post

Wells Fargo: Why the Bogus *Incoming* Wire Transfer Fee?

As my wife and I are rapidly approaching the “third half” of our lives, I’ve begun removing money from one of my brokerage accounts and wire transferring sums monthly to an account at Wells Fargo.

My wife noticed a “wire transfer fee” of $15 for each transfer. Hmm….Schwab (where we trade) has zero fees for outgoing wire transfers so I sent in this message to Wells Fargo customer support:

Never noticed before that you charge a $15 fee for **incoming** wire transfers until my wife alerted me to *her* wire transfer from Charles Schwab to Wells Fargo and it $15 fee.

This is ludicrous. A $15 fee for an incoming wire transfer? Schwab charges nothing for outgoing transfers so why does WF charge a fee for one coming in? This is nothing but bits across a wire and internal server gateways opening and closing. There is zero human cost in this equation (other than initial programming time) so a “fee” is NOT appropriate.

With all the personal and business money we have with WF, there is NO REASON to nickel-and-dime us on wire transfers like this one and I want someone in a managerial capacity to contact me directly and let me know why.

NOTE: Schwab actually has a $25 fee for outgoing wire transfers, but if you have enough dough in accounts like we do there they waive the fee and there is no fee for incoming transfers. With all the personal and business accounts we have at Wells Fargo — let alone the money we have there and transactions we run through our merchant gateway — my expectation was they’d not charge incoming wire transfer fees. The response from Annette in customer service came as no surprise as you’ll see below.

[Read more…]

post

Make Your Own Site-Specific Web Browser "App"

Need to tell you about a very cool Mac app (Windows version coming soon) that has transformed how I manage my online work and even social media interactions.

The app is called Coherence, now in version 5, which I hadn’t heard about until I stumbled across it this past week and downloaded the trial version. I liked it so much I purchased the Family License 20 minutes later!

The app allows you to create site-specific web browsers that function as their own self-contained Chrome browser application. Why would I want to have a bunch of separate web browser apps on my Mac instead of just opening up 10, 15 or 20 tabs in my Chrome browser? Besides slowing down Chrome and using up lots of my computer’s memory, I have a need to keep things separate:

  • MANAGING ACCOUNTS: With four GSuite accounts (a personal one and three for our various businesses) I could just log in to all of them in my main Chrome browser, but that would mean choosing accounts before going in to Google Drive, calendar, or other GSuite apps, a huge pain in the butt and often confusing. Having one site-specific browser for each GSuite account is fabulous and makes managing all of those accounts a breeze!
  • DEVELOPMENT: With our Innov8Press business I’m constantly logged in to multiple accounts and like to keep everything contained as I work, especially since I’m often logged in to a client’s web services (e.g., Mailchimp; Salesforce; Dropbox) and using a Coherence-made browser makes it simple to not have to login and logout over-and-over again as I go through my workday.
  • KEEP TRACKING TO A MINIMUM: Rather than use a plugin to keep Facebook (and others) from tracking my activities all across the web, Facebook has its own browser and everything runs within it. I even have a “Media” browser with bookmarks to publications I view in order to again, make it harder for third-party tracking companies to follow me around while I browse and use the web.
  • UNIQUE, DISCRETE APPS: I often play Pandora in a browser on my desktop so it’s really nice to be able to do so in a separate browser app vs. having to have the highly insecure Adobe Flash installed so I could run Pandora’s Adobe Air app. I also have a browser app for YouTube/Netflix/Hulu streaming apps as well as one to use with UberConference. Again, it makes my workflow so much more manageable.
  • EXTENSIONS: One last, highly useful aspect of of Coherence 5 is being able to load extensions. For example, in most of the Coherence browser apps I’ve created I’ve included my LastPass password manager extension. That way I can login to a client’s sites (or my own) as needed. Since sometimes I also need to view a client’s site from the standpoint of a user in the U.K. or countries in the E.U., being able to connect a given site-specific browser via the Private Internet Access (PIA) VPN to one of the PIA servers in one of those countries really helps (especially being able to perform Google searches in those countries in order to tweak SEO).

There are lots of other use-cases I’m sure you can think of, or will soon discover, on your own and, at the very least, it’s definitely worth considering. You will find the pricing here:

  • Coherence 5 for macOS 10.10 and Above – Single License $4.99
  • Coherence 5 for macOS 10.10 and Above – Family License (5 Licenses w/ 10 Activations) $24.99

This slideshow requires JavaScript.

