Archive for Garmin

Why Does The Tacx Utility Need To Read The Clipboard Of My Mac Via My iPhone?

Posted in Commentary with tags , on October 12, 2020 by itnerd

As frequent readers of this blog know, my wife and I are avid cyclists. To help us keep in shape, we bought a Tacx Neo 2T Smart indoor trainer. What an indoor trainer does is that after you put your bike on it, it can simulate any sort of road riding experience. For example if you climb a hill with a 10% gradient, it will simulate that. If you go down a hill with at 3% gradient, it will simulate that. And something that is exclusive to the Tacx Neo 2T, it will simulate things like wooden bridges, cobbles, and gravel with the correct physics that you would feel if you rode over those surfaces in the real world. To aid with this, you need to use a program like Zwift along with a computer or tablet to place you in a virtual environment so that all of this comes to life. This is a setup that has really taken our cycling to the next level as we can ride and keep in shape 12 months of the year.

Like all pieces of electronic gear, The Neo 2T Smart requires firmware updates from time to time to fix bugs and enhance features. So on Sunday I decided to use the Tacx Utility app on my iPhone to check for firmware updates. That’s when I noticed something that got my attention.

If you watch the top of the screen, after the Tacx Utility starts up, a notification appears from iOS 14 saying that the Tacx Utility copied the clipboard of my Mac via my iPhone. Except that I never did a copy and paste from my Mac via Apple’s Universal Clipboard feature. Thus this was clearly a problem.

Here’s a picture of the prompt:

This notification is one of the many privacy focused features that appeared in iOS 14. And for good reason. The clipboard is where text that has been copied and pasted is temporarily stored. Given that users may have sensitive information copied to the clipboard, such as passwords, this could pose privacy and security concerns. And if you combine that with apps that were caught during the iOS 14 beta process looking in the clipboard for no good reason, then this notification will help you to make sure that you know when an App is doing something that might be shady. And how did this come to light, some researchers tripped over this in March and their discovery, and during the iOS 14 beta process, beta testers “named and shamed” apps that did this. Which included TikTok and LinkedIn among others. Who then promptly came out with some very weak excuses while quickly updating their apps to not do this.

To be frank, there’s only a handful of reasons why an app needs to access the clipboard on its own and without a user doing a copy and paste. So that leads to this question: Why precisely does the ⁦Tacx⁩ app which exists only to update firmware troubleshoot issues on Tacx trainers need to access my clipboard every time the app starts up? In my mind, there’s no good reason for that app to do so. But in the interest of giving Tacx a chance to explain themselves, I posted this to Twitter:

I also posted the same video that I embedded above from my YouTube account. I included the #iOS14 so that it would be noticed by a wider audience as well. And in case you are wondering why Garmin is included in my Tweet, Garmin owns Tacx. Thus in my mind, both companies have some explaining to do. Here’s what Tacx came back with:

Then another user of Tacx products jumped in and responded to this before I could as I was asleep at the time:

To which Tacx responded with this:

I’ll give Tacx kudos for jumping on this quickly. It shows that they weren’t doing anything sketchy and it sounds like a bug that they are going to investigate and hopefully fix. I will keep you updated on that front.

If I could give you some advice, if you see a prompt like the one above, and you didn’t do a copy and paste, I would report it with screen shots to the app vendor. Give them a chance to explain this as snooping in your clipboard is something that apps shouldn’t be doing except in some very unique circumstances. That will ensure that apps you use are safe. And if a company doesn’t respond like Tacx does, then you know who the bad actors are.

Sky News Once Again Claims Garmin Paid The Ransom….. But They Back Up Their Claims This Time

Posted in Commentary with tags on August 4, 2020 by itnerd

Last week I posted a story with Sky News claiming that Garmin had paid the people behind their ransomware attack. The people behind this are likely Evil Corp for the record as the ransomware that was used was reportedly “wasted locker”. In that story I said this:

The thing is, Sky News offers up no proof whatsoever. At least when the news that Garmin had been pwned by ransomware first appeared, there was proof from a variety of sources to back this up. But that’s not the case here. 

Well, Sky News is back, and they back up their claims this time:

According to people with knowledge of the matter, speaking to Sky News on the condition of anonymity, Garmin had initially sought to pay the ransom using another firm which specialises in responding to these incidents.

