With my new Pixel, I have been introduced to the modern world of using biometrics to secure my smartphone, something that my old blackberry world could never imagine. As useful as my fingerprint is to keep my phone casually secure, there has been a growing debate about the legality of using biometrics to secure any device. So to go with my new Android phone, I’ve been following some new Android sites and this led to a great article about the legal issues with biometrics and issues with law enforcement and border crossings. Given the state of the world right now, this seems more relevant than ever.
Note we can’t speak to the accuracy of the legalities discussed here, nor their relevance in Canada, however the notion of how to be sure you phone is secure from being unlocked by JUST your fingerprint, or facial recognition, or your eyes, is something to consider.
Firms are paying five-figure ransoms after being tricked into thinking they have been hit by ransomware.
So I made the switch. It was with a heavy heart that I gave up my Blackberry Z30 on the overlooked and underrated BB10 OS. Three weeks ago, I upgraded to a Google Pixel 128GB Android 7.1 powered smartphone and have been immersing myself in the world of Android. Many of our clients have been asking our advice about where to go in a world where Blackberry has lost out, while others just want to know if the Pixel is any good. So I took the plunge and here’s my look at not just the Pixel, but what to expect when you make the change.
(note, I will get into the “why I gave up on BB” in another post…that’s a long story).
Short take on the Pixel? It’s simply an amazing piece of hardware. Look, you can find reviews of the specs and comparisons of the Pixel to the Galaxy S7 or the LG V20, just about anywhere. It’s hard to choose between any of those phones and you really can’t go wrong. So forget the specs.
I’ll be honest, as a messaging phone, the base install, with Gmail as the email tool…well…it sucks. Gmail is great if you use Gmail. Beyond that, I found it to be clunky when dealing with multiple email accounts and especially with my work based Office 365 host exchange account. I already knew that native android mail apps weren’t the best with its integration, so I went on the hunt through the many email apps available for Android.
And the winner is?
Blackberry hub for Android!!! Yay! Sorta…kinda…
Look I admit to being biased. Having the BB hub gives me at least some of the functionality that I thought BB10 was great for when it came to messaging. I actually just subscribed to it for its monthly fee ($1.50 CDN per month to be ad free), and the hub does come with their version of calendar, contact, password keeper and a few other apps I barely used on BB10. That being said, I’m not totally sold on it yet (the subscription can be cancelled any time). It lacks the swipe gestures that really made the Hub so useful (swipe right to peek) and again, it’s a bit clunky switching between account views. The one thing it doesn’t include is the amazing BB keyboard, the one thing I really wished it did have. Seriously, swipe typing is neat and I’m learning to use it, but why can’t any android keyboard include the simple “long press to capitalize” function. How hard is that??
So while I’ve settled on the Hub right now, I am testing a few others alongside it, including Nine and the Alto app (made by AOL of all people) as I research good Office 365 Android apps. Notice I am not using Outlook for Android or OWA for Android. These are…adequate, but I found they surprisingly had issues with how I use my work email, with a lot of subfolders I need to sync as I use rules to sort mail into them automatically. If you have a simpler setup they can work and are easily familiar.
So what about the rest of the phone? I won’t even get into finally having access to up to date apps. I always said I was not an apps person, that’s not why I use a smartphone but…damn once you have access there is a ton of stuff out there to try. Have fun with it, just beware to use only the Google Play (or Amazon) and watch those reviews, as they can be manipulated.
As for the rest of the phone, I’ve bullet pointed some features, tips and tricks to be aware of for those new to Android and the Pixel alike:
I admit, I still miss how tight my BB10 was…but it was time for the change and with a few weeks in I am really enjoying the phone. Why didn’t I choose a Priv or Dtek60 from Blackberry is for another article and expect a followup to this one. For now, if you are ready to make the switch full-bore and put your BB (or are tired of Apple’s closed ecosystem), the Pixel is the top end for this holiday period.
Until the Galaxy S8 arrives in February/March…assuming it doesn’t burn up 🙂
Please feel free to comment or ask questions and if you have tips from more knowledgeable Android users, I’m all ears.
So the world of computer security once again gets flipped on its ear.
There you are at your workstation, you need to go get a coffee or have a bathroom break and as per company policy you “lock” your computer (mac or pc) so that it requires your password to get back in and take you back to where you were.
How can this be?
PoisonTap is the latest creation of Samy Kamkar, the tech behind a series of hacking devices and technologies that are super cheap and easy to implement. He provides this information in a whitehat capacity to show what is possible and then educate. He has since released the code and the specifications so that engineers and developers can learn from the vulnerability.
Kamkar was interview by ARS Technica ( a leading online news outlet) and said ” The primary motivation is to demonstrate that even on a password-protected computer running off of a WPA2 Wi-Fi, your system and network can still be attacked quickly and easily. Existing non-HTTPS website credentials can be stolen, and, in fact, cookies from HTTPS sites that did not properly set the ‘secure’ flag on the cookie can also be siphoned. ”
What this means is that this system hacks your browsers behind your password without needing your password due to the level of security the browsers use to store information. Macs are more vulnerable in that their browsing integration is more significant than on PCs whereby closing your browser BEFORE you lock your computer is more effective against this type of attack.
Kamkar explains further: ” Once the device is inserted in a locked Mac or PC (Kamkar said he hasn’t tested PoisonTap on a Linux machine), it surreptitiously poisons the browser cache with malicious code that lives on well after the tool is removed. That makes the hack ideal for infecting computers while they are only briefly unattended. ”
Obviously this type of attack requires a short and quick physical connection and wouldn’t apply to home environments but in large corporate spaces, public shared work places or public hotspots, this can be an extremely critical vulnerability.
The best way to defend against this type of hack in a public space, other than to take your computer with you, is to shut it down completely before you leave even for a short break. Make sure your password is as complex as you can handle and prior to locking or leaving your computer unattended, shut down all browsers and apps so nothing is running in the background.
As always, if you have any questions or want to have a double-check of your own processes, contact us at Fixmycomputernow.com.
This took long enough by both of the major search providers. As the article below shows, Bing is finally blocking the promoted ads for companies claiming to provide tech support, but are nine time out of ten a scam. At the same time, Google has started blocking advertising for payday loans (Facebook has done this as well).
Keeping up with the scam artists is a full time job, but I sometimes think the search engine providers drag their heels a bit too long in trying to address these issues. This one is a win for us all.
For those who missed it last time, we are bringing back our latest webinar in November.
With the rash of Crypto related ransomware attacks out there, we have decided to put on a few webinars to help educate users on how to identify, protect against, remove and recover from these critical infections especially the Crypto family of ransomware.
We recommend all those responsible for the following roles in your business attend:
This presentation will be at a beginner level and will have some technical information but will be geared towards end user understanding. Feel free to send this invitation to other business owners or associates who may need a better understanding of the threats out there which includes both Mac and PC users.
Topics we will cover include:
These webinars are approximately 45-60m long, will have notes and a review for you to take away and will have a Q&A afterwards for a more detailed discussion.
The 1st webinar this year is scheduled for Monday the 9th of May at 2pm EST. This is a free event and open to the public but registration is required as there are limited connections available on a first come first serve basis. Should registration exceed the number of connections, additional dates will be added.
People are always surprised when we tell them that even legitimate websites can be compromised and/or provide false links to malware, ransomware and crapware.
The current Google Transparency Report on the Safe Browsing status for Google.com doesn’t give the site a perfect grade.