post

You’re in Danger on Public Wifi!

wifi-publicIllustration by Kristina Collantes

If you ever connect to a public Wifi hotspot, you owe it to yourself to spend 4-5 minutes and read this article by Maurits Martijn called, “Maybe It’s Better If You Don’t Read This Story on Public WiFiWe took a hacker to a café and, in 20 minutes, he knew where everyone else was born, what schools they attended, and the last five things they googled.”

I want to make thousands of copies of that article and give them to every single person I see in every public Wifi location everywhere!

Let me say it as emphatically as I can if you’ve read this far: You are an idiot if you connect to any public Wifi without running a virtual private network (VPN) connection (like the one I use, Private Internet Access for $39.99/year for 5 devices). If you don’t it’s not “if” you will get hacked, but rather “when” it will happen to you.

To show you how pervasive and simple it is to hack your laptop, smartphone or tablet when you connect willy-nilly to some public Wifi hotspot, let me give you a glimpse at what I can only describes as a…

HACKER’S DREAM MACHINE
The Wifi Pineapple, a $99.99 black box

The Wifi Pineapple, a $99.99 black box
which makes it trivial for a hacker to steal you!

Because I’ve technically known the risks for nearly ten years, I’ve been paranoid about public Wifi locations since 2005 and wrote about being “naked in a coffee shop” here, here and here. But to show you how brain-dead-simple it has become to BE a hacker, wait until you read about a black box called the Wifi Pineapple you can buy, for $99.99, which lets anyone who has one:

  • Run a man-in-the-middle attack, essentially spoofing a public Wifi connection and even impersonating the actual, real network connection (whether open or secured). How many times have you connected to Wifi that said “Coffee Shop Guest” or “Free Public Wifi”? Sometimes they’re real, mostly they are not. You can almost never be certain.
  • The attacker can monitor all network traffic flowing between an Internet gateway and the connected clients (like your laptop, smartphone or tablet!) as well as manipulate this data in transit such as through captive portals, DNS spoofing, IP redirection and even the substitution of executables in transit (so that file you’re downloading might be coming off of the attacker’s laptop!).

There’s alot more you can do with this device and Hak5, the group that makes it, is certainly gleeful about all the rogue crap it can do:

“…the WiFi Pineapple is more than a platform – it’s a community for creativity. Rickrolling clients, powering off WiFi drones mid-flight, tracking commercial airliners and logging WiFi connections are only some of the creative things being done within the WiFi Pineapple community.”

On the Hak5 forums they even have a section entitled, “WiFi Pineapple University” to help users teach users about this ‘fun’ little box.

The good news? If you run a VPN and inadvertently connect to “Coffee Shop Guest” and it’s actually a spoofed connection through one of these black boxes, the hacker would only see encrypted traffic! Everyone else’s internet traffic—Facebook login, bank password, credit card data—would mostly be going in the clear. (Note: I know that an actual SSL connection would encrypt traffic in the browser, and so do most smartphone and tablet apps, but more sophisticated hackers can even spoof SSL connections so that your browser thinks it is securely connecting…but it is not).

I must admit that, even though I’m more appalled by the activities of our government and mass surveillance of U.S. citizens in what I believe is a direct violation of our Constitution, boxes like this one target individuals with a lot to lose. It’s not right and not fair and I hope I never catch someone using one in a public place or…

post

Privacy Does Matter

Glenn Greenwald was one of the first reporters to see — and write about — the Edward Snowden files, with their revelations about the United States’ extensive surveillance of private citizens. In this searing talk, Greenwald makes the case for why you need to care about privacy, even if you’re “not doing anything you need to hide.”

post

Thank you, Apple, for iPhone Encryption

ip6-under-the-hoodThough our national security is an absolute imperative, the Edward Snowden revelations about mass NSA surveillance—and what most of us see as a direct violation of our Constitution by them (as well as their practice of passing that data to the DEA, FBI, IRS and local law enforcement)—the intelligence community made their bed…and now they have to lie in it.