However, this firm responded that it didn’t negotiate ransom payments in WastedLocker cases due to the risk of running foul of the sanctions.

The sources said after being initially rebuked, Garmin then sought the services of Arete IR, a firm which claims that the links between the WastedLocker ransomware and sanctioned individuals have not been proven.

And:

Separate sources confirmed to Sky News that Arete IR made the payment as part of its ransomware negotiation services, although Arete argues that WastedLocker is not conclusively the work of Evil Corp.

Neither Garmin nor Arete IR disputed that the payment was made when offered the opportunity to do so.

Arete IR is a company that does the following:

Arete Advisors has assembled an elite global team of incident response experts to create unparalleled capability to assist clients in preparing for and defending themselves against a cyber-attack, from incident response readiness assessments to post-incident remediation and ongoing hunt services. Our core skills include triage, digital forensics, malware reverse engineering, remediation, managed detection response, hunt and testifying expertise. Arete works with organization of all size to provide highly customized advice specific to your industry. Arete’s advisory services provide legally defensible, compliant cyber strategies that assist the C-Suite and Boards of Directors to continuously improve the organizations’ cyber posture, by aligning cyber risk management strategy with corporate risk.

But more interestingly, they also do this:

While some companies require insureds to get funds up front, costing precious hours and days to the clients in crises. Arete, has created a simple, easy way for Breach Coaches and Insureds to immediately respond by facilitating the entire technical and financial process of purchasing the Bitcoin, while managing the negotiation with the bad actor for a flat fee, to be paid in 30 days. Allowing clients to focus on restoring their business to health

Thus it’s safe to conclude that Garmin paid the gang behind the ransomware. And the fact that neither Garmin nor Arete IR deny that they paid underscores that. So Evil Corp or whomever was behind this won. I get that the need for Garmin to get back up and running, but I am a firm believer that you should never pay the ransom as it only encourages these scumbags. So it is unfortunate that the bad guys have effectively won.

EvilCorp: The Criminal Hackers Behind The Garmin Ransomware Attack

Posted in Commentary with tags on July 28, 2020 by itnerd

Now I have spent a lot of time talking about the Garmin ransomware attack that has pretty much crippled Garmin and pretty much infuriated users of of their products. And I’ve mentioned that the word on the street is that the people behind this want $10 million in ransom. But now that Garmin’s services appear to be coming back on line, it’s time to talk about who the people are behind this ransomware attack?

The ransomware that is apparently being used is “WastedLocker” made by a group of hackers calling themselves “Evil Corp.” MalwareBytes has more info on both:

The ransomware name is derived from the filename it creates which includes an abbreviation of the victim’s name and the string “wasted”.

For each encrypted file, the attackers create a separate file that contains the ransomware note. The ransom note has the same name as the associated file with the addition of “_info”.

The ransom demands are steep, ranging from $500,000 to over $10 million in Bitcoin. Given that the operators make every effort to go after any backups, some organizations may feel the need to pay up. Where other ransomware operators are adding the exfiltration and even auction of stolen data to their arsenal, the Evil Corp gang has shown no inclination in that direction yet.

Historically the Evil Corp gang targets mostly US organizations and it looks like they are staying on that track with a few victims in Europe. The main players in the group are believed to be Russian.

The ransomware itself is very interesting in terms of how it operates:

The ransomware itself is custom built for each client so there is nothing to be gained by doing a full analysis. The attacks do have some commonalities though which we will discuss here.

  • Deletes shadow copies, which are the default backups made by the Windows OS.
  • The main executable for the ransomware is copied to the system folder and gets elevated permissions
  • A service is created that runs during encryption.
  • During encryption the encrypted files are renamed, and the ransom notes are created.
  • A log file is created that lists the number of targeted files, the number of encrypted files, and the number of files that were not encrypted due to access rights issues.
  • The service is stopped and deleted.

This is very crafty and would almost be worthy of praise were it not for the damage that it causes.

Now over to Evil Corp. Their top guy is said to be a fellow by the name of Maksim Yakubets according to the FBI. His right hand man is said to be Igor Olegovich Turashev and both are Russian nationals wanted by the FBI. And if you’re interested in why the FBI wants to get them into a jail cell, this Wired article can help you with that. They’ve been around for a while and have become increasingly more sophisticated, which makes them a threat to computer users everywhere. And if they are truly behind the Garmin ransomware attack, they’ve now got the eyeballs of a whole lot of people behind them who would love to take them down. Especially if the rumors are true that Garmin paid the ransom to get themselves out of this. Thus I would not want to be them as there’s not a whole lot of places outside of Russia that they can go without the FBI being able to nab them. Plus with this latest attack, the FBI is going to work double time to get them into a nice cosy jail cell.

