Updates from August, 2019 Toggle Comment Threads | Keyboard Shortcuts

  • Old Guy Student 11:40 pm on August 3, 2019 Permalink | Reply
    Tags: , hacking, help desk, Micro USB, nerd, OTG, , technology, USA type C   

    Hacking Android 

    There are a lot if cool things that can be done with Android devices, but only if you have the right tools and software. The most necessary tool for Android users who’s device has a Mini or Micro SD charging port is an OTG or On The Go Adapter which is a special adapter that grounds a pin on the male Micro SD connector and provides a full sized female SUN connector on the other end. The shorted pin alerts the phone that this is an ORG adapter and then Android can treat it just like a Windows pc treats a USB port. This can open a whole host, pun intended, of new opportunities for cool things you can connect to your phone or tablet. Almost any SUN device that doesn’t require a lot of power like thumb drives, card readers, keyboards, mice and wired and wireless network adapters just to name a few. Hard drives won’t work because they usually require too much power, although solid state drives may work and function perfectly fine. For me, the three most common uses are a card reader, thumb drives and wireless keyboard and mouse combinations. You can also use a USB hub to connect multiple devices and a powered hub could in theory, allow you to use an external USB hard disk.

    USB Type C connectors also have an adapter, but it’s just a standard adapter because the industry standard supports bidirectional connection of devices, meaning its built in to the connector design. With Micro USB, it’s a hack that was added on over 10 years ago and has to be built in to the device by the manufacturer and the support included in the version if Android installed on the device. Unfortunately, not all device manufacturers implement it or implement it properly.

    There are a lot if Android devices with type C ports that aren’t real type C ports, which are supposed to use the USB 3.1 standard, actually only use the USB 2.1 standard and use the connector to better support Qualcomm’s Quick Charge standard for fast charging which violates all of the USB standards for power and charging. These ports, mainly on ATE phones, usually do not support OTG or USB Host mode. Although sometimes apps and custom to me can fix the problem. Having never tried doing this, I’m unsure which connector you would use.

    I have seen the type C adapter as a cable instead of just an adapter sold at Target, Wal-Mart, Office Depot and Staples for around twenty dollars. That’s an insane price and I would advise looking on Amazon or EBay where you can find both the adapters and cables for five dollars or less. You can also find cables that will let you charge while using the ORG adapter and cables that will charge and have multiple OTG ports that can be used simultaneously for ten dollars or less. The same is true for type C connectors as well.

    I wrote this article because a bunch of my nerdy friends had never heard of such a thing and were unaware they existed. They marvelled at my San Disk thumb drives that have a male Micro USB connector on one end and a full sized male USB connector on the other allowing instant connection to either type port but require a type C connector to connect to a type C port. You can also get an adapter to connect to the iPhone/iPad charging port.

    So if this helps you, or you would like to see more posts like this, like this post and leave me a comment below. If you have some sort of a technical question you might like answered leave that in your comment and I will see what I can do. I have a thirty year career of doing third level help desk support in the corporate world and there isn’t much I can’t fix or understand enough to help you.

     
  • Old Guy Student 9:42 pm on April 3, 2018 Permalink | Reply
    Tags: #moto #motorola #verizon #droid #motozforcedroid #motoz #motomod #motozforce #smartphone #android #photography #instagram #nerd #technology #news #oldreviews #dabblingintechblogging   

    MotoMod: Mophie Juice-Pack 

    My daily beater smartphone is the Moto Z Force Droid a Verizon Wireless Exclusive and was Motorola Mobility / Lenovo’s flagship device from 2016 that they updated to a Model 2 last year. They are a modular phone that allows you to use add-on accessories that connect to the device via magnets and contacts on the back of the device. They can be anything from amplified speakers to a game controller. This makes this a truly amazing device.

    The device comes with a 3500mAh battery which Motorola claims will last for about 40 hours but I use mine so frequently and take so many pictures that it doesn’t last that long. Thankfully it has a USB-C type connector and supports Power Delivery, an industry standard high speed charging variant instead of the proprietary Quick Charge variant which is owned by Qualcomm. This allows you to get about 15 hours worth of standby and mixed use in five minutes of charging and a complete charge in about 45 minutes using the correct cables and charging devices. Sometimes finding an outlet can be difficult and there are Moto Mod battery packs and I own the Mophie Juice-Pack Moto Mod and it has two options, one where it perpetually charges the internal battery and another where it tops of the internal battery and then the remaining battery life is used to keep the battery at 80% capacity and power the device.

