Is Your “Smartphone” Spying On You?

Maybe.

Well, no: probably. If you use it to access social media sites (FarceBook, et al) or any Google service, almost certainly. Heck, there are growing claims that smartphones “listen in” to conversations happening within access of the phone’s mic, like so-called “smart” TVs do.

So?

I’ve worked with computers/networking, etc., for ~30 years and am certainly no Luddite, but my phone stays OFF (and usually in another room) when I am not making calls. I check it now and again for messages from any whitelisted folks, and (very rarely, and only when I’m away from a desktop/notebook/large format tablet–which is very, very rarely, since I almost always have one of the three at hand) I might use it to check something on the web, but only when locked down fairly well and using a strong VPN, while on a local network I trust to be well locked down, as well. I see no reason to let a phone run my life or be connected to any old whomever who might want to contact me.

Other phone “tracking” things?

I don’t need GPS. I’m not helpless or “directionally challenged.” I know how to read a map, can navigate with or without (usually) a compass, and check my routes before heading out anywhere I’ve not been before.

Yes, I got lost once (on an overcast day, on a system of rural gravel roads and two-tracks in rough terrain, off my projected area of travel for that day–no excuse, since I simply left my compass and map for the area behind that day). I stopped and asked directions (because I’m also not completely stupid).

I like the convenience of having computers, tablets, cell phones, etc., but unlike many I know nowadays who would probably be pleased as punch to have their dumb “smart” phone embedded in their body, wired to display in their field of vision, etc., I think I can handle a lil disconnection now and then.

Passwords

I’ve used various techniques to devise memorable passwords and pass phrases over the years that are easy for me to recall but nevertheless fairly strong.

Here’s one (though it’s not currently active for ALL my password use).

Password construction: Take a song that’s at least 400 years old and uses an archaic form of the language in which it was written. Pick the third (or fourth, or whatever “interior) verse. Sing it backwards. Use the words in this backwards order to construct a password using the second (or third, or whatever; choose at semi-random) letter in each word. Use a number representing which letter of the words, when sung as written, you are using as a part of the embedded “key” to the password. Add at least two symbols that remind you of the site or app you assign the password to and “key” them to the site or app visually or audibly–whichever is a stronger memory gift for you.

Frankly, this is a bit difficult to do for folks who have neither an extensive repertoire of Renaissance (or older) music and lack both a good audial memory and the ability to sing/play something backwards, but it’s fun for those who do. . . or at least for me.

*shrugs*

For added complexity, one can take the reversed song and invert the tune, using the letter names of the resultant tune in the password.

Singing a song inverted and backwards, silently as in one’s mind’s ear, in order to extract the password makes me smile, so it’s worth it even if I have to type 60 or more characters.

Don’t do this for a WiFi password for your local network, though. Other folks will probably get lost trying to type it in and give up. Wait. No, DO use this for a WiFi password. It’ll really cut down on traffic. *heh*

OR. . . just use something like Lastpass to generate and “remember” your passwords, if something like this seems like too much work. You lazy bum.

Thought Experiment in a RW Situation

So, my Wonder Woman’s lil personal notebook began exhibiting some serious problems.

The “Black screen after login” issue
When video regained, extremely slow non-response (click, wait several minutes, whatever was invoked finally displays, etc.).
Hard drive light on, solid. Task Manager (again, problems loading TM) showed 100% hard drive usage, almost constantly.

So, I knew what the problem was, generally, but thought to meself, “Self, approach this as a moderately intelligent non-techie would approach it,” and searched the web on those behaviors. Sure enough, failing hard drive was the consensus among views.

Now, I could have dragged out some serious tools, but decided again to limit myself to the above parameters and just used whatever hard drive repair tools are built into Windows 10, invoking a hard drive scan and repair the easy way by shutting the computer down mid-boot a few times (it was taking almost 10 minutes to get to the login screen anyway,
so I just emulated the behavior of a frustrated non-techie, to wit:
“Maybe if I shut it down and restart it. . . ” *heh*
).

Continue reading “Thought Experiment in a RW Situation”

Plus ça change, plus c’est la même chose?

Or is this “Déjà vu all over again?” *heh*

Now the guy who “wrote the book” on safe passwords has changed his tune and is now advocating using long passphrases.