A Rumor Claims That Garmin “Obtained” The Decryption Key To Get Their Data Back…. The Facts Say That Garmin Is Down Again

Posted in Commentary with tags on July 27, 2020 by itnerd

A report from Sky News says that Garmin has “obtained” the decryption key to get them out of their ransomware mess:

Smartwatch maker Garmin has obtained the decryption key to recover its computer files from a ransomware attack last Thursday, Sky News has learned.

The thing is, Sky News offers up no proof whatsoever. At least when the news that Garmin had been pwned by ransomware first appeared, there was proof from a variety of sources to back this up. But that’s not the case here. And what makes this report questionable:

Security sources who spoke to Sky News said WastedLocker is believed to be developed by Evil Corp, a hacking group based in Russia which was sanctioned by the US Treasury last December

The sanctions mean that “US persons are generally prohibited from engaging in transactions” with the cyber criminals, although the US Treasury did not respond to questions about whether the general prohibition applied in the circumstances of extortion.

Sources with knowledge of the Garmin incident who spoke to Sky News on the condition of anonymity said that the company – an American multinational which is publicly listed on the NASDAQ – did not directly make a payment to the hackers.

So if Garmin did make the payment, they didn’t do so directly to try and evade the fact that paying Evil Corp would be illegal. That’s not unusual as I have heard of these third party payments to ransomware gangs happening in other situations. It all depends on how much the data is worth to the organization that got pwned.

But let’s move from rumor to fact. Garmin Connect is down again based on their status page as of 10PM Monday. Here’s a screenshot:

This has stretched the patience of Garmin users as it was partially up earlier today, which gave Garmin users some hope. But any hope is likely gone now and Garmin is now back to handling a PR disaster. If everything that happened over the weekend wasn’t going to drive Garmin customers to competitive products, I’m going to guess that this latest incident will.

It sure sucks to be Garmin right now.

UPDATE: As of 11:15 PM Garmin Connect appears to be back to being somewhat online.

Garmin Admits Ransomware Took Them Down….. But Things Are Coming Back Online

Posted in Commentary with tags on July 27, 2020 by itnerd

Garmin has just posted a news release admitting that it was a victim of a cyberattack. Here’s the relevant part:

Garmin Ltd., today announced it was the victim of a cyber attack that encrypted some of our systems on July 23, 2020. As a result, many of our online services were interrupted including website functions, customer support, customer facing applications, and company communications. We immediately began to assess the nature of the attack and started remediation. We have no indication that any customer data, including payment information from Garmin Pay™, was accessed, lost or stolen. Additionally, the functionality of Garmin products was not affected, other than the ability to access online services.

Affected systems are being restored and we expect to return to normal operation over the next few days. We do not expect any material impact to our operations or financial results because of this outage. As our affected systems are restored, we expect some delays as the backlog of information is being processed. We are grateful for our customers’ patience and understanding during this incident and look forward to continuing to provide the exceptional customer service and support that has been our hallmark and tradition.

Well, this is better than what Garmin had been doing up until this point. Which is to not have that much communication with their customer base. In my testing with my Garmin Edge 830 cycling computer along with the Garmin Connect app I can confirm that some of the functionality is working. Specifically:

  • I can see my activity history again in Garmin Connect. Though I am missing a cycling activity from Thursday that is thankfully present in Strava. Because, if it is not in Strava, it didn’t happen.
  • Syncing from my Edge 830 isn’t working. None of the activities that I see in Garmin Connect isn’t syncing down to the Edge 830.
  • There are still error messages in Garmin Connect saying that they are still down which isn’t a surprise as Garmin has made it clear that it will take days to fully bring things online.

The thing is that this will not likely keep people from asking questions about what happened, and more importantly what Garmin is going to do to make sure that this doesn’t happen again. I suspect that we might get those answers on Wednesday when Garmin releases their quarterly statement.

UPDATE: If you want to check the status of Garmin’s various services that are related to Garmin Connect, click here to see their status page.