    This second mode provides an sufficiently longer battery life than the first one. It has a 3150mAh battery and you can use Power Delivery to quick charge the battery pack separately or while it is attached to your device. If you start with both batteries being full, it will almost double your battery life using the efficiency mode I mentioned above. This will give me all day use with screen on and then standby all night and I will still have significant battery in my device the next morning. If you need a device with this much battery life frequently, then this device and mod are for you because you can remove the battery pack and this significantly reduced the thickness and weight of the device.

     
    • slartyblog 8:26 am on April 4, 2018 Permalink | Reply

      40 hour battery life! Wow! Like; I can’t even relate, man!

      Like

      • Old Guy Student 7:38 pm on April 4, 2018 Permalink | Reply

        I have always used an excessive seeming amount of battery and have in the past had two external battery chargers and two extra batteries to get me through a day on campus with lots of picture taking and social networking.

        This means I don’t have to charge nearly as often and I can keep going when others are tied to a power source.

        Like

  • Old Guy Student 5:57 pm on July 24, 2016 Permalink | Reply  

    Cyanogen Mod & Pure Android, Why? 

    So last summer, I purchased a ZTE Zmax when my phone was stolen as it had a great recommendation from a nerdy friend in my speech class.  My first six months of ownership were amazing and I was extremely happy with the device except I desired root access which wasn’t available.  Somewhere along the way, I installed an application that was a system optimizer and it ran and munged things up.  Then I found root and just waited for the time to wipe and reinstall.  This day arrived on Thursday and I started by rooting and installing a custom recovery partition.  Then I found an ADB command to turn off the write protection in the boot loader thus making the system partition writeable when booting a custom ROM.  Next I downloaded nandroid backups of the factory ROMs for this device and placed them all on the SD card.

    Meanwhile, I had already used the recovery program to factory reset the phone and had installed and added most of the APPs that I regularly use.  I made a nandroid backup before I wiped and then again once I had everything perfect.  I then proceeded to install the CM 31.1 nightly that I found on an Android Nerd Website, Android Authority, I think.  There is that moment when you flash a ROM and reboot when it’s finished and your heart seems to stop beating as the boot-up process begins.  I find myself holding my breath until I see the Android desktop.  Everything seemed to work fine and I immediately set about flashing the proper Gapps from Open Gapps.  There are multiple packages based on what you want to install and I screwed up multiple times which meant I had to re-flash the ROM to ensure it was all installed properly. 

    Somehow, the permissions did not get set properly and that seemed to be a habitual problem as a total re-flash didn’t fix the problem. So, with the help of Google and the million member Android Army, which is where I found all of the information to do everything I have described here, I slowly found out how to resolve each pop-up error about a Google service failing that prevented me from using the device or doing anything else but clicking on the OK button.  There was a video on YouTube of another user with the same problem on another device and his fix was to painstakingly fight to bring up the Android Settings and then Applications and then locate each offending application and give the proper permissions.  Needless to say, this took a while and when I was done, Android 6.0 is so much nicer then the 4.4.4-Kit-Kat that I had been using that it was rewarding to have successfully fixed the permission issue even though it was frustrating.

    Everything seemed to work but the LTE wireless data and the 3G and 2G data seemed spotty at best as did cellular calling.  Remember I did most of my setup over Starbucks Wi-Fi and my home Wi-Fi and not Carrier data.  Googling the issue indicated the problem stemmed from the Radio ROM I was using so, I downloaded the correct radio.  Further research indicated it was more then just the radio, so I downloaded a ROM that flashed all of the necessary changes to make the radios work properly with CyanogenMod and AOSP based ROMs.  On first reboot everything appeared to work as I wanted.

    Now, it may sound like all of this was trivial, it wasn’t and required a significant investment of time to read forum posts and get to the correct solutions.  Then add in my relative n00b status in Android hacking and the time compounds exponentially.  My Google contacts weren’t syncing and that took a bit of time and effort to get working properly.  Then add to that the problem didn’t go away until I rebooted my device and only then did everything seem to work properly.  Flashing the proper modem files was a nightmare as every copy failed the signature check and only through Google did I find that this was because they couldn’t be signed.  Turned off the signature check and crossed my fingers and flashed.  When it rebooted and appeared to resolve the problems, I took a deep breath.

