Archive for 2015

« Older Entries
Newer Entries »

Review: Stardock Start10

Posted in Products with tags on August 28, 2015 by itnerd

Stardock first came to my attention when Windows 8 appeared and people started telling me that the new (at the time) Metro interface sucked was hard to adapt to. In particular, the lack of the Start button that had been around since 1995. For many who could not cope with that, I helped them out by using a program called Start8 to bring back the Start menu and windowing for Metro apps. Now they’ve done it again with their latest application which is called predictably enough Start10. But let’s step back for a second and understand why Stardock even bothered with this given that you have a real Start menu in Windows 10. For some, that’s not good enough because it walks the line between Windows 7 and Windows 8. What Start10 does is puts it back firmly into Windows 7 country. That will make many dance in the streets. But what’s more is that you can tweak things to make it look exactly the way you want it to.

To find out how well this works, I installed it and snapped before and after pictures so that you can see the difference. For the after picture, I used the default settings.

Here’s what my stock Windows 10 install looks like:

Parallels Picture

And here it is after Start10 is installed.

Parallels Picture 1

This looks exactly like Windows 7 and users who are used to that will be overjoyed. If you want the Windows 10 Start menu for whatever reason, you can invoke it temporarily by clicking on “Windows 10 Menu” at the top of the start menu.

Here’s the best thing. To get this you have to pony up $4.99. But if you’re upgrading from Start8, you can save a buck. Not sure its for you? Stardock offers a 30 day free trial. If you want a more familiar Windows experience, I say you have nothing to lose by trying it and diving in if you like it won’t cost you an arm and a leg.

Leave a comment »

Review: Epson PowerLite Home Cinema 2030

Posted in Products with tags on August 27, 2015 by itnerd

Best Buy sent me something that really caught my interest. Specifically the Epson PowerLite Home Cinema 2030 projector. This is a a home entertainment projector rather than a home theater projector. What’s the difference? The former typically comes with much higher levels of brightness which allows you to watch TV or movies in a fully lit room (which eliminates the need to have a TV if you so choose), and a built-in audio system as well. Here’s a look at the home cinema projector:

IMG_1580

It looks like any other projector that you would see in an office. But the devil’s in the details.

IMG_1581

Around back you have all sorts of connections frome HDMI to old school RGB. It is even MHI certified so that you can plug in a Roku Stick or a Chromecast. It weighs just over 6 pounds so it is easy to move about if you need to.

All of that is great, but the question is how well does it work?

To test this, I plugged in my Rogers Cable box via the HDMI port and found a wall in my condo that was large enough to allow me to project an image onto it. The distance from the wall to the projector was roughly 70″. I then used Rogers On Demand to dial up X-Men: Days Of Future Past which I saw on the plane to India a few months ago, but my wife had not seen. The results were pretty good. Image quality was very good at 1080p and color reproduction was as the kids say “on point” as it looked as good as my TV. I did notice some noise in solid areas in some scenes and some slight jitter when the camera panned across the scene in one action sequence. But my wife didn’t notice and I doubt you would unless you were looking for it. In any case, I didn’t consider that to be a negative. In terms of sound quality it matched the speakers in my TV from a quality perspective and it filled the living room of my condo easily.

Now this projector will broadcast 2D and 3D content. I didn’t try the latter for a couple of reasons. I didn’t have any content that was 3D, and even if I did there are no 3D glasses in the box. You’ll have to source those separately. I don’t have an issue with the fact that there were no 3D glasses in the box, but my wife thought that there should be at least a pair. I can see from her point of view that some may not be thrilled about the lack of 3D glasses in the box. That’s something that Epson may want to consider.

The Epson PowerLite Home Cinema 2030 projector goes for $899 at Best Buy. If you want something that you can move about and still use like a TV, or you want an alternative to having a TV, you should take a look at this home cinema projector because it works very, very well and you will not be disappointed if you put down your hard earned cash for one.

Leave a comment »

Yesterday’s Events Suggest That Something Is Very Wrong With Social Media

Posted in Commentary with tags on August 27, 2015 by itnerd

I think it’s safe to say that you like everyone else on the planet are horrified about the murder of a TV reporter and a TV cameraman yesterday live on TV. Here’s what horrified me more. I found out about this scrolling through my Twitter feed and having a video that showed the murders take place auto play because someone decided to retweet it. The videos were there because the murderer created Facebook and Twitter accounts which he then used to not only live Tweet the murders, but post videos of him taken human lives and rant about various things that I will not get into here. In short, he didn’t want to take lives, he wanted to take lives in the most public way possible and make a statement.