The Garmin Ransomware Attack Is Much Bigger Than You Think

Posted in Commentary with tags on July 27, 2020 by itnerd

This Garmin ransomware attack is a huge deal. Sure the thing that people are talking about is that athletes who use their kit can’t upload and analyze their runs, rides, or anything else that they might have done for the last several days. But it’s much worse than that on multiple fronts. Let’s start with the fact that Garmin does more than just fitness gear. They do car SatNav systems, marine SatNav systems, and aviation SatNav systems. The latter has now become an issue based on this Reddit post:

As of right now the FAA has just grounded our small fleet of aircraft (won’t say which company) as we rely on Garmin aviation database on our navigational systems. We need to run an up-to-date version of this database (it’s a FAA requirement) and can’t comply. from r/Garmin

That’s not good. If aircraft get grounded, and aircraft fleet owners can’t make money, lawyers get called. And Garmin’s nightmare will go from bad to worse when those lawyers start to call Garmin HQ.

And there’s the fact that it appears that their top end smart watches that are preferred by runners seem to have developed issues since this outage has started:

Garmin’s smartwatch woes continue as GPS and run tracking for distance wasn’t available and devices such as the Fenix line were caught in a “saving” loop that required a reset. The same problem affects indoor activities even without GPS connections. 

At the moment, it’s unclear whether the GPS signal issues with the Garmin devices are related to the company’s ransomware attackand bungled handling of it, but your Sunday morning run won’t be quantified.

Bad as that those two things are, it’s actually worse than that.

Let’s say whomever launched this attack was in Garmin’s network for weeks, months, or years. They could have stolen all sorts of data from Garmin’s network. Be it intellectual property, like the designs for new products. Or your personal data. Such as your name, address, your email address, the name or names of your emergency contact info and their personal info. Not to mention all the location data from whatever activities you do. The personal info could be used to launch targeted phishing attacks that would be very convincing. The latter could be interesting for someone who wanted to learn more about you so that they could exploit you in some way.

Oh, it actually gets worse than that.

People have been saying why haven’t Garmin gotten things online yet. Those people would include me:

Then they put out a FAQ on Saturday that you can find here. My thoughts on that were as follows:

Now Garmin’s response to this from a PR perspective has been in a word, shambolic. They have done a horrible job of reassuring users and giving said users an incentive to stick with the brand and not defect to a competitor. But here’s the reality that even I need to remember. They likely could not share a whole lot with Garmin users in terms of detail. Possibly because they don’t know how bad this is. Possibly because law enforcement is involved and they told Garmin to keep quiet. Or possibly because lawyers are involved and they told Garmin to keep quiet. But let’s say that they don’t know how bad this is. That would mean that Garmin was and still is auditing the hell out of their systems to figure out if they can carve out and isolate the sections that have been affected by the ransomware, and checking over everything else to make sure that nothing is lying in wait to encrypt everything in sight. On top of that, they would need to audit their backups and make sure that they don’t have anything lying in wait by doing a test backup and looking for anything bad. That’s important because as I said earlier, if the bad actors were in the Garmin network for weeks, months, or years, those backups would be worthless. Which means that this outage will drag on for a very long time. As in weeks or perhaps longer. Unless of course Garmin pays the $10 million that the bad actors behind this want. Which they likely won’t. Or at least they shouldn’t.

At least Garmin is looking for a Cyber Security Engineer to make sure that this doesn’t happen again. Though that’s cold comfort to Garmin users at the moment.

One final point, if you read their FAQ which you can find here, it says this among other things:

Was my data impacted as a result of the outage?

Garmin has no indication that this outage has affected your data, including activity, payment or other personal information.

Having “no indication” that users data was affected is not a definitive statement. That seems to indicate to me that Garmin must think that user data might have been affected in some way. That’s not good if you’re a Garmin user. And it may be enough to send you to a competitive product.

So this is a very bad situation for Garmin and for their customers. But as I type this, Garmin appears to be starting to get their Garmin Connect infrastructure online. So there may be light at the end of the tunnel for those who use Garmin products. But still, there’s a lot of questions that will need to be answered about this incident. And since Garmin is scheduled to report their quarterly results on Wednesday, and that reporting is usually accompanied with a Q&A session with key executives, I for one will be interested in what they have to say about this incident.