    So, why did I do this?  I like the idea of a pure Android phone and my next device will be as close to pure Android as possible because that increases the likelihood of frequent updates and almost guaranteed compatibility with the next version of Android.  Nexus devices are pure Android with the addition of Google’s applications for accessing their services.  Motorola offers a purer version as well and ultimately even if the manufacturer doesn’t make an update available, as I have shown with the ZTE Z-Max, the community will step in and do it on it’s own.

    Updates are important and Apple has one of the next track records in this regard, with ensuring that older devices receive updates for a guaranteed period of time and security patches for even longer.  I bought a phone for my wife from Motorola back around the time of the first Galaxy Note, the N-7000 and it never got an updated that I could find even though it was a business class device with a fingerprint reader.  We just recently replaced it with a Blu device purchased from Best Buy because she had a gift card.  Her Motorola device was acting peculiar because of the heat and most of the developers had stopped supporting her version of Android including her browser.  So, she had to upgrade to continue to use the device for anything more then a dumb phone with an iPod built on.

    This is scary on multiple levels because it forces people to upgrade in order to continue using the device the same way they always have.  It is also scary because there have been major security flaws in Android that have been discovered that were never patched.  Imagine if a defect was found in a modern car and the manufacturer didn’t issue a recall or tell anyone who had purchased one from then new?  When it was discovered, there would be a Senate enquiry to find out the details of who, what, when, where, how and why.  This is becoming more of an issue as more and more personal data is contained on devices and users begin to use them for more and more purposes in their daily lives.

    Now that everything is working properly, I am going to slowly begin blogging about each application I install and use regularly along with why I use them.  I am doing this as a guide for some of my friends who are less technical, to help them be able to make the move from a proprietary version of Android like that produced by Samsung or HTC where their overlays often delay and or prevent the release of updates for devices.  One of my primary functions is to show how security can be implemented in a manner that adds to and enhances the existing security.

     
  • Old Guy Student 6:28 pm on October 20, 2013 Permalink | Reply
    Tags: , n7000, , , usb flex cable   

    Cell Phone Repairs 

    So I had to repair my N7000 and the idea of using these tools to replace that board inside of my device was a bit intimidating.

    CameraZOOM-20131020103622204

    But I did it and I am kind of proud of myself. Smile It only took about 10 minutes of time total and everything seemed to work flawlessly.  Go me!

     
  • Old Guy Student 6:10 pm on October 20, 2013 Permalink | Reply  

    Samsung N-7000 Repair 

    When the original Samsung Galaxy Note N-7000 was released in 2011, I acquired one from someone locally who had paid to have it shipped from India.  This is not a problem if you do not have any issues with the device requiring warranty repair since obtaining it requires that the device be shipped back to that region for repair.  This issue reared its head about 6 months in to owning it when the device began to act funny:  it would act like I was plugging in and unplugging a MicroUSB cable.  It would make the same noise and change the battery icon on the status bar to one indicating that the device was charging,.

    An exhaustive search of the Internet and the XDA-Developers Forum for the N-7000 indicated that it was related to a bad component on the USB Charging board.  Since the problem seemed to rectify itself, I put it out of my mind until it started doing it again.  It seemed to do it regularly when the temperature got warmer but would rectify itself eventually so I just ignored it.  Then when school started, it began doing it again but this time, it would not let me turn on the phone unless it was plugged in to power and it did not go away.  So I searched YouTube and found a video showing how to replace the defective board:

    The video made it look truly easy with the tools used.  So I then began searching E-Bay and found the perfect set of tools shipped on the slow boat from China for $2.99.

    So I then ordered the tools, because at this price they would come in handy for a multitude of tasks.  I then searched for and found the board for $5.09 plus $.99 shipping on the same slow boat from China.  So, I of course, ordered this as well.

    The screwdrivers arrived last week and the board arrived this week.  I had been nervous about doing it, afraid that I would somehow frack it worse then it already was and I was not planning on doing it today anyway.  Except that I sat down and I thought about what I had learned in the management class, about not being afraid of failing.  So I prepared myself to accept my failures and put them right up alongside of my successes and achievements.