Needless to say, I’ve turned off the auto play function in Twitter, and the person who retweeted the video was swiftly unfollowed by yours truly. But that does not address the real question. Have we as a society entered a “new normal” where murder is live cast on social media, and we as a society tolerate this as just being part of our social media feeds as well as retweet videos of the killing of innocent people? Because if that’s what we as a society have become, then I want off of social media.

I’m pretty sure that Mark Zuckerberg, Evan Williams, Jack Dorsey, Noah Glass, and Biz Stone didn’t have this in mind when they came up with Facebook and Twitter. I’m also pretty sure that we as a society can do better. I would very much like to see us prove that.

Leave a comment »

Android Phones Threatened By New Vulnerability Dubbed “Certifi-Gate”

Posted in Commentary with tags , on August 26, 2015 by itnerd

If you’re still thinking about Stagefright when it comes to the security of your Android phone, we’re past that now. Now you have to worry about Certifi-Gate. According to Check Point, the flaw comes from software like TeamViewer, CommuniTake Remote Care and MobileSupport by Rsupport. All of these are remote access tools that allows someone to take control of your phone remotely for troubleshooting purposes. The problem is that apps like these have root level access to the device which means that they can do anything they want. All that’s required to leverage that if you’re a bad guy is an app designed to look for this vulnerability.

Bad news. Those apps are in the wild as I type this.

Now Check Point released an app that allows Android users to check if their particular device is susceptible to the vulnerability. But that won’t do you any good because if you find it and nuke it, permissions for remote access are still present in the device. So some other app can take advantage of this. Thus the real fix has to come from Google. Given how fragmented Android is, that may take while. In the meantime, the document from Check Point that I linked to has some mitigation strategies. They’re worth a read.

Leave a comment »

Review: Fluxmob Bolt

Posted in Products with tags , on August 26, 2015 by itnerd

in the age of the smartphone, the one thing that will freak someone out is running out of power. That will leave the user disconnected and going through withdrawal. Specifically, from social media, e-mail and the like. To avoid that, people often buy battery packs to keep their phones topped off. Today I’m reviewing an interesting battery pack that was part of my goodie back from iStore which is the Fluxmob Bolt
IMG_1549

As you can see, it’s in an interesting combo of red and black and it has five lights. One to indicate that it is charging, and the four lights that you see lit that indicate how much charge that it has. Four lights indicates a full charge. It has a nice rubberized feel and it is light. Really, really, light. Plus it is small and fits in your pocket or purse easily.

IMG_1565

It has built in prongs for North American power outlets. It is capable of doing 100V-240V so you can use it overseas. But you will need to source your own adapters to do so. Fortunately, Fluxmob can help you with that. You’ll also note that I have a cable plugged into the USB port on the bottom. Specifically the, Agent18 Charge/Sync Cable With Lightning Connector. One thing to note is that when you plug a phone into the Fluxmob Bolt, it automatically starts charging. That is unlike other batteries that I have tried where you have to turn the battery on for it to charge a device.

The Fluxmob Bolt has a 3000 mAh lithium ion battery on the inside, and is capable of charging at 5V/1A which will get your smartphone up to full charge quickly if it supports fast charging. It also takes about 4 hours to charge from being empty. Speaking of charging, how much can I get out of this battery? Here’s what I did to find out:

  • I charged a half charged ZTE Grand X 2 to full charge. It took 2.5 hours to get the job done and I had three lights left which indicated there was something between 50% and 75% charge in the Fluxmob Bolt.
  • I then charged my iPhone 6 which was at 68% and it got to 95% in 30 minutes before the Fluxmob Bolt ran out of power.

Bottom line, the Fluxmob Bolt will allow you to keep your phone charged during the day and has the power to recharge it once from empty or close to empty depending on the phone. Then you will need to recharge the Fluxmob Bolt. That’s good enough for me and I suspect it will be good enough for you if you need to top your phone’s power up during the day. Expect to pay $60 CDN for one.