Sources Say That The Price To End The Garmin Ransomware Attack Is $10 Million

Posted in Commentary with tags on July 25, 2020 by itnerd

Garmin has had an outage for the last few days that has taken down its call centers and more importantly has taken down the Garmin Connect service that allows their athletes to sync and analyze their efforts. Reportedly the cause of this outage is a ransomware attack. Specifically the “WastedLocker” ransomware. While Garmin has unsurprisingly not confirmed this, many people who are in a position to know have. And those same sources have told Forbes that the price to end this nightmare is $10 million:

The ransom note tells the recipient to email one of two email addresses to “get a price for your data”. That price, Garmin’s sources have told BleepingComputer, is $10 million.

Now I am not an advocate of paying ransoms as the best way to protect yourself is to back up regularly and use those backups to rescue you from a situation like this. But it’s more complicated for Garmin. If they don’t pay the ransom, they will end up facing more and more anger from their user base made up of athletes, drivers, and pilots. The latter could be serious as pilots need to download maps to allow them to fly safely. And they can’t at the moment. But it’s all bad for Garmin the longer this goes on.

Conversely, if they do pay the ransom…. Well….. That’s complicated because of who’s behind this ransomware attack. Here’s what Bleeping Computer had to say:

Evil Corp (aka the Dridex gang) is a Russian-based cybercriminal group active since at least 2007 known to be the ones behind Dridex malware and for using ransomware as part of their attacks including Locky ransomware and their own ransomware strain known as BitPaymer.

The U.S. Treasury Department sanctioned evil Corp gang in December 2019 after being charged for using Dridex to cause more than $100 million in financial damages.

Due to this, it is a tricky situation for Garmin if they want to pay the ransom as they would potentially be violating United States sanctions.

So you have to wonder what Garmin is going to do as the clock is ticking, the money they are losing is growing, and the anger from their user base is growing. That’s not a great place to be if you’re Garmin.

Review: Garmin Edge 830 Cyclocomputer

Posted in Products with tags on August 16, 2019 by itnerd

Frequent readers of this blog know that my wife and I ran the Garmin Edge 520 cyclocomputers to allow us to measure our performance and to navigate courses at home and on road trips. That’s worked well for us over the last few years, but this year we felt that we needed to up our game. Thus we got the Garmin Edge 830 which has a number of things going for it. Here are the key things in my mind:

  • It is a touchscreen which makes it insanely easy to navigate and can be used with full finger gloves as the screen is pressure sensitive.
  • On-device route creation which allows you to create routes on the fly.
  • Turn-by-turn navigation
  • Customisable apps
  • Strava integration. You can sync your data with Strava for free. But on-device Strava Live segments requires a Strava Summit membership, and your smartphone needs to be connected to the device.
  • Group messaging and tracking assuming that all the people in your group have compatible devices and share their info with you.
  • The device displays notifications from incoming calls and text messages from your phone….. Though you can’t answer them from the device which is understandable.
  • There’s a bike alarm function. Activate the alarm on the device and if someone moves your bike then the Edge 830 will send a notification to your smartphone.
  • Performance monitoring insights that give information on your VO2 max, recovery status, training load, heat and altitude acclimation, and your nutrition and hydration status after rides.
  • The device displays notifications from incoming calls and text messages

The Edge 830 has both on board WiFi and Bluetooth connections so it’s possible to directly pair the device to any WiFi network. Once connected, the device will automatically link to Garmin’s servers where it can sync your device so that it can upload your ride data as well as check for firmware updates. Which is something that you should do as Garmin has improved the functionality with every firmware update (which is version 4.10 as I write this). It’s very easy to set up its basic functions using the Garmin Connect app which is available for iOS and Android. From there you can add sensors like speed sensors, cadence sensors, and power meters so that you can get the most out of your training and riding.

One key feature is the incident detection feature, which alerts a pre-defined contact that you’ve had an accident and serves up your location to them. You also get the ability to send them a message saying that all is well if the incident is minor or you set this off by accident by say dropping your bike. It requires that the device is paired via bluetooth with and connected to your phone and only iOS and Android phones need apply. One thing that I note is that it is sometimes too easy to set off this feature on really rough roads.