NOTE: I should mention that I have used FluidApp for several years, the site-specific browser creator which makes a Safari-like (i.e., WebKit) browser. There are some features in it I like, but it’s not as flexible as Coherence 5 and I find being able to add extensions and use a Chrome-foundation browser meets my needs better.

post

Unlimited Inflight (and 35 million other places) Wifi for Only $10 Per Month

Is this deal too good to be true? Nope.

US Mobile is offering unlimited inflight internet service through the huge global provider iPass for only $10 per month using either the GoGo or Panasonic inflight networks. Yep…you can use it on several U.S. and international airlines but it gets even better as you’ll see below.

As a point of comparison, here is what GoGo charges for a single airline plan:

GoGo is still much more expensive (2 devices will cost $60 per month) and you’re still limited to a single airline. If you fly more than one airline — or even choose your single, favorite one — this new US Mobile offering will save you $40 per month if you only use a single device like your laptop. If you want to add your phone or tablet it will still be a lot cheaper at $20 per month and also offer you more flexibility with multiple airlines.

Here’s where this deal gets even better though. What happens when you land and want to use Wifi in the airport? Once you’re in the city and want to stop in to a coffee shop or restaurant? Or get online when you get to your hotel?

[Read more…]

post

Why Browser Extensions Are Dangerous

UPDATE: Read more here about Chrome security issues

Regardless of browser-type used, I’ve always been **extremely** cautious about loading extensions, especially if they’ve been created in God-knows-what-country and ask for permissions that are worse than leaving your front door open with the key in the lock!

There have been a number of compromised extensions recently in Chrome (see Attackers Go on a Chrome Extension Hijacking Spree” – Several More Compromised) and other browsers are not immune. But it’s this recent spate of Chrome-based extension compromises that is the biggest worry.

How-To Geek just published Browser Extensions Are a Privacy Nightmare: Stop Using So Many of Them and it is absolutely worth a read, especially with warnings like this:

“Modern web browsers like Google Chrome and Microsoft Edge have a permission system for extensions, but many extensions require access to everything so they can work properly. Even an extension that just requires access to one website could be dangerous, however. For example, an extension that modifies Google.com in some way will require access to everything on Google.com, and therefore have access to your Google account—including your email.

These aren’t just cute, harmless little tools. They’re tiny programs with a huge level of access to your web browser, and that makes them dangerous. Even an extension that only does a minor thing to web pages you visit may require access to everything you do in your web browser.”

So either don’t load extensions or be very, very, very careful when you do so.

[Read more…]

post

Cutting the Cord is Hard

Have you considered cutting the cord? If so, get ready for A LOT of resistance and delays when you try to cancel your services!

My wife and I are downsizing from our large family home to a townhome or condo. We haven’t yet purchased a dwelling so we’re uncertain as to which cable provider we may end up with and, since it’s summer, it seemed like a good time to begin cancelling all the services we don’t need and do it now. Plus, it’s actually highly likely we may not renew a cable subscription anyway.

So let’s say you have decided to cut the cord. Cancelling is not a 5 minute per account adventure.

CANCELLATIONS
Not surprisingly, none of these TV provider subscriptions can be cancelled online. One must talk to a human who will do their best to try to talk you out of it and keep you as a customer. Be prepared to invest at least 45 minutes per cancellation and call earlier in the day rather than later.

  • Cancelling Comcast escalated the call from a Philippine-based call center to a U.S.-based “Cancellation Office” where they gave me the third-degree on why I was cancelling. I was forceful that I just wanted to cancel (not put my subscription “on hold”) and they finally cancelled it.
  • Cancelling TiVo was another story. Again it was a call center somewhere and the woman, Joyce, made multiple offers to keep my subscription alive. “We can put it on hold” or “We can offer you X months at a reduced rate” and I was having none of it. “I just want to cancel it” and it turned out Joyce was having “technical difficulties” so could not cancel the account. Fortunately, a few hours later, an email came through with a cancellation notification so that’s done.

Here’s is why it’s so hard to cancel. These legacy TV providers are losing subscribers like crazy and are obviously doing whatever they can to hold on to us:

Five of the largest U.S. pay-TV providers posted subscriber losses during the second quarter as younger viewers increasingly cut the cord and moved to “skinny bundles,” or cheaper packages with select channels, and Internet streaming services like Netflix or Hulu. (via Fortune)

CUTTING THE CORD
If you’re like us, or most people we know, the lion’s share of our TV watching is done through streaming boxes (we have an AppleTV and Roku) as well as subscriptions to Netflix, Hulu (commercial free), AcornTV and DirecTV Now (it’s only $10/month since we have an AT&T Unlimited Plus family plan and then we pay $5/month for HBO too).