    I am glad that I did take the time to do this, since I now have a completely functional device and the total repair time took less then 10 minutes in total and was just as easy, if not easier then the video showed.  The only issue was that I dropped a screw on the floor, but found it almost immediately.  I then thought I had lost a screw and just when I had given up and decided to accept its loss, I found it.  So all in all an easy repair.  This is the power of User Forums and your fellow device enthusiasts on the internet, because chances are, someone, somewhere has had the same issue as you and they figured out how to fix it or work around it.

     
  • Old Guy Student 3:13 pm on October 15, 2012 Permalink | Reply  

    New Facebook Attack 

    So, I was looking at my stream on Facebook and came across a post by someone I trust that looked like this:

    image

    The subject matter and the title by my friend was a clue, so I clicked the link.  The page that appears is this:

    image

    If you look closely, the Submit button is drawn over the original Facebook button that allows you to use your Facebook credentials to login to a website.  By clicking submit, the same link above will be posted to your wall and the ‘Hacker’ will have access to your Facebook account.  Every one of your friends who clicks and does the same thing will perpetuate this scenario.  Pass this around so that we can stop this from spreading.

    If this happened to you, change your password and look in your Facebook security settings and remove any unknown apps and websites that have access to your account.

     
  • Old Guy Student 10:37 am on October 10, 2012 Permalink | Reply  

    FBI Virus 

    So, there is a new creative Malware circulating throughout the US and world.  It is called the FBI Virus and when it infects your computer it displays the following screen:

     

    IMAG0462a

     

    This screen prevents you from doing anything with your PC except entering payment information.  Since this is NOT a real message from the FBI or any law enforcement agency and there is a simple fix.  Download ComboFix, Install it.  Reboot the PC in to safe mode and run Combo Fix.  Allow it to scan and clean everything it finds.  Then update your antivirus and other malware software and allow them to perform a full system scan.  This is the easiest and most direct way of getting rid of this Nag Screen, which will not go away or allow you to do anything else until you do.  Also, there is no guarantee that paying the fee will get rid of the issue and that it wont just keep popping up randomly and demand money.

     
  • Old Guy Student 10:41 pm on September 19, 2012 Permalink | Reply  

    Keeping Your Data Secure 

    Now, I do not do much with my phone that I am worried about.  I also am not paranoid about people invading my home to find what nefarious acts that I am doing on my computer or my phone.  That being said, I do not want someone to access the information on my phone without permission.  I have always had a pin code or now a pattern lock on my phone.  The new Atrix that I purchased for my wife so that we can switch from Sprint has a Fingerprint Reader and I have encouraged her to use it.  What does kind of make me nervous is the fact that the court has ruled that Police can take your cell phone during a routine traffic stop and look through it without a warrant.  Sure, right now it is only in Florida but the way our legal system works, it could easily be used as the basis for a ruling in other states.   This is even scarier when you add to it that Michigan Police have a device that can copy all of the information on your phone, including deleted information in less then a minute.  Why does this scare me?  Let’s say for instance, your child is in the bubble bath and just gave themselves a soapy Mohawk and are not showing anything but the minute before you snap the picture they stand up exposing themselves to you and the camera.  You delete the photo and think it is gone forever and they find it, technically in the eyes of the law it is child pornography.  The police will charge you with possession of child pornography and more then likely it will make it in to the news papers because it is sensational.  Even if you are later found innocent of the charges, that court decision will not receive the publicity or the front page status like your arrest and the damage will be done.  Not to mention those risqué pictures you took of the two girls in your ultimate fantasy threesome.

    The other reason you should worry about this is if you use those free charging stations in airports, ever because they can do pretty much the same thing as that device mentioned above or worse because there are ways to potentially put information on your device without your knowledge like viruses and hidden applications.  People may say it is not possible, and I used to think it was impossible to infect a Windows PC just by connecting to the Internet and then someone figured out how to do it.   So just because it seems impossible does not mean that it really is or will always be so.  We used to think that our government didn’t kidnap random people from around the world, regardless of reason, take them to a not so secret, secret military base in Cuba to torture them with enhanced interrogation techniques.  Then we found out that they did it quite regularly and also wanted to be able to do it to citizens too.  But I digress.

    So how do you prevent this from happening?  Android devices have the ability to disable the USB port for anything other then charging.  I am going to show you how to do it with the two most popular brands of Cell Phones, Samsung and HTC.  HTC is easy, this screenshot is from the HTC Sensation, go to Settings and USB and the screen looks like this:

    1348118112694 (1)

    So uncheck the Ask me option and set the Default connection to charge only.  You will have to change this each time you wish to copy things to or from the phone.  If you want you can check the Ask Me and the default to Charge Only, this will let you change it on the fly when you connect it to your computer.

