on October 19, 2018 by itnerd

OVH brought together its entire ecosystem for the sixth annual OVH Summit. Over 3,000 customers, partners and IT professionals attended the opening plenary session led by Octave Klaba, OVH Chairman and Founder, and Michel Paulin, the recently-appointed CEO.

Octave Klaba kicked off the OVH Summit by sharing his vision of a different type of cloud. At the heart of the data revolution, OVH must be the alternative that liberates the cloud and helps its customers and partners to succeed.

And because this data revolution should benefit the many, not the few, OVH takes up the challenge of helping everyone to control their data, innovate and develop new ideas in total freedom through a “smart” cloud. OVH CEO Michel Paulin set out what this means: A Simple cloud, quick and easy to set up. A Multi-local cloud, close to everyone all over the world. An Accessible cloud with fair and predictable pricing. A Reversible cloud, open and compatible. A Transparent cloud that functions responsibly.
A strategy that revolves around four product universes

This vision is reflected in the announcement of four product universes. Each is tailored to different types of OVH customer and the way they like to interact with OVH products and services:

OVHmarket is a digital toolbox for accelerating growth. It meets the needs of entrepreneurs who wish to harness the power of digital technology to develop their business. This universe includes a range of web, telecom and cloud solutions that are quick to implement, simple to use, competitively priced and supported by local OVH partners.

OVHspirit includes all the infrastructures you need to build a cloud platform. Infrastructure, hardware and network enthusiasts who want to build a cloud platform for themselves or their customers can harness the power of a scalable, multi-local cloud infrastructure that is based on cutting-edge technologies designed for specific needs, and offers unbeatable value for money.

OVHstack is a public cloud platform based on open standards. It is aimed at followers of the cloud-ready approach who need to develop scalable applications in the cloud. They get a public cloud that is deployed globally, yet integrates easily into their ecosystem and remains reversible.

OVHenterprise is an alternative cloud that powers successful digital transformation. This universe is aimed at decision-makers who want to achieve their strategic objectives using an alternative cloud provider. They retain control of their data by using a hybrid cloud based on both the public and private clouds offered by OVH, as well as any other clouds available on the market.

These four universes, which will be gradually deployed over the coming months, each have their own separate set of announcements regarding how they meet the changing needs and practices of all customers:


OVHmarket, a digital toolbox for accelerating growth

  • Cloud Web Hosting offers professionals a powerful and secure environment to develop projects like websites, e-commerce platforms and mobile apps. This innovative solution combines the simplicity of managed hosting with the benefits of a dedicated virtual private server, and does not require administrative expertise.
  • The Visibility Pro solution allows Web Hosting customers to manage their company profile and contact details in multiple online directories via a single interface, the OVH Control Panel. It also helps customers boost their visibility in searches, social networks and web browsers, and facilitates interactions with their communities by publishing targeted content and responding to comments.

OVHspirit, everything you need to build a cloud platform

  • OVH customers with Dedicated Servers will see their bandwidth doubled in the coming weeks – without any price increase. Customers with a top speed of 500 Mbp/s will see it increased to 1 Gbp/s at the same price.
  • The company will significantly overhaul its Dedicated Server ranges. The aim is to create a product offering that is more diverse, easier to understand and more in line with professional use, while remaining competitive in price. The dedicated and virtual private servers in these ranges will, as always, benefit from OVH’s modular storage as well as its network and security services: a global proprietary fibre optic network with a capacity of 15 Tbps and 34 points of presence, including anti-DDoS protection at no additional cost. They will be available in 28 OVH data centres spread over four continents, including the US. In addition, OVH remains the only global cloud provider to offer dedicated servers with or without the Patriot Act and CLOUD Act.
  • OVH is updating its premium Dedicated Servers. The HG 2019 servers meet the needs of companies seeking top-range reliability, security and performance while minimising costs. Based on Intel® Xeon® Scalable Processors, Intel® Optane™ DC technologies and 3D NAND Solid State Drives, they are particularly well-suited to intensive data processing. This innovation was made possible thanks to a strong partnership between OVH and Intel to build the next generation of cloud infrastructure services. Plus, before the end of the year, OVH will enhance the range with servers specially designed for artificial intelligence applications.

OVHstack, the public cloud platform based on open standards

  • To meet the expectations of cloud natives and developers who want to evolve towards microservice architectures, OVH is launching Managed Kubernetes in private beta. The promise: a plug-and-play Kubernetes platform managed on the OVH Public Cloud, combining agility, flexibility and performance at a competitive cost.
  • To make it easier to extract value from data, OVH is announcing a wide range of other ready-to-use data infrastructures: OVH Analytics Data Platform, a fully open-source big data analytics solution based on Apache Hadoop and deployable within one hour on the Public Cloud; plus enhancements to the Cloud Databases solutions, which from now on will include MariaDB, MongoDB, MySQL, PostgreSQL and Redis. In conjunction with these data management and processing offers, and to accelerate the adoption of deep learning technologies, OVH is adding a new GPU family to its Public Cloud catalogue: a GPU NVIDIA solution from the TESLA V100 range and the associated software platform, NVIDIA GPU Cloud. Innovation will not stop there this year, with a Cloud Databases solution complemented by high-availability solutions, a turn-key machine learning platform and data processing tools such as Apache Spark as-a-service.
  • OVH is also driving growth in the Asia-Pacific region by introducing Public Cloud solutions, including the Instance and Storage ranges, in the Singapore and Sydney data centres before the end of the year. Three new Public Cloud availability zones will also be launched in France. In addition, the Public Cloud solution will include a virtual router and a Load Balancer (Instance range), as well as a set of tools for monitoring resource usage and performance.