Leave a comment »

BREAKING: Ashley Madison Gets Sued…. Again

Posted in Commentary with tags , on August 25, 2015 by itnerd

Things are going from bad to worse for Ashley Madison. Their parent company, Avid Life Media is being sued in the US and the dollar figure is massive. Here’s the info on four lawsuits filed in the US:

At least five lawsuits seeking class-action status have been filed over the hack of cheat-on-your-spouse website Ashley Madison, seeking more than a half-billion dollars, according to North American court records.

Four federal suits had been filed in the United States as of Monday, all of them obtained by NBC News — two in California, one in Texas and one in Missouri. All allege breach of contract, negligence and violation of various state and privacy laws by Ashley Madison and Avid Life Media LLC., its Canadian parent company.

None of the suits has yet been certified as a class action covering the reported 37 million members of Ashley Madison, whom they characterize as having suffered humiliation and harassment over the reported publication of delicate personal information — including credit card data and, in some cases, photos and sexual fantasies — by hackers calling themselves Impact Team.

This is in addition to the lawsuit filed last week in Canada. The lawsuits are asking for $5 million for each person who is part of the lawsuits. Thus this could potentially be a half a billion dollars or more if class action status is granted. Not good news if you are Avid Life Media. The only way this could get worse for them if various state and federal agencies start filing criminal charges against them. Something that may in fact be on the way given the amount of attention that this event has received.

Leave a comment »

Review: Zepp Golf

Posted in Products with tags on August 25, 2015 by itnerd

I play golf. Badly. What I really need is instruction and lots of it. But a golf pro can be on the expensive side. Thus Best Buy was kind enough to give me a second option called Zepp Golf. What Zepp Golf is a swing analyzer that via Bluetooth tracks the following using an app on your iOS or Android phone. Here’s what it looks like: IMG_1578

You get a proprietary USB charger, the Zepp Golf device and golf glove connector. Here’s what the device can analyze for you:

  • Clubhead speed
  • Club plane
  • Hand plane
  • Tempo
  • Backswing degrees
  • Hand speed
  • Hip rotation

These are all factors that make you a good golfer. Or in my case, the lack of ability in some these areas make me a bad golfer.

One thing to keep in mind is that this is a practice device. This is a device that you want to use it on the driving range and take a look at the app after each swing. Otherwise you’ll end up with a ton of swing data, and have no idea what to do with it. Thus, it was was off to the driving range to test it. I selected my club, grabbed a ball and hit a shot. 3 seconds later, I could see my entire swing in full detail along with all kinds of stats about it. Using that info, I was able to try and make changes to my swing to make it better. Now a golf pro could do something similar, but not in the sort of detail that Zepp Golf provides you. After about two hours, Zepp Golf was able to show me that I was making progress in improving my golf swing via its reporting capabilities. Another thing that you can use Zepp Golf to do is to do video recordings at 120 FPS, and compare them to PGA Tour pros. I didn’t try this myself. But I can see how that can perhaps help you to be a better golfer. There’s one other thing I should note about Zepp Golf. It doesn’t just do golf. You can do use it for tennis and baseball as well. You’ll need different apps and mounts though.

So, if you want to improve your golf swing, take a trip to your local Best Buy and shell out $150 for a Zepp Golf. I can say that it does work and it is useful for helping you to be a better golfer by giving you the data you need to improve without shelling out a ton of cash on a golf pro.

Leave a comment »

My Thoughts On The Ashely Madison Hack [UPDATED]

Posted in Commentary with tags on August 25, 2015 by itnerd

I’ve had a lot of time to think about the Ashely Madison hack, and I have some thoughts on this whole thing. Starting with the most important question:

Who Did This, And Why? 

I can’t tell you the name of the person, yes I said person and not people and I will have more on that in a moment, but I do know this. First, this person is an insider to Avid Life Media, the company that owns Ashley Madison as well as Established Men, with full access to their entire IT environment. This person is either a employee or a contractor with a personal “beef” with Avid Life Media in general, and with Avid Life Media CTO Trevor Sykes specifically. Not only that, this person got a whole lot of inside info such as seating plans, org charts, and source code. Most of that would not be of interest to hackers, except for maybe the source code to perhaps further exploit the site. But other than that, there’s no reason why any hacker would want this data. But an insider would want it out there as it is valuable to them to have that info made public.