The thing is, I’ve advocated this sort of thing off and on for years, here at this lil Third World County blog, because it’s an easy-peasy way to have long, complicated “passwords” that are easy to remember. I’ve even posted hints on how folks can “crack” my “passwords”

Hint: many of them are based on, but deliberately do not accurately reproduce, verses from 16th-to-19th Century art or folk songs in any one of six languages, and frequently run well over 64 characters. None of them spell all the words out correctly, and many do not use any of the actual words at all. Go ahead. Crack ’em. For me, they are easy-peasy to remember, though, ‘cos I can just “sing” the songs in my head as I type the passphrases, and because I am an “Odd,” the substitutions I use make sense to me but would seem almost psychotically delusional to “Normals”–or computers.

(Example of “Odd” perceptions/views of reality not directly related to my passphrase substitutions: numbers and mathematical functions have colors, shapes, and positions in 3D space for me. It’s how I “see” mathematical solutions without following steps in formulas. In a similar vein, word substitutions in art/folk song lyrics in foreign languages are “colored” and “shaped” by how I see and hear the words in my mind’s eyes and ears. So, easy to recall, for me, difficult to reproduce for any Normal or logical process.)

So, as I have said, have fun cracking my passwords. I’m sure there are some really Odd folks out there, somewhere, who’d enjoy doing just that. 🙂

More on Safe Internet Use

VPNs can be handy things. The better ones offer much safer (note: safER) Internet use, and even less good ones have some value. I’ve been appreciating the switch to Speedify on Windows computers here on our home network. Fairly decent security boost, and I very much appreciate the side benefit of compressed data use.

Unfortunately, every time I have attempted to install Speedify on my Android phone, it reports having been installed but shows up nowhere. Even browsing the files on the device turns up no evidence of its presence. So, I’ve resorted to using “Opera VPN” (SurfEasy–acquired by Opera recently) on that phone. It is at least a wee tad better than using the (SurfEasy) VPN built into the Opera Browser, since it appears to simply remain active on the device whether I am using Opera or not, but it’s still SurfEasy, an MOR VPN, IMO.

If one doesn’t have a VPN subscription anywhere else, defaulting to Opera and enabling the built-in VPN would certainly improve one’s security over no VPN.

Silver Lining to “Wanna Cry” Ransomware?

If there is a silver lining to the recent Wanna Cry ransomware outbreak, perhaps it is this: heightened security awareness among the sheeple. *sigh*

Here are some general things to do, gleaned from a few articles and my own experiences dealing with other folks’ malware infestations:

  • Don’t pay
  • don’t click on email attachments*
  • Keep your software up to date
  • INCLUDING your security softwares!
  • Back up your personal files, and make at least one system backup of a stable, clean system.

*See the asterisk above? Yeh, that. Being able to send and receive email attachments is one of the important features of email, so not opening ANY email attachments vitiates the usefulness of email. Not a problem. First, only accept attachments from someone you know. Verify that the email actually did come from that person. At least look at the headers, but if ANY possible question exists about the email’s authenticity, ASK THE PERSON WHO SEEMS TO HAVE SENT IT! And always, ALWAYS, ALWAYS scan email attachments with up-to-date security softwares.

Even if I have done all of these, I have sometimes saved the attachment offline, then opened it in a virtual machine to check. I have actually caught two “baddies” this way, though it’s been years since that time.

Nothing in the short list above is at all difficult to do, and not even really time-consuming either. It’s just common sense, something sorely lacking among many users (which is exactly how <300,000 computers were hit by “Wanna Cry”–users self-infecting).

A Brief Note to Both of My Readers

*heh*

For any of your completely clueless friends, Malwarebytes’ blog is full of articles on malware, written for easy accessibility and comprehension by casual users. Nothing technical, just simple (sometimes too simple), easily-grasped blogposts about malware for folks who do not want or need technical stuff but who could benefit from a wee bit of awareness of threats.

https://blog.malwarebytes.com

The Continuing Search for a New Web Browser

Since more and more sites are becoming even ruder about browser use–going well beyond simply browser sniffing, now–Opera 12.18 is starting to become a little more difficult to use as a default browser. It still does work fairly well, apart from aggressive attempts to lock “old” browsers out by some sites, but only in Windows 7 and 8/8.1. Windows 10 seems to simply not “like” it.