From Wired’s article called Apple’s iPhone Encryption Is a Godsend, Even if Cops Hate It:

It took the upheaval of the Edward Snowden revelations to make clear to everyone that we need protection from snooping, governmental and otherwise. Snowden illustrated the capabilities of determined spies, and said what security experts have preached for years: Strong encryption of our data is a basic necessity, not a luxury.

And now Apple, that quintessential mass-market supplier of technology, seems to have gotten the message. With an eye to market demand, the company has taken a bold step to the side of privacy, making strong crypto the default for the wealth of personal information stored on the iPhone. And the backlash has been as swift and fevered as it is wrongheaded.

Though this is clearly the right thing for Apple’s business—especially if they continue to hope to sell in countries like China (see Apple iPhone a danger to China national security)—I still want to say, “Thank you Apple…seriously.

post

NSA Files Decoded

guardian-nsa-files-decodedThe Edward Snowden revelations about the U.S. National Security Agency (NSA) and its vacuum surveillance, sadly seems to be fading from the public consciousness. Undoubtedly this is viewed as a positive by the intelligence community since they are continuing to accelerate their programs now seemingly unabated.

Awareness is one reason I was pleased to see this article that The Guardian wins an Emmy for coverage of NSA revelations. Their multimedia piece NSA Files Decoded is one of the best, most comprehensive and informative (dare I say “entertaining?”) pieces I’ve seen yet. Congratulations to The Guardian team!

If you care at all about the world our children and grandchildren will inherit, then you owe it to yourself to watch the videos or read articles at NSA Files Decoded. You might also consider paying attention to a relatively new website, The Intercept, so that you can stay aware, stay informed, and not be one of those who are naive about the unprecedented and growing power of the intelligence community and its surveillance of all U.S. citizens.

post

Apple’s ‘Special’ Financing is Special Alright!

apple-financing

Just went on Apple’s web store to see about lead times for shipping the new iPhone 6. When I clicked to check financing options, this “Limited time offer” appeared.

Check out the paragraph below the “Apply Now” button where it states:

The purchase APR will be 22.99% or 26.99% variable, based on your creditworthiness.

Those are interest rates that a mobster named Lenny-the-kneecapper would love, no doubt. If you choose one of these payment options and miss one payment or are late, the interest rates kick in. It simply is a bad option and why so many people get in to debt with interest rates that mean you end up paying double, triple or more for a device like this one.

post

Use Google Voice with a Phone for Next-to-Nothing

phone-iconIn addition to my mobile phone, I’m using a Google Voice (GV) number with a landline phone…and you won’t believe how cheap it is!

As a long time GV user, I was pleased to be able to ‘save’ my Dad’s phone number after he passed away last year. He and Mom had the greatest phone number ever and enjoyed having the easy-to-remember number for nearly 50 years. My sisters and I didn’t want to see that number vanish in to the ether, so I ported it to GV.

The number is SO easy to remember, I’ve begun giving it out as my own personal direct line. I have GV set so it rings my iPhone and SkypeIn phone number so I never miss a call. At work I can also have it ring the desk phone if I choose not to answer a call on Skype or my mobile phone. Pretty convenient. Also, since it is so easy to block spam and telemarketing calls with GV, I am going to place it on my business cards too since my ‘old’ direct line has received an increasing number of spam calls.

Are You Using Your Mobile Phone as Your Primary Business Phone?

mobile-phone-useOh dear God…please don’t use your mobile phone as your primary business line! The quality of a landline-to-mobile phone call is typically so compressed it makes it a bad experience for anyone calling you on your mobile for any length of time.