The turn-by-turn navigation is fantastic on the Edge 830. The on-screen map, when zoomed in, provides excellent levels of detail and accurate guidance instructions with ample warning — both audible and visual — when a turn is approaching. Though if you design your own routes, I would strongly suggest that you turn off the popularity routing feature which uses rides that are uploaded to the Garmin Connect service to determine the best route. The reason I suggest this is that it will take you off your intended route and that will drive you nuts. It also has problems distinguishing between different road and path types and it has a penchant to take you on the most traffic-dense roads or, in total contrast, the least suitable paths, trails or tracks for your defined parameters. In other words, stick to designing your own routes which is what I do.

Any other gripes? The price. This is not a cheap cyclocomputer. The Garmin 830 goes for $550 Canadian which is not cheap. But the argument that I would make is that this is a higher end cyclocomputers used by pros and serious cyclists. Having said that, if this price is too much for you, there’s the Garmin Edge 530 which is $130 Canadian less and does most of what the Edge 830 does. Though you give up the touchscreen and some of the advanced routing functions of the Edge 830. Which means that you’re more reliant on buttons which might make it harder to navigate its functionality. For my money, I’d take the Edge 830 and benefit to from the ease that the touchscreen offers.

 

 

Review: Garmin Edge 520 Cyclocomputer

Posted in Products with tags on September 1, 2017 by itnerd

When I ride my bike, I’m looking to improve in some way on every ride. To help me with that, I have a Garmin Edge 520 cyclocomputer on my bike.

IMG_0065

This is a small but sophisticated computer that out of the box allows you to measure distance, speed, ride time and elevation with no external sensors required to do so. That’s because the cyclocomputer uses GPS and Glonass to track where you are and how fast you are moving. It will also display a rudimentary map that will allow you to know where you are. Plus it also has rudimentary navigation abilities to route you through a course that you can download to the cyclocomputer via the MicroUSB connection while connected to a Mac or PC. You also use the MicroUSB port to charge the cyclocomputer so that you can get up to 15 hours of battery life.

However, the real power starts to appear when you pair the cyclocomputer with any of a number of external sensors to get data. The sensors need to support the ANT+ standard for them to work which pretty much everything that you’d be interested in does. In my case, I use a heart rate monitor and a cadence sensor (so that I know how fast I am pedaling). My wife who has the same cyclocomputer takes it one step further by adding a speed sensor on top of the sensors that I have mentioned above. If you really want to get nerdy, you can add the sorts of sensors that pro cyclists use like this power meter that measure your power output when you ride. Or you can integrate it into the Di2 electronic shifting system that cycling components company Shimano makes. It will even integrate with Garmin’s cycling lights and action cameras.

In terms of the data that it collects, it will allow you to measure your performance on the bike in the same way that pro cyclists do. This allows you to really hone in on what you’re good at and what you need to work on. But if you’re not trying to be the next Chris Froome, you can leverage the fact that this computer will work with Strava in a couple of ways. Strava is a social fitness site where riders’ GPS files are compared by time over certain stretches of road. I use it myself and a I use an app called Garmin Connect on my iPhone (it’s also available for Android and Windows Phone) to automatically upload my rides to Strava when I am done. But the Edge 520 supports Live Strava Segments which are sections or road where you can set the best time among those who ride the same section of road. You’ll get a notification of when you are approaching a Strava Segment and relevant info such as best time, your friends best times, etc. This feature does require you to pay for a Strava Premium account, but you do get a taste of this feature for three months.

Garmin Connect is also useful to users of the Edge 520 in two other ways. First is that the cyclocomputer is capable of paring with a phone via Garmin Connect so that you can see the name and number when someone calls you as well as text messages of anyone who texts you on the computer. Though you cannot respond to it, it is handy as you don’t have to pull your phone out of your cycling jersey to see who is calling or texting as long as you pay attention to the road. That way you can decide to pull over and respond, or ignore it and keep riding. The other feature that Garmin Connect brings you is Incident Detection. The Edge 520 leverages its internal accelerometers to detect what it considers to be an incident such as a crash or you being hit by a car. It will then first put a message on the screen of the Edge 520. If this message is not cleared within a given time period then the Edge 520 will then send a message to a Bluetooth paired phone that will that will in turn send a message on to a list of registered contacts about the incident. It’s easy to set up and it will act as some extra piece of mind for your loved ones.

