The team of scientists and engineers that came out last year with the wildly successful end-to-end encrypted email service, ProtonMail, has now officially made public their new highly secure (and very fast!) virtual private network (VPN) called ProtonVPN.
As a ProtonMail user I’ve been incredibly pleased with the service and its security and this morning I signed up for their newest offering, ProtonVPN. I did so mainly because of the features, but also because it’s from a company I trust and, as a beta user, found it to be fast, robust, secure, and rock-solid.
I’m also stunned by how quickly they’ve nailed the key features needed in both email and VPN to keep us private and secure. A big plus also is that the company, Proton Technologies AG, is based in Switzerland, a country whose laws favor privacy, security and non-disclosure which is the perfect place to headquarter the firm:
“ProtonMail was founded in 2013 by scientists who met at CERN and were drawn together by a shared vision of a more secure and private Internet. Since then, ProtonMail has evolved into a global effort to protect civil liberties and build a more secure Internet, with team members also hailing from Caltech, Harvard, ETH Zurich and many other research institutions.
Today, we help our community of millions of users secure their private data online. More than 10,000 supporters have assisted us in this mission by donating to make this project possible. Thanks to your support, we are continuing to develop state of the art email privacy and security technology from our home base of Geneva, Switzerland.”
ProtonVPN has several key features that are a bit geeky, but have turned my head as someone who is deep in to cyber security:
- Secure Core: This architecture gives their secure VPN service the unique ability to defend against network based attacks. Secure Core protects your connection by routing your traffic through multiple servers before leaving our network. This means an advanced adversary who can monitor the network traffic at the exit server will not be able to discover the true IP address of ProtonVPN users, nor match browsing activity to that IP.
- Strong Encryption: All your network traffic is encrypted with AES-256, key exchange is done with 2048-bit RSA, and HMAC with SHA256 is used for message authentication which means it is VERY secure.
- Forward Secrecy: The encryption cipher suites they use only include ones that have Perfect Forward Secrecy. This means that your encrypted traffic cannot be captured and decrypted later if the encryption key from a subsequent session gets compromised. With each connection, ProtonVPN generates a new encryption key, so a key is never used for more than one session.
- Strong Protocols: They exclusively use VPN protocols which are known to be secure (OpenVPN and IKEv2). Though I’m not a cryptographer, every one that is whom I follow online swears by both of those protocols which have been examined and certified secure by top cryptographers all over the world.
- Physical Security: The company has gone to extreme lengths to protect ProtonVPN’s Secure Core servers to ensure their security. Critical infrastructure in Switzerland is located in a former Swiss army fallout shelter 1000 meters below the surface. Similarly, our Iceland infrastructure resides in a secure former military base. Our servers in Sweden are also located in an underground datacenter. By shipping our own equipment to these locations, we ensure that our servers are also secure at the hardware level.
Other Key Features Include:
- Open Source: Goes without saying that their transparency level is very high and having their software reliant on open source software examination and certification is a big selling point for any of us.
- No Logs Kept: Under Swiss law they don’t have to keep them so they do not.
- DNS Leak Protection: They ensure that your browsing activity cannot be exposed by leaks from domain name service (DNS) queries.
- Kill Switch: Their desktop and mobile applications come with a built-in Kill Switch feature which will block all network connections in the event that the connection with the VPN server is lost.
- Tor VPN: ProtonVPN comes with Tor support built-in. Through their selected Tor servers, you can route all your traffic through the Tor anonymity network and also access dark web sites. This provides a convenient way to access Onion sites with just a single click.
Take a look at their pricing page. They have a free offering (which is currently shutdown due to the overwhelming response and signups this week) and I signed up for the “PLUS” level today since, as a current ProtonMail user, I got a bit of a larger discount on both ProtonMail and ProtonVPN as a bundle.
I need to end with this: I’ve analyzed more than a dozen of the top VPN providers and previously chose Private Internet Access (which I still have active since I’m paid through April of 2018) and, especially for the non-geeks out there, it’s still the easiest to use, they keep no logs, have the most data centers, and still has my strong recommendation.
But if you’re extra-serious about your VPN — or have specific needs to be highly secure when online — I’d absolutely recommend you immediately go and signup for ProtonVPN.