Now, how did I come to these conclusions? The manifestos that the so called “Impact Team” put out there are the big clue. If you take known hacking groups such as Anonymous, they put out manifestos that say a lot without giving info about themselves away. The manifestos by the “Impact Team” say a lot and give away a whole lot of hints about the potential identity of the person responsible for this. Simply reading the manifestos will give investigators a whole lot of clues as to who this person is. The manifesto reads like someone has been deeply hurt or wounded by Avid Life Media and or Trevor Sykes. Hacking groups don’t typically have “beefs” to anywhere near this degree. On top of that, I would not be surprised if the person responsible is female. Though, I will not (yet) put money on it despite being somewhat confident about this. Here’s why I feel that way. First, this person hates cheating men and the “human trafficking” that according to the author of the manifesto takes place on Ashely Madison and Established Men respectively. But the interesting thing is that Avid Life Media also owns Cougar Life which matches up “mature” women with younger men. This site isn’t referenced at all in the manifestos and no data from this site was leaked. If the hacker were male, I would have expected them to have dumped data from that site too because they would have had access to that data. But that at the moment seems not to be the case. All of that is on top of the fact that the manifestos that have been attached to every data dump have the feel of being deeply personal as I mentioned above. My thought would be that a female may be behind this as that would be the most logical reason for these observations.

As for why? Perhaps Avid Life Media or Trevor Sykes did something to anger this person. As a result, they want revenge. We likely won’t find out why until they get arrested.

Does Avid Life Media Know Who The Person Is? 

They implied that they did when the first manifesto appeared online a month ago:

ALM CEO Biderman declined to discuss specifics of the company’s investigation, which he characterized as ongoing and fast-moving. But he did suggest that the incident may have been the work of someone who at least at one time had legitimate, inside access to the company’s networks — perhaps a former employee or contractor.

“We’re on the doorstep of [confirming] who we believe is the culprit, and unfortunately that may have triggered this mass publication,” Biderman said. “I’ve got their profile right in front of me, all their work credentials. It was definitely a person here that was not an employee but certainly had touched our technical services.”

The question is, why offer up a reward when you claim to know who the person is? Why not hand that info over to the police? Perhaps they have? Or perhaps they don’t want to point the finger at the responsible party for some reason that concerns Avid Life Media? Such as some dirty laundry that they don’t want to be made public (though one would argue that it’s way too late for that to be a factor)? Or the statement was simply bravado and they have no idea who the guilty party is? I suspect that over time we will find out which one of these is the right answer.

Will This Person Get Caught? 

The short answer is yes. The long answer goes something like this. First of all, they’ve made enough minor mistakes in the form of what’s in the manifestos that the authorities should be able to zoom in on the responsible party eventually. Speaking of the authorities, here’s what this person is up against:

  • The Metropolitan Toronto Police
  • The Ontario Provincial Police
  • The Royal Canadian Mounted Police
  • The Federal Bureau Of Investigation
  • The US Department Of Homeland Security

This is the first time that I can think of that so many law enforcement groups across the Canada/US border have teamed up to investigate a hack. That shows this isn’t being treated as just another hack. With that sort of lineup at the table, one has to believe that the responsible party is living on borrowed time.

Why Is This Hack Different? 

Previous hacks such as the ones of Home Depot or Target simply exposed credit card data and a limited amount of personal info. Get a new credit card, continue on with your life. Done. They were not really that big of a deal. The recent hack of the US Government exposed personal data that could prove to be dangerously useful in the wrong hands. But while bad, it’s not anywhere the scale of what has happened to Ashely Madison. That’s because this hack exposed truly personal information. As in the secret sexual preferences of your friends and neighbors. That’s a different sort of personal info that typically isn’t openly floating around the Internet. It’s also the sort of info that can be acted upon by blackmailers, employers, even national governments. Another reason why this is different is that it has forced people to accept that there is nothing that is private on the Internet and that your personal data is never safe can be accessed by anyone at any time. Those two things make this event a game changer.

Will Avid Life Media Survive This? 

Assuming that they don’t get sued out of existence, it is possible that they could survive this. That does sound strange given what’s gone on, but let me explain. This site is getting a ton of exposure and apparently traffic as evidenced by a huge traffic spike after the first data dump took place. Now that could be just the curious, or it could be people wanting to get rid of whatever data the site had about them (even though it was already in the public domain), but I don’t think either of those is the case. I think that some people may have considered signing up for the site, or they actually have signed up for the site after this hack became public.