Gripes? Despite the fact that this computer supports both ANT+ and Bluetooth, the Edge 520 would not support pairing with my Series 2 Apple Watch to get heart rate info from it. Now, I can see this from a couple of angles. The first being that Garmin sells wearables of its own and they really don’t want to play nice with the competition which I can understand. The other side of this is that Apple is playing nice with lots and lots of fitness companies and Garmin needs to get into the game. Now I thought that I was an edge case (excuse the pun) with this gripe, but a quick Google search suggests that I may not be the only one out there that would like Apple Watch support to happen.

The Garmin Edge 520 is not cheap. It’s $400 CAD by itself. But you can get it in a bundle with a heart rate monitor, a cadence sensor, and a speed sensor for $550 CAD. It’s aimed at serious cyclists who want to gather all sorts of data about their rides. Thus if you’re someone who only rides on local cycling paths and enjoys the scenery, this isn’t the computer for you and I would suggest looking at one of Garmin’s lower end models. But if you do fit the use case that this cyclocomputer is aimed it, head to your local bike shop and pick one up today.

Review: Garmin nuvi 2595LMT GPS

Posted in Products with tags on January 23, 2015 by itnerd

For the last few years, I’ve had a Garmin nuvi 1350LMT GPS. It’s proven itself useful by allowing my wife to navigate to anywhere because she is shall we say “directionally challenged” and relied on printed maps to get her from point “A” to point “B”. It’s worked well for years. Not to mention that I’ve used it to get around Toronto and various points in the province of Ontario as well. But last week I started to have issues with it. It not only started to display an error message that said “Accessory Not Supported” but the traffic function stopped working. Now there is an FM receiver that is built into the power cable for the GPS that I logically figured was the issue. So I borrowed another one from a friend to to confirm it. I then found that it was the GPS itself that was the issue as I still had the same problem. Since it was out of warranty, I decided to buy a replacement.

At this point you’re wondering why my wife and I wouldn’t use our respective phones for navigation. The reason is simple. I’ve found that a phone works well if you’re willing to pay for the data charges related to downloading maps on the fly. Though the advantage of that is that you tend to get up to date maps. However phone based navigation only works when you have cellular coverage. I’ve driven through parts of the US where there are cellular dead spots. That makes phone based navigation useless. However a GPS based navigation system “just works” regardless of where you are. The catch is that you have to keep the maps updated so that they’re accurate and that’s always a manual process.

So, after doing my research, I settled on the Garmin nuvi 2595LMT. Getting it was a bit of a challenge though. I took a trip to my local Best Buy only to be dismissed by multiple salespeople who when I asked them for one they all said “Sorry, I can’t sell it to you. This isn’t in my department.” So I whipped out my phone and a Google search took me to 2001 Audio Video who had it for $50 less than Best Buy. So I started to walk out of Best Buy. But I did not make it out the door before a salesperson stopped me and asked if I needed help. I told them that I wanted a GPS and nobody would help me. Thus I was leaving to get it elsewhere as I found a store that had it $50 less than they did. The salesperson simply said “Ok. Have a nice day.”

Clearly Best Buy didn’t want my business.

So, after a ten minute drive and five minutes in 2001 Audio Video, I had one in my possession. Kudos to 2001 Audio Video for their customer service and Best Buy (or Future Shop for that matter as they’re owned by the same company) will never see me inside their stores again.

But I digress. This isn’t a rant, it’s a review of the Garmin nuvi 2595LMT.

Now this Garmin is physically larger than the last one that I had. It has a 5″ screen which is up from the 4.3″ screen that my last one had. However is still a relatively compact and light unit. Info is easy to see and read and it can be used in bright conditions and strong sunlight. Contrast is good and viewing angles are wide. The outer shell is classy looking. Here’s a picture of it installed in my car using the mounting hardware that I put in for the last Garmin that I had:

IMG_0796

If you don’t want to do what I did to mount the GPS in your car, it does come with a swivel suction mount system that clips onto the GPS and suctions onto your windscreen. One thing that I should point out is that the front is made from glossy black plastic which easily picks up fingerprints and dust. Other than that, it looks cool.