It was a dark and stormy evening as I walked the aisles at our local Eden Prairie, MN Costco store. Imagine my delight at discovering a display selling a Lexar 512GB solid state drive (SSD) for only $124.99! Not only was this an unheard-of price for such a tiny little drive with a big capacity, the next-closest competitor last week was Samsung’s T3 500GB for close to $200 (available here at Amazon for $197.99).
When I got home I immediately tried it out and experienced the amazing write-speeds from my SSD iMac to this external SSD (44GBs transferred in just over 4 minutes). My wife took one look at it and said, “I want one!” so I went back the next day to buy one and they were all gone (and there were at least 50 available when I bought mine the night before).
“No worries,” I thought. Figuring I’d find them online I searched and searched and searched. The only place I could find them were on eBay from some miscellaneous seller with lukewarm reviews (at a higher price too) and I’m not about to do that.
This is the smallest, high capacity external SSD drive I’ve seen yet.
Unable to find any of these drives anywhere but eBay, I finally tweeted to @LexarMemory to see if they could solve the mystery of these apparently unavailable SSDs and point me in a direction where I could buy one:
@sborsch He Steve,
Currently we’ve only released a limited number onto the market. Please contact TS for more info.https://t.co/PqNUmD9uYX
— Lexar (@LexarMemory) April 4, 2017
I connected with tech support and essentially received an “Um…I dunno” but a bit more information was revealed about these SSDs being available “in a limited number of stores.” With my experience working as a manufacturer’s rep in consumer electronics in the late 70s and 80s, it is highly likely that this SSD’s Costco appearance was a dry-run to see how this drive, at this price-point, would sell.
Based on how quickly these drives sold out this test was most certainly a success. That said, I’d strongly suggest that LexarMemory get a move-on rolling these drives out at retail since Western Digital just announced this tiny SSD drive (in three capacities: 256GB; 512GB; and 1TB) and they are a much more recognizable hard drive brand than Lexar.
Here is how to acquire a perfectly good technology, Skype, and morph it into such a horrendously bad user interface (UI) kludge as to make it a running joke in tech circles. Virtually everyone I know is quitting Skype and is using an alternative*.
I’ve used Skype for over ten years. The Windows and Mac versions were never the same, but they were both standalone clients and it was relatively easy for me (on a Mac) to coach someone (on Windows) on how to use the platform and I frequently used it for collaboration. Not anymore!
The UI on Mac, Windows, iOS, Android, the Web and now this God-awful-excuse-for-meetings, Skype Meetings, are each different and seem to change frequently. The only way for someone to coach someone through getting set up and using Skype in any form is to actually have that version (and device) in front of them. Otherwise it’s basically impossible to tell someone what to do and what to click to get the thing to work (or do something simple like screensharing).
If you don’t believe me, click on these screenshots from Google images showing the explosion of UIs for Skype:
Don’t believe me that it is hard to coach someone on how to use Skype? Windows has standalone clients (XP, 7, 8) and Metro UI in 8.1 and the new Win10 version, but ALL OF THEM ARE DIFFERENT so try telling a friend, family member or colleague the process of setting up their audio input and speakers and then sharing their screen with you. Go ahead….I’ll wait.
Oh…you couldn’t do it, heh? Then try finding and sending them a URL for their particular version. Oh….there are at least half a dozen places on the Skype site to find how-to information so that doesn’t make it any easier.
My guess is that Skype Meetings is supposed to change all of that by leveraging Skype’s audio, video and screensharing in to a single platform. If my experience trying to get setup today is any indication, THAT certainly won’t happen!
Apple announced the new iPad Pro 9.7″ and looking over its tech specs I knew I had to order one…and did right away….and it arrived March 31st. I’ve now used it daily for over a month and the “wow” factor has died down somewhat, so today seemed like the perfect one to jot down my impressions.
Why My iPad Pro 9.7″ is Perfect
OK. Perfect might be too strong a word since there really isn’t such a thing in technology. Devices and tech overall is a continuum and the moment you buy something that sinking feeling that, “…if I’d only waited until…” comes over you as you realize the next iteration of it will be better, cheaper and faster.
For me, the reason I’d use a superlative like “perfect” is because it is so much better than any other iPad I’ve used before. It’s very fast; best battery life ever; the screen, and Apple’s True Tone display technology, is stunning; and when paired with the Apple Pencil it finally lets me take notes like I was writing on paper without all the futzing around making sure my wrist wasn’t leaving digital ink marks all over the page.
