Tuesday, June 28, 2011

Today's Forecast: Cloudy with a Chance of Data

There has been a lot of chatter related to "the cloud" lately, so I decided I would weigh in on it.  The extended forecast looks sunny for cloud computing.  How archaic to say that "it" is in the ether, or on the Internet, or stored on a server.  At least it's not another acronym.

Simply stated, cloud computing is little more than storing your pictures, music, video, and documents on a remote computer that allows you to access it from any place, and any device that supports an Internet connection. As more people connect from locations other than their home computer, or multiple devices they own, access from anywhere becomes more ideal.

I won't get into the details of how cloud computing works, instead I'll focus on what's good and bad about it.

Its strong points:

1. Services are becoming less expensive, or free, as options for remote storage becomes more popular.  Keep in mind, most companies providing cloud storage are selling other services to stay in business.

2. Some providers, such as Google, allow shared editing of documents.  An incredible feature when you want to collaborate with others.

3. Your computer no longer has to be the hub for all your other devices with which to sync.

4. Access anytime, anywhere

Its weak points:

1. The big ones here are privacy and security.  You are trusting total strangers with maintaining your personal stuff and keeping their systems secure.  Be sure to read the agreements before committing to a provider.  You are being granted access to your stuff under their rules.  Providers may monitor activity and may share data with law enforcement without notifying you first.

2. Lack of connectivity, slow Internet connections, poor cellular connections, or non-secure (open) wireless networks could negatively impact access.

3. Weak passwords, or lack of file encryption, can leave you vulnerable.  Consider providers that allow you to encrypt your data before pushing it to their cloud.

4. No protocol currently exists that would make migrating your data from one service to another easy.

There are numerous companies offering cloud storage.  Apple recently retooled their Mobile Me service and relabeled it iCloud.  Amazon, Dropbox, HP, and Dell are just a few others to offer cloud services.

The point oh: Right now, cloud storage might be best suited to storing encrypted backups of your data while you still store your working files locally.  The benefit of this is that you have off-site backups of your data in the event of a local disaster.  That is not to say you can't use the cloud for other purposes.  I use Google docs for those few documents I like to be able to access no matter where I am.  Other than that, my email is the only thing I fully store in the Cloud.  I am just not ready to place my entire digital life in the hands of others.  I don't need to have access to all my stuff everywhere I go anyway.  And, since I have lived this long without it, I am certain I am not missing anything, yet.  My personal feeling is that the Cloud is the future, but it is still a toddler.  For me, it will take baby steps to embrace it completely.  Eventually, I imagine, I will have my head in the clouds.

Wednesday, June 22, 2011

Captcha: Gangsta Rap

Sounds like the name of a rapper, to me anyway.  But, it has nothing to do with rap music and everything to do with security on the Internet.

So, what exactly is Captcha, or CAPTCHA to be technically correct?  Those pesky computer acronyms!  It stands for: Completely Automated Public Turing test to tell Computers and Humans Apart.  Turing test?  Why does one explanation always require another?  I'll explain turing test in a minute, but first...

The most simple explanation I can offer for Captcha is that it is those nearly impossible squiggly words a website wants you to type in order to validate your credentials.  The point of you having to type those squiggly letters is so that the system you are interacting with knows that the input got there by a human and was not machine generated.  Mail systems such as Gmail and Yahoo need to be sure that computers are not creating mail accounts.  A spammer could use a computer to create hundreds of phantom email accounts and program those accounts to send out their junk mail and malware.  And, with hundreds of fake accounts sending mail out all day and night it could cause legitimate users poor service or potentially other issues.

The point oh: As with virtually all security measures there is an amount of failure.  In the case of Captcha it has been that character recognition software continues to improve, humans can spend their time reading and entering Captchas at will if they like, and the exploitation of bugs and vulnerabilities in software.  Captchas have gotten slightly more complicated since first introduced, but remain crackable.

Now, about that turning test.  Turing means to have a human judge and a computer that appears to be human.  In the case of Captcha it is really a reverse turning test because the subject is human and the judge is the computer.  A human inputs data while a computer decides if a human entered it, or another computer.

That might be enough for one post to boggle the mind.  I strayed from mentioning the word "bot" in explaining how spammers would automate such a task as it might require another explanation.  Oops!  I just mentioned the word I wasn't going to mention.

I'll explain what a bot is in another post.  For now let's just enjoy some Gansta Rap.

Wednesday, June 15, 2011

iPhone 3G, or not to be?