    Next you will want to go to the Security settings and enable a screen lock.  The most secure is a pin code, but the pattern lock is secure enough that the FBI asked Google for a back door, which they said was not possible, publically.  In that regard it does not matter which you use if there is a back door around it.  Once this is done, your device is pretty safe from the scanners listed above.  This screen shot is from my Samsung Galaxy Note:

    Screenshot_2012-09-19-22-22-10

    As you can see I have enabled the Pattern Lock and the pattern is visible.  As I said, I know that nothing will stop everyone so I am primarily concerned about deterring the less determined people.  I usually turn it off to be honest and have just left it on since I only use it as a tablet right now until I port my number from Sprint.  This should be very similar to the HTC or other Android devices in how this functions.  I know it works on my Sprint Samsung Galaxy S II Epic 4g Touch, and yes that is a mouth full.

    Screenshot_2012-09-19-22-28-29

    Right now it is configured to be connected to the PC, I am running Ice Cream Sandwich and if you notice in the top Status Bar, the USB icon on the left side.  If you pull down the ‘curtain’ it will say “Connected As Media Device” or something else if you have uncheck this.  If you then click on that it will bring up this page so that you can change it on the fly.  When the first option is unchecked, the USB port only functions as a charging port.

    Finally, under Settings, Development make sure that USB Debugging is not checked.  Once this is done, your device is impervious to the device mentioned above.  There is always more you can do to secure your device and this is only the first  step.  I will add more in future articles.  Just because you have nothing to hide, doesn’t mean you shouldn’t or do not need to secure your device because in this day and age you never know what could be misinterpreted or used against you so securing your digital device is the smart thing to do.

     
    • mykl 10:49 pm on September 19, 2012 Permalink | Reply

      As always the answer is gay misfit porn and randomly encryption one meaningless data labeled the plans of the dark god
      And of course lets not forget 127 photos with date time and GPS of each h days bowel movements
      After that first stop the cops will be like. Ah no thanks I fonts want to seemy phone.

      Like

    • mykl 10:52 pm on September 19, 2012 Permalink | Reply

      Second choice Mr poatoe head parts on my penis and loads of photos on my phone…lets see the sift those images out of there collective heads

      Like

    • Cybersquire 10:52 pm on September 19, 2012 Permalink | Reply

      I actually like the idea of naming the encrypted container SavedGameData or MidgetPornHappyEndings 🙂 or DarkSideCookieRecipes except I think that might encourage people.

      Like

  • Old Guy Student 5:42 pm on August 3, 2012 Permalink | Reply  

    Loss or Theft of a Smart Device 

    
    
    
    

    When I started using a Smart Phone they were not called such, they were referred to as a PDA Phone in the beginning and then Microsoft needed to refresh their mobile operating system and coined the term Smart Phone.  I wasn’t particularly worried about loss or theft because I pin protected the device and I had insurance from my carrier, Sprint, that would replace the device after a modest deductible.  I also did not worry about my data because I had everything synced with Outlook, even text messages and call history.  This worked well for me because when a device failed or was replaced all I had to do was plug it in the USB port and away I went.

    When I got my Android tablet, I set it up so my important personal data was kept in a secure, encrypted container with a complex passcode.  So I was not worried about people accessing my data and my device was insured.  I never thought about theft because I always kept the device secure or on my person.  A couple of weeks ago, it was in my car, in my driveway and someone took it out of my car.  Needless to say I was devastated and posted on Facebook about it.  Within minutes one of my friends suggested a piece of software called Plan B  that I could install in the hopes that it would help me retrieve my missing device.  The awesome thing about Google Play is that you can login to the website and install applications on your device through the website.  So I chose to install Plan B and thus far it has not worked for me but this could mean the device has just not been connected to the internet or that someone wiped the device.  If it does connect to the internet it is supposed to email me the location when it does. 