I find that most people under 35 years of age think it’s perfectly fine to use their mobile phone as their exclusive device for business, but it is not. Your mobile signal is compressed so your voice causes the other person to strain to hear you and it can be quite unpleasant. It’s even worse if you’re on an in-car speaker phone. You also probably don’t realize that, since your mobile signal is compressed even more at peak network usage times (like rush hour), your calls sound even worse to others if you’re in your car, a building, or walking around trying to have a conversation.

So if you are in an office, whether in your home or in a building and you have an alternative, please do not rely solely on your mobile phone for business calls.

A Great Option: Google Voice and the Obihai 200

Obihai200-f-bGoogle has enhanced their Google Hangouts recently by integrating GV in to it. That’s a big deal since many of we GV users had, for some time, been concerned that Google might kill GV due to lack of innovation or attention seemingly being paid to the service.

UPDATE 9/20/14: Obi200 can be used with E911 A friend of mine asked me if the Obi200 could, in fact, be used with 911 service. Turns out it can for $15 per year. Here is an Obihai blog post about it and how to set it up.

Not only is GV integrated in to Hangouts, but Google has extended their free U.S. and Canada calling and their international rates are really low. So keeping in touch is easier and more affordable than ever.

What if you could plug in a box to your internet router, a phone in to the box, and make phone calls for free? Yes, you could buy Vonage and pay $28 or more per month, Ooma for $129 (for the box) and their optional $9.999/month service, or you could buy a cheap box and get free calls.

I like cheap and free, especially since calling-is-calling.

The Deal

Good news for those of us who use voice over the internet (VoIP): Google Voice is now officially supported on OBi VoIP devices AND you can get their Obihai 200 for only $29.99 if you act fast and use the offer code: EMCPAWW99 here at NewEgg.

Here is the PDF datasheet for the Obihai 200 so you can download if you want to learn more, especially since it can do A LOT more than just connect with Google Voice.

Plug the Obihai 200 box in to your internet modem (if it has extra ports), a hub or switch connected to your modem, or an empty port in your Wifi router. Plug a phone in to the Obihai box (I bought this inexpensive Motorola DECT cordless phone for $22 and it feels nice and sounds great) and your total cost will be less than $60…and it will be a one time cost.

Your calls will sound SO much better and your friends, family and those of us on business calls with you will appreciate it!

post

What If Most Jobs Were Gone?

no-jobsIf you’re at the beginning, middle or end of your career, one thing you should know is that thought leaders around the world are thinking through what happens to society and civilization when jobs never come back. Or new jobs never appear.

My friend Eric recommended that I check out this video from C.G.P. Grey‘s YouTube channel. It’s fabulous and I didn’t know about him, but his videos get millions of views. After watching this video then think about your career and what the world might look like if some large percentage of people can’t find work:

post

Dropbox Pro Now Has 10x More Storage!

dropbox-graphicLike millions of others, I use Dropbox on all my machines as do friends and family. Since I also share Dropboxes with clients, I purchased a Pro account for $9.99 per month and have almost maxed out my 100GB sized service. As of today, that same $10/month will get me 1TB of storage!

Though Dropbox’ unique sync’ing capability and ease-of-use is what has made them explode with more than 300 million users and 80,000 paying businesses using the service, they had to compete with others in the storage space:

  • Amazon launched cut-price Dropbox competitor called Zocalo
  • Microsoft OneDrive (formerly named “SkyDrive”) offers several consumer plans and, instead of Dropbox’ free 2GB os storage, the free level on OneDrive is a whopping 15GBs!

Besides just a lot more storage, there are some really useful day-to-day items which will add a lot of value. Dropbox is offering a surprising amount with this new release and will provide any of us with a Pro account more, so read on for some of the new goodness.

[Read more...]

post

A Vacation in Rome: Angels, Demons and Dirt

angelOur vacation this year was to Rome, Italy and it was good and bad. I’ve been trying to reconcile this trip in my own mind but am still wrestling with it so thought best to get it out of my head and in a post.

Our family approached this trip with great anticipation. My kids are 26 and 19 so it is likely our last vacation together as only the four of us. Having never been to Rome, we planned for months. Here’s what we discovered, though these opinions are more mine than my wife or kids:

THE BAD

Tough to see, but the area in front of our five star hotel is littered with cigarette butts and trash...which is *everywhere* in Rome

Tough to see, but the area in front of our five star hotel is littered with cigarette butts and trash…which is *everywhere* in Rome (click for larger view)

1) THE FILTH: Oh my God is Rome filthy. Old is one thing, but cigarette butts, wrappers, cans and bottles, homeless people’s food debris (and urine) is everywhere, and no one has cleaned a sidewalk here since the time of Caesar (or so it seems). It is just simply dirty.

What really stunned me, though, was the endless graffiti. It covers every surface from upscale hotels and office buildings, to subway cars to every shop and apartment building.

graffiti1

Even in the town near Ostia Antica, the ancient Roman port city, there was graffiti on buildings.

Over several days as we were in neighborhood after neighborhood, tony shopping districts, the subway, towns outside Rome, and even major attractions, and the thought that kept coming in to my mind constantly was, “Man…Rome is a shithole!” and I couldn’t figure out if Romans didn’t care about Rome, or corruption is rampant so no one does much work, or something that makes people put up with this in a city with as much potential as this one.

graffiti2

Every subway car was covered, windows etched with knives, and graffiti was all over the inside too.

This filth, or lackadaisical attitude about the cleanliness of the city, even translates to the overwhelming majority of cars driven by Romans in the city. Nearly every vehicle I looked at on the road, in parking lots and parked on the side of roads was scratched, dinged and just simply dirty. Even new cars. I just didn’t get it, especially from this land and people who have designed and given us Ferraris and Lamborghinis.

I actually had my small wallet in a front pocket but the pickpocket got it anyway

I actually had my small wallet in a front pocket but the pickpocket got it anyway

2) THE CRIME: Our last day we were riding the metro bus from a museum near the Vatican and my wallet was pickpocketed. Even though I’d taken incredible caution for the entire trip—especially since every guidebook warns over-and-over again to wear a moneybelt and be extremely cautious—this time I slipped it into my pocket so someone grabbed it. To say I was upset and angry is an understatement, so much so my daughter got off the bus since I was “making a scene.”

Coat of arms of the Carabinieri

Coat of arms of the Carabinieri

We went back to our hotel room to cancel my credit cards and place a fraud alert on our credit report, when a call came in from the front desk. Turns out a team from the Carabinieri, the Italian national military police, had busted a gang of Romanian pickpockets and they found my wallet in one guy’s backpack!

I got everything back. To say I was stunned and amazed is putting it mildly. Based on all the TripAdvisor forum posts, the articles and forum post at travel expert Rick Steves website, this type of crime is rampant in Rome and, as Steves said in one article, “...at least one person on every tour is pickpocketed.”

The scams, people hustling, and the ripoffs made me feel like I was traveling to a third world country, not a modern one like Italy.

But there was a lot of good and amazing things to see and experience and we had those too, thankfully.

[Read more...]

post

Open Letter to Vlad Shmunis, CEO, RingCentral

CLICK FOR A WEDNESDAY, JULY 16th UPDATE
CLICK FOR A FRIDAY, JULY 11th UPDATE

ringcentral-logoAs a RingCentral (RC) customer since May of 2010, we have enjoyed your service and its capabilities. After my initial 40-50 hours of working with your Philippines-based support folks (yes, it was that painful to setup), we finally got everything up and functioning with our two lines (using Cisco analog telephone adapters), our 800#, fax line, and extensions. It has worked quite well ever since and we’ve evangelized RC to many clients and friends, many of whom have signed up with your service.

But man…is it ever hard to upgrade! Though we have had few issues with RC and little need to contact tech support, dealing with your folks in the Philippines is virtually impossible when it comes to upgrading our service or buying new phones!

[Read more...]