Seriously. That note taking capability is my killer-feature. It is something I’ve wanted to be amazing and perfect from day-one with iPad but it was not. Handwriting sure is now though! There are several note-taking apps I use but have settled on these three and each has their one defining feature for me:
1) Notes Plus: Has built-in character recognition that’s pretty good if your handwriting is legible (I print vs. cursive so it works great)
2) Noteshelf: Numerous features I love and use often like Dropbox backup, but the stationary (in-app purchases) templates are remarkably useful
3) Microsoft OneNote: The handwriting is under “Draw” so is really for sketching (no character recognition) but I use OneNote for organizing so many aspects of our three businesses (as well as my many side projects) that I like having it work well on iPad and the Draw capability is a bonus.
But Steve, Can iPad Pro Improve?
Like I said above, the next version will be better, faster and probably the same price instead of ‘cheaper’, but it’s likely I’ll have this one for at least two years. Especially since I spent over $1,000 on it and accessories (gulp) and I don’t use it as a primary computing device anyway due to its limitations.
Where I think the big value will lie is with removing more of those limitations within iOS itself. As you know if you’re an iPhone or iPad user already, there are inherent security model aspects to iOS that are quite stringent when it comes to apps sharing data with one another (i.e., you cannot). Because of those security concerns, almost every highly productive task I can easily perform on my iMac or Macbook Pro requires several additional steps and apps to accomplish on iPad.
Those multiple steps just make me mad and frustrated all the time and this “nearly perfect” iPad only removes a fractional amount of that frustration due to its speed. But one thing is certain: Apple will continue to improve iOS along with their devices.
Should you buy the ‘Pro’ or stick with the regular iPad? Only you can decide on what you need, but if note-taking or sketching is something you will do often then the Pro model is it. I’ve had mine for nearly six weeks now and I feel delight every time I use it…it’s that good…and I’m using it frequently throughout each day, every day.
So why not just bag Skype and use Google Hangouts instead? The issue for us using Hangouts for recording is being able to feed various audio sources into that recording and also isolate each track. With Skype and two computers (my iMac and Macbook Pro) connected to a Focusrite Scarlett 6i6 it was easy to do so AND record in real-time in Logic Pro (which really minimizes my time having to do a bunch of post-production on the audio). People were always amazed when they heard the quality we could achieve from a few people doing home recording, but we’re all geeks and know what we’re doing to achieve professional results.
Our ongoing question these last few months has been, “What the hell is going on with Skype and why does it sound like sh*t?” We suspect that it is due to Microsoft’s continual mucking around with the once-effective peer-to-peer audio routing to accommodate web and mobile calling, along with all of their other Skype-related initiatives. Here are just a few of the things they’ve rolled out in just the last couple of years:
- Skype for Computer, Mobile, Tablet, Home phones, TV and more devices
- Skype for Web
- Skype TX for Media Companies
- Skype for Business (replacing Microsoft Linc)
- Project Rigel (merging Skype with Surface Pro)
While none of that explains what has happened to the audio quality in peer-to-peer group calls, perhaps it’s no surprise that the computer-based desktop client—or Skype’s underlying, and formerly great, SILK-codec‘s audio quality—has taken a backseat to just entering a bunch of new markets and supporting a bunch of devices?
Or maybe they’ve widened the ‘backdoor’ for the NSA? Whatever the reason we’re intending to quit Skype forever because the quality of the audio is what matters to us and to our listeners! It’s just so bad that we are unwilling to continue wrestling with Skype.
What’s your experience?
I just sent them my rebuttal and I reprint it below with the StarTribune’s paragraphs in italics and green. Also, since the StarTribune apparently did little-to-no research, I’ve provided them with helpful links.
Curiously the StarTribune changed the linkbait-like editorial title in the online version by toning it down, perhaps realizing that characterizing it as “Apple defies order” is wrong: National security is at stake in Apple’s faceoff with feds.
U.S. security at stake as Apple defies order
Apple Inc., the world’s largest info-tech company, now stands in defiance of a federal court order, saying it will fight attempts to force it to help the FBI crack the iPhone of a San Bernardino terrorist involved in a major attack on U.S. soil that left 14 dead and 22 injured. Apple says the government is overreaching and would be setting a dangerous precedent.
The company is wrong on both counts, but the world of encrypted information is a complex one. It is worthwhile to proceed carefully, because this could prove to be a critical showdown in the growing clash between privacy and national security.
Your editorial, “U.S. security at stake as Apple defies order” was one of the most stunningly naive positions I’ve read yet when it comes to the controversy over Apple’s stand on weakening the encryption of one, single iPhone. A weakening that would instantly open a Pandora’s box of cyber threat problems of which you are obviously clueless and seemingly dismissed out-of-hand.
First, it should be noted that the government negotiated for two months with Apple executives. When those talks fell apart, Justice Department officials turned to a federal judge, who ordered the company to create a way to bypass the security feature on the phone. The FBI had obtained a warrant to search the phone and, not incidentally, the consent of the employer that had issued the phone to Syed Rizwah Farook.
First off, it should be noted that the FBI permitted San Bernardino officials to change the password on the terrorist’s iCloud account (rebutted by FBI, now blaming official) and only then, obviously realizing their mistake, requested Apple’s help. Had they not done so Apple has stated publicly it would have been possible to obtain the shooter’s iCloud backup data. Since this mistake was made, the FBI then negotiated with Apple to recover what they could. Discovering that doing so was not possible, and subsequently failing in convincing Apple to create software to weaken iOS (the operating system that controls the iPhone and iPad) so they could break into the device without having it ‘wiped’ by its ten password attempt limit, the FBI then obtained a court order hoping to force Apple to create a method to do so.
Apple has complied with what Justice officials characterize as “a significant number” of government requests in the past, including unlocking individual phones. Apple CEO Tim Cook has become increasingly concerned about customer privacy, particularly after 2013 revelations by whistleblower Edward Snowden about massive government surveillance operations. The company has continued to tighten its security systems and decided to no longer maintain a way into individual phones. Farook’s iPhone 5c was among those with a 10-tries-and-wipe feature that essentially turns it into a brick if too many false passwords are entered. Newer operating systems employ ever-more-sophisticated security features.
The government’s authority to get private information, such as texts, photos and other stored data, through a warrant is not at issue. The key here is whether the government can compel a private company to create a means of access that the company contends will weaken its premier product.
Cook maintains that creating a “master key” to disable security on Farook’s phone ultimately would jeopardize every iPhone. With more than 100 million in use across the country, that is no small threat. There are, however, technology experts who say Apple could create a bypass — allowing for what’s called a brute force hack — without affecting other phones.
With respect to your position on Apple’s creating this sort of “bypass” for this single iPhone, all while acknowledging this is not a “small threat” for the 100 million iPhones already in existence, you then opined, “There are, however, technology experts who say Apple could create a bypass” “without affecting other phones.” This is your supposed justification for minimizing the threat of putting in a backdoor (or what you euphemistically characterize as a “bypass”) for those 100 million+ iPhones already in existence? Who are these so-called “experts” anyway?
Are you growing weary of having to constantly upgrade your technology? Me too, except for things I use all the time like my iPhone, computers, Wifi routers and items like those.
But upgrading home theater components is usually not top-of-mind when it comes to getting new gear. Even though we have a big Samsung TV, a phenomenal speaker system and devices like a TiVo, new AppleTV and Roku, my fairly expensive Yamaha receiver had not been upgraded for about five years. Still, it was good enough, or so I thought.
My head was turned by a hot price on the Pioneer Elite series VSX-90 receiver and I told my buddy Eric about it. Though it had a few more features than its little brother the VSX-45—and I know the Pioneer Elite series well since I used to work for the company in the early 90s—I didn’t need those additional features in the 90.
I’d told Eric since he also needed to upgrade two of his receivers. He did need some of those extra features, and he’d gone shopping at Best Buy. He purchased two of the VSX-45’s at a rock-bottom Best Buy sale price of $249 (now it is back up to $449.98) and had decided to take one of them back and get one VSX-90. So he called me and offered it to me at the same price so I bought the VSX-45 from him since the sale was off.
Why am I telling you this tale of receiver upgrading? Because your TV and movie watching experience—regardless of how good your TV is or your streaming box—will be A LOT better if your audio isn’t mediocre. If it is mediocre it will negatively impact your entire experience!
Did you know you are NOT able to stop the slide up “Please turn on Notifications” nag from the Facebook Messenger app?
Last night at nearly 11pm, I was already fast asleep when a Facebook Messenger group message came in. A family member in Seattle sent out a group message to a bunch of we cousins and I was startled awake. Then two people replied until I then realized all 10 of us on the group message would probably start replying! I then messaged everyone to please respect time zones and only group message in the early evening. No one else messaged after that.
I then turned off Notifcations and went back to sleep.
Early this morning I launched the app to see how to permanently stop this nag from sliding up after I’d turned off Notifications for Messenger. It didn’t work. Then I turned on Notifications and selected “None”. The slide up nag continued to come up every single time I launched the app.
So I searched Google for ways in which to stop this slide up nag since I am NOT going to turn on Notifications. Guess what? It cannot be defeated.
You may ask, “Why don’t you just delete the app you big baby?” I would, but both my wife’s side of the family and mine use Messenger to communicate with everyone. That is the ONLY reason I have the app, even though I’m getting very, very close to deleting my Facebook account forever and saying ‘good riddance’ to Messenger.
Facebook really, really wants people to use Messenger since, by default, location tracking is turned on so they can help advertisers pinpoint and market to you geographically. In fact, TechCrunch published this post, “Facebook Messenger Wants To BE Your Phone Number With New Message Requests” which points out what the “payoff” is for a company to give a free app like this away (and remember the old adage that if you’re not paying for a product, then by default you are the product:
Facebook is already experimenting with ways to let you receive customer service, attain a quote on home repair, or contact Page admins via Messenger. And there’s already a payment system built into Messenger. Imagine one day getting a Message Request from a business you’ve interacted with, then being able to receive important updates or even buy things from them right from chat.
This is Facebook’s long-term motivation and why their messages-removal-on-mobile was set to MAKE you use their Messenger app and the slide up nag—coming up every single time you launch the app—is designed to FORCE you to turn on Notifications.
No thanks Facebook. Stop the nag or my (and many other’s) disgust with your business practices will continue to grow toward hate. Here is the Facebook page where you can give them feedback if you hate this too.
Everyone’s favorite file syncing service, Dropbox, just announced one of the simplest, most powerful file uploading capability I’ve seen yet. So simple that anyone with a Dropbox account (except a Business one…that’s coming soon) can create a request, and the person (or multiple people) they send that request to can upload files, each up to 2GBs in size*.
Providing access to your files in Dropbox to another person or persons is already simple. You can copy a shared link to that file and email it to someone. Couldn’t be easier. But enabling others to send you files has always been very difficult.
At my companies, it turns out that many people at our clients don’t have Dropbox (or Box) or are unable to use it due to corporate security policies that disallow the use of third party file sharing services. Asking someone to set up a file upload-and-email service sounds good, but if they have to send you either one huge file (like a video) or multiple files (e.g., compressed in to a Zip file) then they will likely have to buy a subscription to that service in order to be able to send it to you.
I know, I know…when someone gets after you for not backing up your computer, it sort of feels like Mom is badgering you to brush your teeth and wash your hands, right?
Mom was right. Clean teeth are happy teeth and don’t you DARE touch anything with those filthy hands! If your Mom had included data backup in her admonishments to you, she would have been right about that too.
When it comes to backing up your personal computer—you know, the one that contains all your digital photos, videos, music, important files and more—you probably think to yourself, “I’ll do it soon” or “Maybe I’ll use a cloud backup service someday” or “I have a solid state drive and, um, they don’t crash?” Unfortunately your best intentions, procrastination, laziness or nonchalant attitude won’t save those ONLY COPIES of precious baby photos, images from your wedding, videos of a family vacation, or those critically important, now-digital documents you’ve already shredded, when your hard drive crashes and can’t be recovered.
You have four options when it comes to backing up your one-and-only copy of a digital file:
- Buy a cheap drive and backup to it. Cheap drives don’t last long and aren’t that durable. I’ve had several go bad on me over the last 10-20 years.
- Backup to the cloud with a service like Crashplan (UPDATE: No longer a consumer-focused backup solution, but instead focused on small business starting at $10/month). If you have multiple terabytes of data, however, it could take weeks to backup (and use a lot of your internet bandwidth) or you’ll be sent a big drive and you’ll have to backup to it and then ship it to the cloud service (to get a headstart on future backups and save both you, and the cloud backup service, a lot of bandwidth cost).
- Buy an ioSafe secure vault drive (more on that below).
- Do nothing and hope your computer’s drive never crashes, a power surge or brownout doesn’t fry the drive, your house doesn’t start on fire, or some burglar doesn’t come in and take your computer and its files for a joy ride in his stolen car.
Option #4 is like not having homeowner’s, auto, or health insurance. You may never need any of them, but if you do and aren’t insured, you’ll likely lose big or lose everything.