    Google PlayIf I had not of cancelled the wireless internet on the device, it would have installed instantly and notified me of the location.  I could then use text messages to control the device.  Unfortunately when Sprint screwed over all their HTC View owners I eventually decided that $20 a month for 1gb was just too much money.  Even if I did not get ahold of the device, I carried the $15 dollar insurance package which would have replaced the device by now for a small modest fee.  Unfortunately the insurance went along with the service.  I know, sucks to be me and I just hope that all the fleas from all the camels in Saudi Arabia infest the person who took it’s underwear so that it gives new meaning to Jock Itch.  While I know anyone could have done it, I am leaning more towards a male as this was a very bold theft.  But I digress.

    For my Cell Phone I have installed a program from Google Play called Prey and this program will allow you to do some awesome things with your device remotely should it become misplaced or misappropriated.  I will let you know after I have had some time to play with it if it is a viable option or not.  There are quite a few applications like this on the market and I always try and use the open source products first since this allows others to fix the bugs or take over development should the current developers decide against further development or they get a real life. Smile

    So I recommend installing something and making sure that if you have a high end smart device that you also carry theft and damage insurance from your carrier.  A new smart device can run as high as $800 without a carrier discount and they only give them every two years so if you lose the device it will cover it.  Most carriers have it for $10-15 and a $100 deductible which over the course of a two year contract with no deductibles will set you back about $300 but isn’t that worth it knowing that if you drop it or lose it that it will be replaced?

     
  • Old Guy Student 12:51 pm on June 19, 2012 Permalink | Reply  

    Securing Your Digital Life–Introduction 

    I decided to write this series to help a friend of mine better understand how to secure herself against creepy ex-boyfriends who knew everything about her.  Since I am a network security expert, she asked me my advice and I realized that I should probably write a blog about it and never did.  While none of this is female specific, it is something that single females should do to secure themselves and their lives in the modern age.  Ever since I got involved with computers, I have always been interested in security and this probably stemmed from running a BBS at 300 baud.  As computers progressed and I moved in to the corporate IT World the focus on Data availability, integrity and security all became a focal point.  Emphasis was put on ensuring that users stored all data and documents on the server so that it could be secured and backed up.  While I was focusing on security the consumer world was introduced to windows without any security at all.  Users relished the freedom and ridiculed the lack of security.

    Most people are of the misguided belief that there is nothing of value on their computer and that they have nothing to worry about on their computers.  I am telling you to not be so sure about that and you really do not have to give up any freedom to make things a little more secure.  I am going to explain why you should adopt these practices and then how to implement them and get used to using them.  The idea is to keep you safe online and safe if someone steals your computer or smart phone.  I will use real language and terms and try and explain them in everyday terms so that you can understand what the goal is and exactly how it is accomplished.

    Around 2004 I got to see the seedier side of computer based crime that dealt with identity theft and fake documents.  Someone who had been shown the basics by someone showed them to me.  Using Photoshop he showed me the template for the new California Drivers License that would take effect in January, this being December.  He then used the webcam on the notebook to take my picture and using Photoshop placed it in the correct places and onscreen it looked like it came from the DMV.  We used all of my real information and he showed me the process to make an ID. First he printed the main layer on white paper.  Then he printed another layer on clear transparency film and then another and finally the back layer.  Each layer was cut to the precise size and then a clear epoxy was used to glue the back to the back of the base layer.  Then each subsequent layer was glued on the top.  When everything was complete it looked just like the real ID minus the gold printing.  He then took this foil paper, placed it on the top and ironed it with an iron.  When he removed the foil even the gold printing was there.  The only thing that didn’t work was the magnetic strip.

    This was an entry level setup and the IDs it made would pass all rudimentary inspection if the maker paid attention to all of the details and took their time to ensure each step was perfect.  I can only imagine what an artist with even more tools could accomplish in the same time.  That being said, this made me realize how easy identity theft really is and  that is the first area I will focus on.  Ironically the same methodology used for this can also help ensure that an overly possessive boyfriend cannot snoop on you as easily either.  A girl has to have her secrets.  I have also been asked multiple times by clients over the years for assistance in personal matters that involved computer security and forensics.   A friend contacted me today and explained the situation his friend was in, she was evidently somehow involved with someone or friends with someone who first tech-raped her and is now holding her tech-hostage.  What I mean by this is he helped her setup her iPhone to sync with her ISP email and in doing so, he gained access to her passwords.  He allegedly has hijacked her Facebook page and made inappropriate posts.  So in the middle of the first draft of this blog, I began discussing this with him and offering advice.