Sad, because it has many features other “modern” browsers–including Opera ASA’s “Chopera” (an Opera browser based on the Chrome rendering engine)–either lack or do not implement as well. Mouse gestures as clunky or just weird in most other browsers that implement them natively, and mouse gesture extensions have uniformly proven to be crap. Newsreader integrated into the browser, no add-in required? Nope. Granular–really granular–control of features/customization? Nope. Bookmarks that really work and can be easily organized? Nope. Even the best at importing Opera bookmarks and allowing organization requires laboriously reorganizing each separate folder and sub-folder, one at a time. That’s a bit tedious when one has a couple of hundred folders and thousands of bookmarks. (I treat bookmarking sort of like a library card file catalog: I want everything saved where and how I want it, organized into subject folders and searchable any way I want. Yes, I weed my “catalog” pretty regularly to eliminate dead links. Doesn’t everyone? 😉 )

I could go on and on, because there are many, many features baked into the “old” Opera that are just not present or are poorly implemented in all the other browsers I have tried. The one that comes sort of close to being a replacement, but even it doesn’t allow real customization, has clunky mouse gesture implementation, lousy bookmark organization, no built-in newsreader, and doesn’t let me choose my preferred default search engine, even though it shows a procedure for doing so! #gagamaggot

OK, so just checked again. Since the last time I tried and became disgusted with it, Vivaldi Browser at least does now import my bookmarks and does–almost–sort them, at least closely to their original organization. Manual sorting thereafter looks straightforward (though still tedious). But the rest? *meh* Notsomuch, it seems. *sigh* For example, it limits the number of “Speed Dial” columns to six. I prefer ten. Why bake in such stupid limitations? That’s just one of many such dumb ideas.

Still hunting.

OS Gymnastics?

Nah, just some light calisthenics. Not even breathing hard(ly). *heh*

So, I started testing out Win10 on some old hardware about seven months ago on a box that had had WinXP, then Win7. *meh* Apart from all the “phone home” junk, as long as Classic Shell’s installed, not too bad compared to Win7/8/8.1, so when I got a new playcompy (the lil notebook I’m writing this on), I went ahead and installed Classic Shell to make its Win 8.1 more usable, then “upgraded” to Win10 and locked it down.

It works OK, for a Windows box.

So, my Wonder Woman kept asking me when she should upgrade her Win8.1 notebook (a sibling to this lil playcompy). This last weekend I said, “OK, if you want it, fine.” *heh*

So, clicked on the Win10 upgrade icon in her system tray and. . . Windows Update. Search. . . search. . . search. . . No updates found and. . . no Win10 upgrade, either. #gagamaggot.

So, downloaded the M$ Media Creation Tool and am now installing Win10 on her computer with that. Probably should just have downloaded the ISO, but just don’t really care all that much. Maybe later.

Even though the M$ Media Creation Tool works, this upgrade was no faster than any other Win10 upgrade I’ve done, clocking in at around 2.5 hours from start to mostly finished. Another hour locking it down, uninstalling crap apps my Wonder Woman will NOT use, configuring Windows Update to NOT update w/o a user request, etc., will take another hour or so, counting double-checking to make sure the configuration actually takes. (Win10’s kinda sneaky about changing configs behind the user’s back, sometimes. No, really.)

Oh, Well

After about six years, my lil “family room” notebook that I use while sitting with my Wonder Woman in the evening (she on hers, me on mine–unless we’re reading or on occasion watching TV or a video or have someone over) finally bit the dust. Onboard video system died. Really not worth the effort and cost to replace the Mobo, so. . .

Amazon’s delivering a new lappy toy tomorrow. It is NOT a top-end notebook, not even close. That’s just not needed for this lappy’s use. But it does at least have a full sized notebook keyboard with a numeric keypad, a reasonable processor and video subsystem, a reasonable display for a notebook (15.6”–just right for my viewing and much better than the lil 10” netbook I’ve used as a backup for the last couple of weeks), and the memory’s easily–and inexpensively–upgraded (the 4GB that comes with it is not enough for even casual my computing).

I’ve made a break from my past lappy purchases. This one’s not an Asus but a Toshiba. *shrugs* Six of one. . . for this class of computer? Not a lot of difference.

Yeh, yeh, comes with Win8.1, but I can fix that any number of ways (Classic Start, other things, or–likely–Linux Mint in a VM. Gets around a few issues and has essentially the same usability as running it natively, etc.), maybe even accept the “free” sorta upgrade to Win10 ( and fix the everlivin’ HECK out of it–the phoning home’s its worst part, IMO, followed by the “push” “updates:–Classic start, of course, etc.).

First task: Classic start. Next: PC Decrapifier. Then locking the thing down, getting it working well with ALL the resources on our lil LAN, installing my personal choices of software, etc. Typical computer setup fun.

But now, off to see if I can get more than 4 hours of sleep tonight. Could be. It’d be nice.