The feature set is pretty extensive. Here are the key features to keep in mind:

  • 5″ dual-orientation touchscreen. In other words, it can be used in portrait or landscape mode.
  • Free lifetime updates for the maps
  • Free lifetime traffic reporting
  • Voice-activated navigation
  • Lane guidance with a feature called “photoReal junction view”. This is a handy feature that shows a visual representation of any on ramps, off ramps or junction points ahead of you along with arrows pointing you towards which lanes to take. In my testing, the pictures it displayed were surprisingly accurate. It was almost as if someone went out and snapped pictures of every on ramp, off ramp or junction point on your route.
  • It has Bluetooth connectivity that you can use with its microphone and speaker as a speakerphone or to stream music along with one other feature that I will get to later in this review. You can also use it with Garmin SmartphoneLink for iOS and Android devices to get information and live services such as more detailed traffic, weather, where to park, sending addresses from your phone to the GPS, and where your car is located. In my case, I turned Bluetooth off as I had set up a Bluetooth adapter in my car routed through my stereo.

I then took 45 minutes to update the operating system and the maps using Garmin Express which is free for Mac and PC. I also used that same application to back up the saved locations on the old GPS and then restore them to the new one. As an aside, this application will alert you if there are updates available which saves you from constantly having to check. In the end, it was a very painless transition from the old GPS to the new one. I should note that you get a MicroSD card slot so that you can add a MicroSD card to allow for additional maps. But you may not need it as I had just over 2GB of space free after updating it.

After plugging everything into the car, I took it for a test drive. Here’s what my impressions are:

  • Unlike my last GPS, the Garmin nuvi 2595LMT starts up and is usable within seconds of turning on the car. The 1350LMT by comparison would take up to two minutes to boot. There’s a battery inside the nuvi 2595LMT that puts it into a sleep mode and it seems to be able to survive a couple of days of being asleep with minimal battery drain. Thus I imagine that you could keep it asleep for weeks at a time.
  • The user interface has been refined and is more smartphone like. You can use swipe gestures to scroll through items for example. It’s also easier to enter addresses and do common tasks.
  • The Garmin nuvi 2595LMT not only calculates routes much faster than my old GPS, but it now gives you the option of choosing from multiple routes so that you can avoid toll roads or areas that you don’t like. On top of that, if you don’t obey the instructions of the GPS, it re-routes you almost instantly. My last GPS by comparison would take a very long time to calculate a new route. That is a very welcome change.
  • The default voice is female that speaks street names. It sounds incredibly robotic as if it’s from the 1990’s. My last GPS had a much more natural voice. You can replace it with other voices, but you lose the ability to have the GPS speak street names. Thus you’re basically stuck with this voice. The upshot? It’s clear and easy to understand.
  • The nuvi 2595LMT has a voice-recognition engine which can interpret full addresses read out loud. You don’t have to say the town, then the street, then the number, as the system understands the whole address in one go. This worked well when I tried it.
  • The traffic function worked well on major highways via the FM receiver that’s built into the device. However, it had no clue about traffic on local roads. That’s no different than my last GPS so I’m fine with that. One handy feature is that the nuvi 2595LMT beeps and displays a warning about traffic ahead of you at the top of the screen. My last GPS simply said “Traffic Ahead”. Now If you want more detailed traffic updates, you can use Garmin SmartphoneLink to provide more detailed traffic reports if you’re willing to pay for it, or you can get the Garmin HD Digital traffic receiver if there’s coverage for HD traffic in your area. There isn’t in Canada, so I will pass on that.
  • My last GPS had the ability to calculate fuel economy if you enter some info about the vehicle that you’re driving (namely the city and highway mileage). While it was a rough estimate as it was simply doing math rather than reading stats straight off the car, it was handy for spotting potential issues with my car. The nuvi 2595LMT does something far more sophisticated. You need to purchase a Garmin Mechanic with ecoRoute adapter that plugs into the OBD II port on your car and connects to the GPS via Bluetooth. It provides detailed system data, including engine monitoring, sensor and gauge data, fuel efficiency and engine diagnostics in real time. It sounds interesting, but I think I will pass on that for now.

Other than the rather robotic sounding voice and the loss of the ability to get a rough estimate of your fuel economy, I really like the Garmin nuvi 2595LMT. And neither of the two items that I mentioned are deal breakers by any means. It was not a planned upgrade, but it was a worthwhile one. I recommend it for anyone who needs an in car GPS. The list price from Garmin is $199.99 USD. If you shop around, you can likely find it for less just like I did.

Just don’t get it from Best Buy.