    I set my cell phone as a cell phone and only point of contact with the people that I do business with.  I use a Patelco, a credit union, instead of a bank.  I keep the address on most of my financially related information at an address other then my home address.  This buffers and protects my identity because the only one with this other address are my creditors.  I try and opt for online billing as often as possible.  I download and save or print a PDF version of the bill and save it in a folder on my hard drive named yyyymmdd-accountname.pdf and then at the end of the year I zip all of the previous years up and leave the zip folder named yyyy–accountname.zip. I use this kind of archiving for everything.  I save my camera phone photos by year and separated by decade.  But I am lazy about backups, and continue to be so even though I have lost so much data to hardware failure.

    Let’s get some things on the table:  I do not trust the cloud for many reasons the most important of which is that it is for profit and that means they will change the terms and conditions at anytime and you have to agree to them and the second is most of them indemnify themselves from liability regardless of their culpability.  They also often have weird clauses about who actually owns the information being stored on their cloud.  But that is another story and blog.

    Most online services and websites require a password although now it seems like there are two major providers and two minor providers of cross site logins:  Twitter and Facebook followed by Microsoft and Google.  I have personal and professional accounts at AOL/AIM, ICQ, Microsoft, Google, Yahoo and have Facebook, My Space and Linked In.  All of these require passwords.  To add to that complexity, I have my main email address: sgoldfein@gmail.com as valid addresses for AIM, MSN, and Google.  Yahoo uses sgoldfein@yahoo.com and I also have an MSN for sgoldfein@hotmail.com.   These all require unique secure passwords and a way to remember them securely and that’s just the beginning.

    There is this myth that there is a need to constantly change your password for security and integrity reasons although I am not sure where this ideology came from but Microsoft did a massive study over a several year period of time and realized that forced password changes on a random basis provided absolutely no more security then using the same password for the entire period of time.  They also found that the help desk spent far more time resetting passwords soon after the change then at any other time and that there were little to no password resets necessary when the users were not required to change their passwords.  So in conclusion: requiring random password changes doesn’t increase security but it does reduce productivity and increase help desk costs.

    The one thing there is no myth about is choosing passwords and securing them after we choose them.  When I first started life online, I used one password or a derivative of it on every BBS I joined.  I quickly learned that this was a stupid move and an asshole sysop could find out your password and logon as you somewhere else.  About 10 years ago I found a program called Roboform and it revolutionized how I did passwords because it allowed me to carry my list of passwords with me on a Flash Drive or my Cell Phone encrypted from prying eyes.  Roboform has come a long way and there are versions available for Windows, Macintosh, Cloud Based, Android, and IPod/IPad.  Roboform integrates with most browsers, although right now it does not work with Maxthon like it is supposed to but that’s not a show stopper.

    Download the installer from the website above and save it to the Downloads folder on your computer and then navigate to that folder using My Computer or Windows Explorer.  Select and double click on the installer file and it will display the following screen:

    image

    Now before we proceed you need to be thinking about your ‘Master Password’ as this is the most important password on your system because it is the one that will be used to secure your other passwords and data.  I recommend taking your favorite verse from the bible, or a song or first paragraph of a book you know by heart or any passage of text you know by heart.  Recite it in your head memorizing the first letter of each word until you can just say the letters without thinking about it.  That is your private master password and you should never tell anyone what it is.  I usually add some random number for letter substitutions within as well.  Use this password in Roboform to secure your passwords.

    Notice I have checked the Show Advanced Options checkbox.  I will explain each of the options as we proceed with the installations so you will understand what effect they have on the overall program.  I am doing an upgrade and not a new install so there might be a slight variance in the process from what you see here.

    image

    The installed and active browsers will have the Roboform Toolbar connectors installed.  This allows Roboform to display a toolbar in the browser that let’s you click a button on it to fill in the username and password.  It doesn’t appear in screenshots of Chrome for some reason either, so I can’t post a screenshot.  If the browser is installed the option to install the add-on becomes active.

    I started using Chrome for one reason and one reason only, it was fast, stable and it was NOT IE or Firefox.  I would have used Opera but it did not have Roboform support.  As soon as Maxthon and Roboform work together, it will be my browser of choice.