That is the question for those of you still using an iPhone 3G.  And, I have to emphasize still.  It seems that someone at Apple, let's call him "Steve Jobs", decided that two and a half to three years is much too long to use any iPhone model.  Of course, he never actually came out and said that.  I wouldn't want to be accused of putting words in his mouth, but the reality is that Apple has unofficially stopped supporting the iPhone 3G and older models.

If this was a device that doesn't store personal information, and can't be used on a cell or wireless connection this probably wouldn't even be much of a blip on my radar.  But, the problem for me is that the iPhone is a connected device, and as such it should remain a patched system.  Without firmware updates you won't get the latest security or bug fixes, and it could also mean a lack of support for your apps as developers continue to improve their apps for the newer iOS.

There have been two indications that Apple is dropping support for the iPhone 3G.

1. No firmware update for the 3G (looks like iOS 4.2.x is the end of the line) though the 3GS and newer models were updated (as of this writing 4.3.x is available).
2. At Apple's World Wide Developer Conference this month "Steve" made no mention of the iPhone 3G being supported by iOS 5 which makes sense given the first point I made here.

Is this a problem worth worrying about?  Probably not right away.  It is still unclear when the next generation iPhone will be released.  The best guess anyone has is sometime in September or October of this year.   The Japan earthquake has impacted manufacturing for a lot of companies, and Apple is no exception.

Current options for upgrading to another Apple iPhone:

If you want to bail on your 3G now you can get a brand new iPhone 3GS for $50*.  It's a good price, but since it was introduced in June 2009 my guess is that support will end unofficially in 2012.  That is next year.  You have to ask yourself if it is worth it to eek out the extra year in the hopes of something better before the end of 2012.

Or, you can get a brand new iPhone 4 for between $200-$300* (depending on model).  Introduced in June of 2010, my guess is that support will end unofficially in 2013.  Do the math, that is maybe two more years of support for that price.

Roll the dice, and wait for the next generation iPhone and pay the likely $200-$300 price tag (depending on model).  This would also have a three year life span ending support unofficially in 2014, if my theory is correct.  I'd say it is worth the gamble to wait especially if a new iPhone model comes out before the end of the year.  Apple probably won't want to miss the holidays as an opportunity to push sales of something new.  Also, this phone will most likely ship with iOS 5 installed since it was just introduced at WWDC.  Whether or not the hardware differs much from the iPhone 4 is also up for debate, but my feeling is support for the device is more important for an iPhone 3G user than what features a new phone is going to sport.

Just because I am speaking specifically of the iPhone does not mean I am suggesting you would have to continue to use an iPhone.  There are plenty of other vendors offering smart phones that have similar interfaces and features.  The point oh:  There is obsolescence in every computing device.  How fast these devices become obsolete is a matter of debate.  But, sooner or later you will need to move forward.

Maybe you have noticed, despite Apple's claims of improving the speed on the iPhone 3G with the last two firmware updates, that your phone is slow.  Nuking the phone back to factory defaults, and reinstalling everything has marginal gains in performance.  It is particularly noticeable if you benchmark those speeds against an iPhone 4 using the same apps to test.  It is, in part, a hardware issue.  The iPhone 4 uses newer technology to support better performance and its additional software features.  It just might be one more reason to retire your 3G.

* Apple's pricing: http://store.apple.com/us

Saturday, June 11, 2011

Mal-where?

It was only a matter of time before the Macintosh operating system fell victim to a malware attack.  Frankly, I am surprised it has taken eleven years.  You're thinking, "Macs have been around since the mid 1980's!  Certainly, that is more than eleven years."  Yes, it is a lot longer.  The point here is that we are talking about OS X (version 10 of Apple's operating system).  Previous versions of Apple's operating systems got infected with viruses.  Its just taken this many years, and the popularity of the Internet to give Mac OS X users cooties.

So, what is MacDefender?  The short answer:  It is malware pretending to be legitimate anti-virus software.  It informs you that you have malware, and should pay to remove it.  It relies on social engineering to get you to give it your credit card information, and once you do the bad guys buy lots of stuff with your money.

The "point oh":  The point is don't go, "Oh, I need to get rid of this; I better pay to remove it".  You should know if you are running a legitimate anti-malware program on your Mac or PC, and you should know what the product is called along with the company that provides it.  If you have never used an Anti-malware product on your Mac it might be time to start thinking about it.

More information on how to avoid and remove MacDefender (also known as: MacProtector and MacSecurity) can be found here:

http://support.apple.com/kb/HT4650