Two things we considered strongly and are two things to ponder if you’re considering cutting the cord yourself:

1) There isn’t yet a streaming service that can become a cable replacement, one that includes all the major networks and channels one might want or need. For example, DirecTV Now does not yet have all of the Minneapolis/St. Paul local channels. They also do not have CBS at all. So they’re not an option…yet…but parent AT&T has announced big changes for this Fall.

Whether there is a service that hits the sweet-spot of what people need — at price-points we can stomach — is certainly in flux and there is A LOT of uncertainty about who will be that be-all, end-all provider. You can see a good comparison of the top five providers here.

2) Maybe we don’t need to worry about local channels anyway. I just ordered a Mohu antenna that, for $20, will get all the HD channels we need in the Twin Cities and is better quality than what we’ve watched on cable (over-the-air signals are uncompressed so look much better than compressed cable TV signals). For where we’re going to move to next we don’t yet know which antenna we’ll need, but for now this will work great.

Hope this helps if you, too, are considering cutting the cord.

post

Communicate Like a Pro

Regardless of your occupation, having great communicator skills are “table stakes” to be in the work game today. Especially if you host webinars, record screencasts, podcasts or videos, or even chat with a friend over Skype.

National Public Radio (NPR) has this very useful NPR Training website where you can learn the techniques NPR has honed over many, many decades.

As someone who has done all of the above for communicating with others, the subtleties and nuances of properly delivering what you want to get across is something easy to learn…but you do need to learn it. Too often I’ve attended webinars with the host taking the first five minutes to “um” and “hang on a second” as they futz around getting everything ready. Then they talk like they simply do not care about what they’re saying, you as an attendee, or that they’re bored out of their mind.

Come across as the real you. Not the “DJ” you or what you think you should sound or look like. This training will really help you communicate like a professional so check it out.

post

Why My New VPN is ProtonVPN

The team of scientists and engineers that came out last year with the wildly successful end-to-end encrypted email service, ProtonMail, has now officially made public their new highly secure (and very fast!) virtual private network (VPN) called ProtonVPN.

As a ProtonMail user I’ve been incredibly pleased with the service and its security and this morning I signed up for their newest offering, ProtonVPN. I did so mainly because of the features, but also because it’s from a company I trust and, as a beta user, found it to be fast, robust, secure, and rock-solid.

I’m also stunned by how quickly they’ve nailed the key features needed in both email and VPN to keep us private and secure. A big plus also is that the company, Proton Technologies AG, is based in Switzerland, a country whose laws favor privacy, security and non-disclosure which is the perfect place to headquarter the firm:

“ProtonMail was founded in 2013 by scientists who met at CERN and were drawn together by a shared vision of a more secure and private Internet. Since then, ProtonMail has evolved into a global effort to protect civil liberties and build a more secure Internet, with team members also hailing from Caltech, Harvard, ETH Zurich and many other research institutions.

Today, we help our community of millions of users secure their private data online. More than 10,000 supporters have assisted us in this mission by donating to make this project possible. Thanks to your support, we are continuing to develop state of the art email privacy and security technology from our home base of Geneva, Switzerland.”

ProtonVPN has several key features that are a bit geeky, but have turned my head as someone who is deep in to cyber security:

  • Secure Core: This architecture gives their secure VPN service the unique ability to defend against network based attacks. Secure Core protects your connection by routing your traffic through multiple servers before leaving our network. This means an advanced adversary who can monitor the network traffic at the exit server will not be able to discover the true IP address of ProtonVPN users, nor match browsing activity to that IP.
  • Strong Encryption: All your network traffic is encrypted with AES-256, key exchange is done with 2048-bit RSA, and HMAC with SHA256 is used for message authentication which means it is VERY secure.
  • Forward Secrecy: The encryption cipher suites they use only include ones that have Perfect Forward Secrecy. This means that your encrypted traffic cannot be captured and decrypted later if the encryption key from a subsequent session gets compromised. With each connection, ProtonVPN generates a new encryption key, so a key is never used for more than one session.
  • Strong Protocols: They exclusively use VPN protocols which are known to be secure (OpenVPN and IKEv2). Though I’m not a cryptographer, every one that is whom I follow online swears by both of those protocols which have been examined and certified secure by top cryptographers all over the world.
  • Physical Security: The company has gone to extreme lengths to protect ProtonVPN’s Secure Core servers to ensure their security. Critical infrastructure in Switzerland is located in a former Swiss army fallout shelter 1000 meters below the surface. Similarly, our Iceland infrastructure resides in a secure former military base. Our servers in Sweden are also located in an underground datacenter. By shipping our own equipment to these locations, we ensure that our servers are also secure at the hardware level.

Other Key Features Include:

  • Open Source: Goes without saying that their transparency level is very high and having their software reliant on open source software examination and certification is a big selling point for any of us.
  • No Logs Kept: Under Swiss law they don’t have to keep them so they do not.
  • DNS Leak Protection: They ensure that your browsing activity cannot be exposed by leaks from domain name service (DNS) queries.
  • Kill Switch: Their desktop and mobile applications come with a built-in Kill Switch feature which will block all network connections in the event that the connection with the VPN server is lost.
  • Tor VPN: ProtonVPN comes with Tor support built-in. Through their selected Tor servers, you can route all your traffic through the Tor anonymity network and also access dark web sites. This provides a convenient way to access Onion sites with just a single click.

Take a look at their pricing page. They have a free offering (which is currently shutdown due to the overwhelming response and signups this week) and I signed up for the “PLUS” level today since, as a current ProtonMail user, I got a bit of a larger discount on both ProtonMail and ProtonVPN as a bundle.

I need to end with this: I’ve analyzed more than a dozen of the top VPN providers and previously chose Private Internet Access (which I still have active since I’m paid through April of 2018) and, especially for the non-geeks out there, it’s still the easiest to use, they keep no logs, have the most data centers, and still has my strong recommendation.

But if you’re extra-serious about your VPN — or have specific needs to be highly secure when online — I’d absolutely recommend you immediately go and signup for ProtonVPN.

post

A Few Ideas About Staying Safe and Anonymous Online

My daughter sent me an email last night asking me if an app called Disconnect might work to help keep her safe online, especially since she has experienced her virtual private network (VPN) connection slowing down her online activity.

Here is some of what I emailed to her and thought I’d expand it a bit and post it as it might help you too.

A VPN’s encrypted tunnel does have overhead so it will slow down your internet connection. No way around that and there are always trade-offs like this in order to have good security. A VPN’s encrypted “tunnel” through your internet connection — for your traffic to travel through — typically requires using 10-15% of your internet connection’s bandwidth, but it’s worth it almost all of the time.

One tradeoff many of us make is using good, hard to remember, and always different passwords for every website and app we use. Doing so is very challenging as is keeping track of them (which is why using a password manager like LastPass is so important).

That Disconnect app is just a tracking blocker, but it does offer a VPN in their Premium version for both blocking trackers and keeping traffic encrypted and somewhat anonymous (and it’s good to see that Disconnect does not keep logs of your VPN traffic and use). Disconnect’s VPN will slow down your internet connection just like any VPN does, but I haven’t done a side-by-side comparison between Disconnect’s VPN and the one we use.

Our chosen VPN is Private Internet Access (PIA), a provider that also keeps no logs and has 3,194 servers in 36 locations across 24 countries. Our entire family (and our business) uses PIA. Unless one uses the Disconnect Premium with their built-in VPN, your ISP and trackers can still know where you go and what your iPhone’s apps do (i.e., websites you visit; connections your phone makes through apps; etc.).

My preference is to use best-in-class tracking blockers and a VPN, but want to keep them separate (e.g., Disconnect’s Premium product is $5 per month or $50 per year  for only 3 devices while PIA’s is $6.95 per month or $39.95 for a year but they allow up to 5 devices).

Just know that, even with all of the measures I’m going to outline below, you always, always want to use a VPN when you connect to public Wifi (as well as a few other things) regardless of whether you are only concerned about being tracked while online.

Also, understand that there isn’t anything that is 100% foolproof. Cyber security is an “arms race” and as the good guys build better defenses, the bad guys are building better hacking/cracking and tracking tools. For example, the tech news site Ars Technica had this comprehensive article about how sites can still fingerprint you online even when you use multiple browsers so do your best to stay untracked and anonymous as you can.

[Read more…]

post

Self-Driving Cars by 2030 Will Decimate the Auto Industry BUT Will Save Consumers $1 Trillion & Grow The Economy!

A new research report by the think-tank RethinkX was just published today and has some startling forecasts (my bold and in red):

We are on the cusp of one of the fastest, deepest, most consequential disruptions of transportation in history. By 2030, within 10 years of regulatory approval of autonomous vehicles (AVs), 95% of U.S. passenger miles traveled will be served by on-demand autonomous electric vehicles owned by fleets, not individuals, in a new business model we call “transport- as-a-service” (TaaS). The TaaS disruption will have enormous implications across the transportation and oil industries, decimating entire portions of their value chains, causing oil demand and prices to plummet, and destroying trillions of dollars in investor value — but also creating trillions of dollars in new business opportunities, consumer surplus and GDP growth.