    Notice there is also an option to Fill and save forms in Windows Applications and this is a hit or miss.  IBM / Lenovo used to have a password manager that they bundled in their security apps that hit this like no other.  It could fill the passwords in any windows app.  It is hit or miss with this and it does not work with games like Lord Of The Rings Online.  I select it anyway in the hopes hey slowly improve upon it like they have everything else. Smile

    image

    This is an annoyance because you really cannot utilize Roboform without purchasing it and as such I do not want it to hijack my start page.  Other’s might feel differently and I might change my mind in the future should I accidentally forget to uncheck it.

     

    image

    Since I have already installed and Roboform is running, I cannot change these options and there isn’t really a reason I can foresee to want to.

    image

    It wants me to close all my browser and windows explorer windows.

    image

    Do you have Android or an I pad or an IPhone?  If so then  you will want to make a temporary account this one time before you add any new passcards.

    image

    Fill in the information above and create your user account.  If it offers to make a passcard, do so.  Then follow instructions to finish the install and perform the first sync.

    Then load the Roboform options by right clicking the little green RoboForm icon in the tray next to the clock and selection options.

    image

    Select User Data and click the Settings Button.

    image 

    Choose Desktop and follow the prompts to finish.  Now just go and login to your favorite sites like Facebook and Yahoo.  I would use the toolbar option to generate random passwords to generate new random passwords and use a different one for each site. 

    image

    If this were the first time I visited Facebook it would wait for me to fill the username and password and then it would ask if I wanted to save it.  Make sure the Keep Me Logged In checkbox is checked and remains that way when saving the passcard.  Finally I would make sure you use a Windows Password that no one knows, you can change your password by pressing Control + Alt and the Delete key all at the same time.  Then select Change Password and follow the prompts.

    image

    Finally, change Windows to ask for a password on Resume.  This will make Windows ask for a password when the screensaver comes on.  This means if you walk away or get distracted that someone can’t get access to your computer.  By force of habit I lock my computer.  Another Tech pranked me and I decided to never let it happen again.  He basically took a screen shot of my desktop with all the applications minimized.  He then used the control panel to hide the desktop icons and hid the start menu.  This was back with Windows NT and random lockups before SP3.  Change your passwords and use Roboform.  I will cover the android and portable versions in the future.  In Windows Vista and 7 you can hit Control+Alt+Delete and select Lock Computer or just press the Windows Key and L at the same time to do it.  I usually forget and just let the screen saver take over.

     
    • somekindaodd 1:48 pm on June 19, 2012 Permalink | Reply

      dude write about your life .
      this is like 3X the amount of effort you have put into any single other topic.
      this is good and all, but what happened to your other plans?

      Like

    • Dennis London 'Chip' 2:52 pm on June 19, 2012 Permalink | Reply

      See…I knew you were a geek! And here I am posting my reply from an iPad at a sushi bar…LOL

      Like

    • Jessica 4:42 pm on June 19, 2012 Permalink | Reply

      I like your tech-nerd blog. But a personal blog would be good too. 🙂 Nonetheless, thanks for sharing!

      Like

    • sgoldfein 9:19 am on June 20, 2012 Permalink | Reply

      I have a personal blog too, that is at Blogger and is 'Musings Of A TechnoNerd.' This is the more technical side. 🙂

      Like

    • sgoldfein 9:20 am on June 20, 2012 Permalink | Reply

      LoL Did you have any doubt? I was online back when we were in High School. 🙂

      Like

    • sgoldfein 9:20 am on June 20, 2012 Permalink | Reply

      That's on Blogger and I have posted three or four things in the last few days there too. 🙂

      Like

    • somekindaodd 12:07 am on June 23, 2012 Permalink | Reply

      So you are having the boreing blog on the site i use oh, good plan, either cross post or nevermind..

      Like

    • gehen 12:35 pm on July 18, 2012 Permalink | Reply

      Thank you for sharing your thoughts. I truly appreciate
      your efforts and I will be waiting for your further
      post thanks once again.

      Like

    • Cybersquire 12:21 pm on August 2, 2012 Permalink | Reply

      I am currently working on a blog about converting from Sprint to a Post Paid GSM based provider and when I have finished that I will do another blog on securing your digital life because I had an unfortunate situation arise that created a great blog post.

      Like

c
Compose new post
j
Next post/Next comment
k
Previous post/Previous comment
r
Reply
e
Edit
o
Show/Hide comments
t
Go to top
l
Go to login
h
Show/Hide help
shift + esc
Cancel
%d bloggers like this: