It Sure is Great to Have ‘Hair on Fire’ Internet During a Pandemic

Check out the speed of our Cox Gigablast service in the image above. The speedtest on the left was a server on the Cox network close to my home, and the one on the right is a connection to a test server all the way across the country in New Jersey. This kind of speed is incredibly useful for us, especially during this time with us all working and staying in our homes. If you can get this kind of speed as well, it might be worth it to upgrade your internet connection now.

My wife and I were fine on our previous Cox internet speed (300Mbps down and 30Mbps up) but then the pandemic hit. Our online usage spiked dramatically and then our son moved home for the foreseeable future and was online all the time. Then his work figured out how to let him perform his analysis work from home, and that word “dramatically” became two words, “Oh-oh!”

That “oh-oh” was because our son would need to download HUGE files (300-600GB in size) as well as be consuming tons of bandwidth every work day. As such, I knew we’d need significantly faster speeds and a lot more bandwidth. Fortunately Cox fiber to the home was available in our brand new development, so even my slower speed was brought to the curb with fiber. But I discovered that it wasn’t simple to get upgraded to Cox’ Gigablast service, a broadband tier which promised speeds and throughput close to 1 gigabit per second download speeds and nearly the same for uploading.

An example of an optical network
terminal on the exterior of a house

Now that we knew significantly faster speeds and bandwidth was needed, I upgraded online in my Cox account. I was puzzled that, after several hours and multiple reboots of my modem and router, the speeds were the same. I then called in to technical support and discovered that I needed an optical network terminal (ONT) which would replace my modem in order to achieve these speeds.

This need for an ONT was puzzling as a Cox fiber expert had to come out a couple of months after our internet was installed as we had an outage (a crimped optical connector by the original tech cracked) and this expert indicated that I could simply go online and upgrade to get Gigablast. My expectations were then set but, after talking to customer support folks on the phone didn’t really know what was needed and why it wasn’t working, and couldn’t help me figure out what was needed. Read More

We are having solar installed on our new home. In less than five years our cost for electricity will be nearly zero

Solar power generation is awesome … especially when it enables a person’s electricity consumption to become nearly free within a handful of years. Solar is a smart investment for us personally in our new home and could be for you, too.

BUYING A SOLAR INSTALLATION WAS A NO-BRAINER FOR US
When we moved from Minnesota to California in June of 2018, we knew costs for everything would be higher. We expected that any new home we would buy would cost a lot more (our new home cost nearly double the value of the home we sold back in MN), but what we did not  expect was the high cost of electricity!

In Minnesota we had Xcel Energy whose cost for electricity around-the-clock was 11.7 cents per kilowatt hour. Our new home here in southern California happens to be located in San Diego Gas & Electric‘s (SDGE) region, and it turns out that their electricity cost is the highest in the nation!

SDGE’s pricing plans are numerous, but the year-long average per-kilowatt hour cost — which prospective solar install companies used to calculate our solar system size — was going to be roughly 32 cents per kilowatt hour, nearly 3X what energy cost us when we were living in Minnesota.

On almost all of those SDGE plans there are off-peak, super off-peak and on-peak rates (and one plan even has a cheap car-charging rate from midnight to 6am of only $.09 per kilowatt hour). The on-peak rates are in effect during the summer months — which run from June 1 – October 31 during the 4-9pm time-frame — and what stunned us was the rate during those five hours each day can cost up to $.53 cents per kilowatt hour!

Because of that unexpectedly expensive energy, a few weeks after we closed on our new home we immediately set about learning everything we could about solar, what we needed and what it would cost. We then set about finding the four “best” solar install companies and have them propose a solar panel solution. We selected the best installer for our requirements, signed-up, and everything is in motion.

Within the next several weeks our new solar panel installation will be complete on top of our new home and, based on our projected energy use for the year, our break-even on our solar investment is expected to be 4.8 years. After that our only cost for electricity will be approximately $12 per month for the SDGE “interconnect fee,” which covers the electric meter on our house and account management by them.

Energy rates continue to accelerate and I’ve read numerous articles on the projected 20 year rates that SDGE has received agreement on with the California Public Utilities Commission (CPUC). However, this article from less than a month ago said this:

If approved by CPUC commissioners, average electricity rates in SDG&E’s service territory would increase from 26.25 cents a kilowatt-hour this year to 27.4 cents next year, a rise of 4.54 percent. For a typical residential customer living in the company’s inland climate zone and using 500 kilowatt-hours a month, a bill during a summer month would increase $5.59, according to SDG&E estimates.

I’ve seen SDGE’s own projections and 4.5% per year price accelerator is expected. So as each year passes, our investment in solar energy will pay off even faster and continue to look like a very smart move on our part. But solar (or wind) alone will help combat climate change, but even if every one of the 2,500 homes in our development went solar, it wouldn’t make a serious dent in the emission of  greenhouse gases in to the atmosphere.

For our system being installed, our estimated net electricity cost savings over 25 years will be over $82,000 (assuming a 4% per year utility price escalator). That’s why it was a no-brainer for us to get solar!

Obviously our solar generation will go back in to the grid and offset all of our energy use, including at night. In fact, we’ll be adding about 30% more energy back in to the grid than we consume, just in case we end up with two electric cars at some point and need that extra amount to offset an increase in our consumption.

WHAT ABOUT ENERGY STORAGE?
We drive hybrid cars (and I’m getting a plug-in hybrid in two weeks that will cover 90% of our driving needs on electric) since both my wife and I believe in climate change and that the United States must move forward toward a clean energy future and away from carbon emitting fossil fuels. Charging my PHEV from solar will be easy and free in the near-term, but with energy demand increasing monthly in the United States and around the world, we at least considered buying battery storage to run essential systems (e.g., the refrigerator and some lights).

As such, we also looked at the addition of solar energy battery storage in our garage. Unfortunately batteries are far too expensive and not worth the investment currently (e.g., one Tesla PowerWall is $12,000 and we’d need four of them to be completely energy self-contained) so we’re holding off on storage, perhaps permanently.

As part of our analysis and reading, my wife and I also talked about large-scale battery storage, just in case renewable energy creation does reach critical mass here in California and more energy from solar goes back in to the grid. What might happen if SDGE begins to embrace battery storage for solar-produced energy?

The green energy storage problem is too expensive right now, but we’ll keep an eye on it.

TRUMP & THE GOP DENIGRATING RENEWABLES
It pisses me off that the Trump administration continues to try to gut clean energy spending with his proposed budget that does exactly that. It is clear that this current administration, and Republicans who support Trump’s position on clean energy, continue to position climate change as a “hoax” and the oil & gas industry as “the future” of energy.

Remember when one of the key talking points for the GOP (for decades) was toward less dependence on foreign oil? That wasn’t positioning for renewables, that was positioning for more drilling (and now for fracking shale to squeeze out oil and get natural gas).

Do either Trump or the GOP think that all of their own base of supporters and constituents are too stupid to think for themselves? Such idiots that they don’t believe in science? Though I don’t think President Trump is even capable of thinking deeply about any issue, Republicans should at least realize that even corporations are calling for action on climate change and they’d better stop being dumbf*cks, sucking-up to the oil & gas industry.

Also, I’m glad I’m not alone in my outrage and found this hilarious:

Here is what I believe is the *best* backup solution money can buy

It happened again this morning: A friend reached out to tell me their PC’s 1TB hard drive had crashed and could I help? Of course you guessed it, they did not have it backed up, the drive was toast, and they have either lost everything or could pay close to $2,000 to have the drive recovered!

I have a hard time feeling any sympathy for them, especially since he and I have discussed backup numerous times. I’ve always encouraged him to buy one of inexpensive backup drives that exist, which makes backing up so simple that anyone can do it, even him. So I’ll implore you to backup just like I did him but he is serious about it now after it is too late: PLEASE back up all of your systems and, especially, your main PC or Mac. It’s not IF your hard drive will fail, but rather WHEN it will fail.

WHY I DON’T BACKUP TO CHEAP DRIVES
For me, however, a cheap backup drive won’t do it which is why I use the ioSafe G3 drives:

The ioSafe Solo G3 is fireproof and waterproof external hard drive engineered to keep data safe during fires and floods and to protect to from theft. Designed for optimal reliability, the G3 hard drive is the easiest way to protect your photos, videos, documents and other irreplaceable data.

I’ve written about these drives before here and here and I own two of them. My iMac has a 1TB solid state drive in it and I have one external 3TB ioSafe G3 drive which is nearly full of music, photos, and files. Both my iMac’s drive and my external 3TB drive are encrypted with FileVault, so I needed a 4TB external drive to use for a Time Machine backup drive. So I purchased that second ioSafe drive — this time in a 4TB size — to back them both up (and yes, everything is encrypted there too).

In fact, today I ordered another ioSafe G3 drive but this time in a 6TB configuration. Why? Because my Time Machine backups only go back 30 days and I want them to go at least 30 days further back and maybe longer, so an extra 2TBs of storage will enable me to do that (and I’ll wipe my 4TB drive and connect it to my wife’s iMac).

WHY I DON’T BACKUP TO THE CLOUD
Consider me paranoid, but unless I control the private encryption key I don’t feel my data is safe. Anyone with that key can unlock my data and view it (e.g., Dropbox can, in theory, read all of your files).

The only one I would consider is SpiderOak’s personal One backup plan, a solution that encrypts your data before it is backed up and sent to their servers. As good as SpiderOak is, there are a few “fatal flaws” I see with using it (or any cloud service) as my primary backup solution:

  • My data is in the cloud on someone else’s servers.
  • It takes forever to transfer large data files so backing up is time consuming. Moving huge files can also hammer on your internet service provider’s data caps (which are becoming more common now that TV streaming is ubiquitous and used by more people than ever before) so you’ll have to pay more for data.
  • The 5TB service I’d need is $29 per month ($348 per year) which would buy an ioSafe G3 drive itself!

WHY I USE IOSAFE DRIVES & BELIEVE THEY’RE THE BEST

Look … you can go ahead and backup to cheap drives. But lets say your house catches on fire and the fire department arrives to put it out. If the area near your computer burns your PC is melted and so are your backup drives and everything will be lost. Even if it doesn’t burn and melt, the water used to put out the fire will most likely compromise the backup drives and make them unrecoverable.

The features that make it “the best” backup solution money can buy include:

  • The ioSafe drives can withstand temperatures up to 1550°F for 30 minutes per ASTM E119 (PDF).
  • They can be completely submerged in fresh or salt water up to a 10′ depth for 72 hours (which is so much more than a firehose would douse them with in a house fire).
  • The drives can be secured to either the floor or a hard-to-move object to prevent the drive, and the data it holds, from being stolen (I bolted my drives to my desk when our house was up for sale so no one could grab one and run off with it!).
  • These drives are very, very quiet and, with USB 3, they are fast.
  • They are a “set it and forget it” backup solution. If you have a Mac, use Time Machine to back up your computer. If you have a Windows PC, buying an ioSafe drive includes a license to Genie Timeline Professional: easy to use backup software for Windows that can protect your data with military-grade 256-AES encryption.

Living here in southern California makes drives like these even MORE important for my wife and for me. With earthquakes, wildfires, and more humans than most places on earth (so more likelihood of theft), having these drives as my backup solution give me peace of mind.

HOW AND WHERE TO BUY
Though you can buy these drives directly from ioSafe, here are a few places to pick up a 2TB, 3TB or 4TB drive less expensively:

WHATEVER YOU DO … BACK UP!!
Borsch, you’ve told me I need to back up … I get it!” OK, OK … but I thought my buddy didn’t want to hear me pontificate about backing up either and he didn’t … and now he’s lost all his photos, videos, emails and other data.

Don’t be like my buddy … back up now.

Disclaimer: I receive absolutely nothing from ioSafe or anyone else for my enthusiasm for their incredible hard drives. Yes, I do think they’re the best and just want everyone to back up!

Use Your Phone’s Gmail App for Two-Factor Authentication

Email is your most important application whether you access it in a web browser or with an app on your smartphone or tablet. If your email gets hacked, it is trivial for a blackhat hacker to go to your online accounts with a bank, stock brokerage, ecommerce site, and reset your passwords

…and then gain control of all your accounts!

But you can easily and quickly protect your email. If you set 2FA up and turn it on, a hacker would have to have both your email password and your smartphone in order to gain control over your email account!  In the case of Gmail, you can set up another layer of protection though: two-factor authentication (2FA…also called 2-step verification). 2FA makes your smartphone an additional, secure method of proving it is you trying to login to your Gmail.

The good news? Google has made 2FA quite easy to set up and use but they have recently made it even easier to use. Read on to learn how it works.  Read More

Is Congress Really Gearing Up for an Encryption Battle?

bitsAfter the attacks in New York on September 11, 2001, Congress passed the poorly thought-out Patriot Act. Friday’s Paris attacks seem to be (once again) providing Congress with another excuse to try and legislate making United States encryption weak and putting another obstacle in the way of U.S. technology companies selling overseas.

That’s right….weak. Virtually every single cryptography expert on the planet knows that a force-mandated “backdoor” in software or devices will not work and will make the systems vulnerable to attack by black-hat hackers or state-run military cyberattacks.

Today’s Wall Street Journal had this front-page article, “Paris Attacks Fuel Debate Over Spying – Growing belief that terrorists behind assaults used encrypted communications prompts re-examination of U.S. policy on surveillance.” A few things from the article leapt out at me:

“A growing belief among intelligence officials that the terrorists behind Friday’s Paris attacks used encrypted communications is prompting a far-ranging re-examination of U.S. policy on data collection and surveillance.”  

No kidding. Anyone on this planet with intermediate technical skills can encrypt their communications.

Senator Richard Burr

Senator Richard Burr

Sen. Richard Burr (R., N.C.), chairman of the Senate Intelligence Committee, said Tuesday his panel will launch a review of encryption use. “It is likely that end-to-end encryption was used to communicate in Belgium and France and Syria,” Mr. Burr said. He said encryption was likely because no direct communication among the terrorists was detected.”

Really Senator? Maybe they met in person?

But this is the part of the article that made me choke on my breakfast muffin:  Read More

Backing Up Your Digital Life

firefighters

You are probably like me when it comes to backing up computers and digital devices: It is SUCH a pain-in-the-butt that only the terrified-of-disaster actually take any action. Make sure you look at the Newegg deal at the bottom of this post (and no, I’m not an ‘affiliate’ and get nothing from Newegg for linking to the deal).

Fortunately I’ve never had a house fire but have experienced multiple hard drive failures over the years. Only once, 10 years ago, did I have a hard drive crash to the point where it was unrecoverable. Ever since I’ve been of the mindset that hard drive failures and disasters are not a matter of “if” but rather “when”.

During that 10 years, however, I’ve heard so many personal stories of drive failures (or stolen drives), house or business building fires, a laptop accidentally being dropped overboard while on a cruise ship (and it contained vital, one-of-a-kind business planning documents), that I get after friends, family, and colleagues to backup; backup; and backup!

mom-n-kidAfter hearing one of those stories this past April, I wrote Your Mom DEMANDS That You Backup Your Computer! to see if it would kickstart conversations. It did, but specifically the two friends I was hoping would backup their mission-critical files, tens of thousands of one-of-a-kind digital photos, and other irreplaceable digital stuff….did nothing.

What happens if you have a fire in the house? Or the fireman spray water all over your office—even though the fire hasn’t yet reached in to it—and effectively ‘drowns’ your computer and drives?

Basically you’re screwed. Unless… Read More

Chrome & Firefox Users Are Leaking Their IP Address…Even While Using a VPN

conf-com-usrThe only way you can guarantee your privacy while using a computer or mobile device, is to just disconnect them from the network. Or become a security expert. But if you must be online and want (or need) to be as secure as possible, you won’t want to use Google’s Chrome or Mozilla’s Firefox browsers until you make some changes since your IP address can be easily discovered.

You may know about (and already use, as I do) AdBlockPlus or Ghostery. These browser add-ons are used to block advertisements and also let you control who can track you by blocking services and advertisers from doing so.

So imagine how stunned I was to learn that the very cool and new WebRTC technology (for using video, audio and screensharing right inside your web browser) can leak your internet (IP) address.

Advertisers, and tracking services, love to set tracking cookies that map to your IP address. Then they can follow you around as you use that browser to surf the internet. Intelligence agencies love to discover the IP address of someone since they then can go right to the spot from where they’re connecting.

This flaw in WebRTC is especially troublesome since it would compromise someone whistleblowing, in a country with an oppressive regime in power, businesses communicating online with WebRTC, or anyone legitimately wanting their online activities to be private…especially when they believe they are safe while using a VPN.

Using Chrome or Firefox? Click here to check and see if you are vulnerable.

Test your browser here. If you see Is WebRTC Enabled ! true” appear, you are vulnerable. If you are vulnerable, click the link on that page that says, “How to Disable WebRTC” and follow the instructions.

That IP address leakage is bad enough, but what is worse is that your IP address leaking is NOT able to be detected by any current plugins (e.g., Ghostery) or even the developer tools in Google’s Chrome or the Mozilla Firefox browsers (the primary ones that support WebRTC currently).

ThreatPost has this excellent article on this leak problem:

A recently publicized hole in WebRTC, a protocol for web communication, is revealing the local IP addresses of users, even those who go to extra lengths to hide theirs by using a virtual private network.

Daniel Roesler, a San Francisco-based researcher who’s dabbled in encryption, posted a demonstration on GitHub last week to illustrate how the vulnerability works.

Roesler’s proof-of-concept shows how websites make requests to STUN servers. STUN – or Session Traversal Utilities for NAT, servers – send a ping back that contains the IP address and port of the client–from the server’s perspective. The local and public IP addresses of the user can be gleaned from these requests via JavaScript.

So basically an advertiser, tracking service or intelligence agency can easily setup a STUN server and all requests to a page on that server—with special javascript code loading in a Chrome or Firefox browser—would reveal the IP address of the visitor and allow that page to set a tracking cookie.