The impacts of TaaS they predict will be both exciting and frightening — if you’re in the transportation business — but the savings for the rest of us (and increased GDP growth) is amazing (again, my bold):

  • Savings on transportation costs will result in a permanent boost in annual disposable income for U.S. households, totaling $1 trillion by 2030. Consumer spending is by far the largest driver of the economy, comprising about 71% of total GDP and driving business and job growth throughout the economy.
  • Productivity gains as a result of reclaimed driving hours will boost GDP by an additional $1 trillion.
  • As fewer cars travel more miles, the number of passenger vehicles on American roads will drop from 247 million to 44 million, opening up vast tracts of land for other, more productive uses. Nearly 100 million existing vehicles will be abandoned as they become economically unviable.
  • Demand for new vehicles will plummet: 70% fewer passenger cars and trucks will be manufactured each year. This could result in total disruption of the car value chain, with car dealers, maintenance and insurance companies suffering almost complete destruction.

Besides all of the obvious downsides to the Trump Administration opening up National Parks and federal lands to oil drilling and mineral exploration —all while decimating the Environmental Protection Agency and labeling climate change a hoax — the positive economic impacts of using solar for energy production, having autonomous vehicles (especially those that are electric) is just smart (which likely explains why the Trump Administration is against those…but I digress).

There is so much more detail in this report that it is definitely worth your time to go and download it:

Go to the RethinkX Website
Read the Press Release
Download the Report Here
post

The NSA is *Not* Securing Our Nation...On Purpose

By now you should have heard at least something about the WannaCry ransomware attack that’s been going on over the last few days. When I ask people about it and what they know, most have vague responses like, “those computers must be old or not updated” or “people were stupid and did something wrong.”

While both have some truth in it, this analysis by Richard Clarke* about an ABC News story on WannaCry had one of the best paragraphs that describe the #1 problem I’ve been mad about for years which was the root cause of this cyberattack, namely that the NSA is not disclosing so-called zero-day vulnerabilities (zero-days are ones that aren’t yet known so companies can fix them):

First, America’s own National Security Agency (NSA) found the vulnerability in Microsoft Windows that would permit a hacker to gain control of a device. When the agency found that vulnerability, it should have told Microsoft right away, so that the error could have been fixed as part of the regular monthly “patching” program without calling attention to it.

Yep. The NSA should have told Microsoft right away so they could patch the vulnerability but then the NSA couldn’t use it themselves. The NSA has a long history of not disclosing vulnerabilities though the NSA chief claims they do disclose 91% of them (which means they likely keep the good stuff, the other 9% that are devastating like WannaCry has been when leaked, to themselves).

Clearly there needs to be a balance, as this Georgetown Security Studies article suggests, between national security and actions that cause national weakness, which I would argue the NSA is doing by keeping vulnerabilities to themselves. The NSA could go a long way toward protecting the American people by disclosing vulnerabilities that are obvious to them and potentially crippling to our nation, as well as not being breached and having their tools stolen.

That Georgetown article had these words to say about the United States’ Vulnerabilities Equities Process (VEP) that should compel the NSA to be more forthcoming, but it contains a loophole that anything before 2014 doesn’t have to be disclosed (which is millions upon millions of computers and servers running older versions of operating systems and software):

Established under President Barack Obama in 2014, the Vulnerabilities Equities Process (VEP) is an interagency framework used to determine whether the US government and its contractors should disclose software and hardware vulnerabilities to the public and private sector or foreign allies.

The public and private sector have increasingly called for full transparency of the VEP and disclosure of all known exploits. According to the National Security Agency (NSA) Director Admiral Michael Rogers, the NSA shares more than 90% of the vulnerabilities it discovers. However, the VEP currently provides a loophole that exempts any vulnerabilities discovered before 2014 from the vetting process. This is problematic for transparency given the long shelf life of a zero-day.

Sadly, I don’t think the current White House administration will do anything to thwart the NSA’s runaway, do-anything-they-want agenda. Transparency is certainly not their forté so my expectations are low.

Let’s hope Congress steps-in and helps drive national cyber security a little harder when it comes to the NSA actually caring about national internet security vs. just performing signals intelligence while the nation’s I.T. infrastructure is hacked.

This WannaCry ransomware attack is a wakeup call to this nation (and the world) that all of the intelligence agencies (we’re looking at you too, CIA) had better start helping the world instead of acting like a bunch of high school hackers exploiting whatever weakness they can before they are found out and get caught.

FURTHER READING