That doesn’t seem logical does it? But it isn’t unless you accept the fact that cheating has been going on for as long as humans have been on this planet. And this site apparently makes cheating easy to do. Thus even with this hack, some will want to still use this site for the purposes it was intended for. And the cost for Avid Life Media to acquire those new customers is $0 because this hack is essentially free advertising for Avid Life Media. All of this does nothing but validate what P.T. Barnum said, which is there’s no such thing as bad publicity.

Of course they have to survive the lawsuit first. (UPDATE: This should now read lawsuits as four lawsuits have been filed in the US that seek class action status and the dollar figure could make Avid Life Media’s survival difficult if not impossible)

Aren’t The Cheaters The Real Problem Here? 

No. What these people do in their personal lives is none of my business. It shouldn’t be yours either. The real problems here are Avid Life Media for having such craptastic IT security and the hacker who leaked this data. The users of this site, though perhaps showing some poor judgement, are victims. Plain and simple. Remember that each one of the people who have had data leaked may lose jobs, spouses, families, or their lives in some cases as there have been suicides or threats of death. There is a massive personal cost here that cannot be ignored because despite what you may think about cheating and they in no way deserve this treatment. Thus I say capture the hacker and put them in jail forever. Then when that’s done, punish Avid Life Media for the the poor way they handled customer data. Leave their customers out of this mess as they have suffered enough.

Agree? Disagree? Did I miss something? Please leave a comment and share your thoughts.

Leave a comment »

Ashley Madison E-Mail Dump Shows Evidence That Competitors Were Hacked by Them

Posted in Commentary with tags on August 24, 2015 by itnerd

Here’s an interesting twist. In the last two dumps of data were e-malls that may prove to be incriminating. Brian Krebs on his blog has reported that there’s evidence to suggest that Ashley Madison’s competitors were hacked by Ashely Madison:

A review of those missives shows that on at least one occasion, a former company executive hacked another dating website, exfiltrating their entire user database. On Nov. 30, 2012, Raja Bhatia, the founding chief technology officer of AshleyMadison.com, sent a message to Biderman notifying his boss of a security hole discovered in nerve.com, an American online magazine dedicated to sexual topics, relationships and culture.

At the time, nerve.com was experimenting with its own adult dating section, and Bhatia said he’d uncovered a way to download and manipulate the nerve.com user database.

“They did a very lousy job building their platform. I got their entire user base,” Bhatia told Biderman via email, including in the message a link to a Github archive with a sample of the database. “Also, I can turn any non paying user into a paying user, vice versa, compose messages between users, check unread stats, etc.”

Now this doesn’t exactly cast this company in the most positive light. Thus you can expect that a lot of questions will be asked about this topic over the coming days.

Speaking of vulnerabilities, it seems that Ashley Madison were aware of theirs:

Interestingly, less than a month before that episode, AshleyMadison executives seemed very keen on completing a series of internal security assessments, audits and security awareness training exercises for employees.

“Given our open registration policy and recent high profile exploits, every security consultant and their extended family will be trying to trump up business,” wrote Ashley Madison employee Mark Steele to Biderman in an email dated May 25, 2015. “Our codebase  has many (riddled?) XSS/CRSF vulnerabilities which are relatively easy to find (for a security researcher), and somewhat difficult to exploit in the wild (requires phishing). Other vulnerabilities would be things like SQL injection/data leaks, which would be much more damaging” [links added].

Lovely. I’m sure the lawyers behind the class action lawsuit will be interested in this information.

The rest of this blog entry by Krebs is interesting. I encourage you to read it as it sheds new light on what goes on at Ashley Madison.

Leave a comment »

Apple To Replace Faulty iPhone 6 Plus Cameras

Posted in Commentary with tags on August 24, 2015 by itnerd

On Friday, Apple kicked off the “iSight Camera Replacement Program for iPhone 6 Plus” which allows some users to replace their iPhone 6 Plus’ camera for free. The company is making the program available to any iPhone 6 Plus owner whose device is producing blurry photos as there is apparently a defective part that causes this issue. If you own an iPhone 6 Plus, you may want to check your iPhone’s serial number on Apple’s website to see if you are eligible for the replacement program.

Leave a comment »

« Older Entries
Newer Entries »