Of course, you shouldn’t be doing anything online—even if using a VPN—that’s illegal like pirating movies or music, or buying stuff from a drug ecommerce site like Silk Road. But be especially careful if you are in a country, or situation, that means your life might be in danger if you are caught communicating using something like WebRTC.

How to Disable WebRTC

In Firefox:

  • To disable WebRTC, go to about:config and click-to-toggle media.peerconnection.enabled to false.
  • Or install this Firefox add-on

In Chrome:

  • Bad news? You CAN’T turn off WebRTC on desktop version of Google Chrome.
  • Good news? Install this Chrome Extension: WebRTC Leak Prevent

Backup Factoids to (Hopefully) Get You Off Your A$$

infographic-snippetIf you already backup all of your digital data on all devices—or have a company strategy that takes care of it all for you along with your mission-critical data—go ahead and watch this instead of reading this post.

If you don’t, or are looking for some data on the costs of loss or downtime, you need to peek at what the gang over at Singlehop sent me after reading my post, Your Mom DEMANDS That You Backup Your Computer!. In it they asked if they could send over an infographic they’d created which I could share with you.

Normally I decline when I get these sorts of requests, especially since they number 2-3 per week, but I am passionate and adamant about backing up and hopefully these factoids will motivate you to take steps NOW to do the same for yourself or your organization. Besides, it has some really interesting factoids within it you will undoubtedly find interesting.

Here is that infographic:

Read More

What Caused Bluehost’s MASSIVE FAIL

Click '+' for an email from Bluehost's CEO on Friday, April 18. Too bad he couldn't be bothered to say anything earlier.
bluehost-ceo
Click '+' for an update from Bluehost Support which, ironically, arrived 24 hours after yesterday's 1pm outage.
I would like to offer my sincerest apologizes for this lack of communication and to provide you with some details as to what happened. We experienced a degradation of network service in one of our data centers due to a firmware bug in one of our vendor’s hardware solutions. This was an undocumented bug and we worked with our partner to diagnose the issue and deployed a firmware update to the systems to remediate the problem. Only websites that were being served by this hardware were affected. This is unrelated to any previous outages and we have reviewed our entire network to make sure this problem will not occur elsewhere. Please let us know if there is anything else we can provide; whether information and other, but I would like ensure you I personally understand your frustrations and can appreciate your stance on the situation. Best regards – Ryan, Supervisor, BlueHost.com

An unknown number of Bluehost servers went down yesterday, April 16th, at 1pm central time. This may have been limited to their Dedicated (which I own) and virtual private servers (VPS) but that’s unknown too. It’s also unknown what caused it, even approximately when it will be fixed, or other pretty basic items a paying customer wants to know when a service is failing.

In this post I will tell you about two fails Bluehost made: them communicating to customers about the outage and what caused the outage in the first place.

BLUEHOST COMMUNICATION FAIL

Outages do occur at webhosts…they just do. But why so many unknowns and a clear reluctance to be transparent? Because Bluehost has failed dramatically at THE MOST BASIC customer relations item: communicating with customers about why something isn’t working as promised. Rather than have a status page at Bluehost.com that either has status updates on it or embeds their Twitter and Facebook feeds, they ask people to follow them “and check our Twitter feed and Facebook page for updates.” How incredibly bush-league.

A few cut-n-paste tweets from Bluehost Support

For hours and hours and hours they have been telling people essentially, “I dunno” which is unacceptable. Not only is this impacting an untold number of people (the tweets are numerous) this is a PR disaster and customers will undoubtedly flee. Especially those who have clients on Bluehost due to their recommendation, one that now makes those recommenders look like a bunch of clueless imbeciles.

I’ve also been evangelizing Bluehost’s new Dedicated server offering since it has been very fast and their Level III tech support access the best I’ve ever had with any host I’ve ever used. Several of my clients have purchased Dedicated servers (and yes, ALL of them pinged me about where they should go next because they are absolutely getting off Bluehost!).

From 1pm Wednesday April 16th through today, Bluehost Support can only tell customers “I dunno”

From 1pm Wednesday April 16th through today, Bluehost Support can only tell customers “I dunno”

Will I continue to evangelize? Nope. I might have cut Bluehost some slack IF they had been communicative. I may continue to evangelize IF Bluehost provides recompense for my server downtime and IF they provide a plan on how NOT to repeat a fiasco like this in the future. If they say or do nothing I’ll take my business and that of my clients elsewhere.

But here is what caused the outage.

Read More