OVHenterprise, an alternative cloud to power successful digital transformation

  • OVH continues to enhance its product offerings in order to support companies seeking to implement a multi-cloud strategy by combining on-premises and cloud infrastructures. Enter OVHcloud Connect, which allows companies to connect to the OVH network in a totally isolated and secure way via numerous points of presence around the world, while offering maximum reliability and flexibility.
  • There is also a significant enhancement to OVH’s Software-Defined Datacentre (SDDC) offer: the integration of VMware’s vSAN technology. In a further step towards hyper-convergence and ultra-high performance, vSAN hosts integrate local storage based on the latest NVMe/SSD technologies.
  • The company continues to strengthen relationships with its technology partners. A particular highlight is the Veeam Enterprise solution, which provides all VMware users, whether or not they are OVH customers, with great flexibility around Veeam licences. They will be able to set up virtual machine backups regardless of their location (on-site, with another cloud provider or with OVH) and retain control over their digital infrastructure.

At its sixth Summit, OVH reaffirms its position as a global player and leader in the European cloud market, driving an alternative and open model. Amid fierce competition, OVH continues to grow and trust in the power of innovation – the engine of tomorrow’s growth.

Review: Bestand 2 in 1 Phone Desktop Tablet Stand & Charging Stand

Posted in Products with tags on October 19, 2018 by itnerd

After I got my brand new iPhone XS I discovered that my Belkin Valet Charge Dock for Apple Watch & iPhone wasn’t compatible with it as it would not charge my iPhone XS. That was weird as it is supposed to be an Apple MFi certified product. So as a result I was forced ditch it and find another stand that would charge my Apple Watch and iPhone at my bedside. I trolled Amazon for a while and based on some user reviews, I chose the Bestand 2 in 1 Phone Desktop Tablet Stand & Charging Stand:

This slideshow requires JavaScript.

 

Here’s what comes in the box:

  • A Micro USB cable
  • The stand which has a Qi compliant wireless charger that’s mated to an aluminium stand that looks classy. The wireless charger has a pair of charging coils so you can charge a phone in portrait or landscape orientation. Or put another way, no matter how you position your phone, it will charge. It has a couple of vents at the back to evacuate heat from the charger.
  • Not pictured are two blocks with adhesive for cable management

You’ll notice that in the front facing picture on the right hand side is a hole. That’s for you to insert an Apple Watch magnetic charger as it doesn’t come with one. The cynical side of me says that they did that to avoid having to build something and pay Apple for a MFi certification. The more generous side of me says that they were trying to futureproof the device in case Apple changes something with the Apple Watch charger. I’ll leave it for you to decide which one is fact. But in any case, it has to be an Apple branded charger as third party ones will not fit. Once you get that sorted. This is what you get:

IMG_2423

Getting things to this state wasn’t hard. But the job isn’t done yet because what you’re left with is a stand that has two USB connectors for it to get power. One for the Apple Watch and one for the phone. I am guessing the use case that Bestand envisioned is that you’re going to have this stand next to a computer. That means you can plug it into the computer’s USB ports or a USB hub. If you want to use this on a night table next to your bed which is what my use case was, I needed one more thing which was a wall charger like this one to power this stand. So after covering up the LED lights that the charger had so that it did not create a glow at night, I was in business.

Now I’ve used this for the last few days and I found that I haven’t had an issue charging my iPhone XS at all. I place it on the charger with my case on it and it charges reasonably quickly. Ditto for my Apple Watch seeing as that is using an Apple charger. The stand looks classy and feels sturdy. All in all it’s a decent bit of kit. I just wish that they packaged it in such a way that allows it to be used in multiple use cases. Such as having a power brick to allow you to plug it into the wall. Besides that, it came with no directions of any sort. Thus a less technically adept user might become frustrated if they can’t figure out how to make this work in whatever use case they have and return it to Amazon or wherever they got it. Thus Bestand would be highly advised to do something about that. Not only that, they should make it a whole lot clearer in terms of what you will need both with their website and in terms of the documentation that should be included in the box.

Speaking of Amazon, I got this from Amazon for $45.99 CDN. But you need to factor in the cost of the Apple Watch charger which is $39 CDN, and the cost of the wall charger if you wish to use it at your bedside which is $49.99 CDN. That gives you a grand total of $134.98 for that use case. Subtract the cost of the wall charger and it a total of $84.99 if you plug it into your computer’s USB ports. If you don’t mind a DIY project, then I have no problem recommending the Bestand 2 in 1 Phone Desktop Tablet Stand & Charging Stand. If you want a finished good that you can plug in and start using with minimal effort, I’d look elsewhere.