TechByter Worldwide

If you enjoy today's article, please share it!

Program Date: 10 Mar 2013

Should Google Demand Users' Real Names?

If you've logged onto YouTube (or any of several other Google services) recently, Google may have asked for your real name instead of your user name. Google presents this as a way to improve service for users but not everyone agrees. Whatever your opinion of this is, Vint Cerf, in an interview with Reuters, had some thoughts that I think you'll find worth considering.

Cerf talked with Reuters reporter Gerry Shih. Cerf is a Google executive who was a driving force behind the Internet. Before we review his comments to Shih, consider his background: Cerf was a program manager for DARPA, the US Department of Defense Advanced Research Projects Agency and was instrumental in developing TCP/IP (Transmission Control Protocol/Internet Protocol), the technology that runs the Internet. Working at MCI, Cerf was involved in developing the first commercial e-mail application (MCI Mail) on the Internet. He was a key player in the formation of ICANN (Internet Corporation for Assigned Names and Numbers), the group that assigns IP addresses worldwide. In other words, Vint Cerf has some background with this thing we call the Internet.

And Cerf says that Google is wrong in forcing users to reveal their real names, particularly in light of increasing government surveillance of social media. But, he qualifies that opinion.

Google has been pushing the use of real names for the past year and a half for improved authentication across Google's many products and services. At the moment, users can still display "handles" instead of their real names and Cerf told Reuters that this allows adequate choice now.

If you use Gmail, YouTube, Google+, and other services, Google will suggest that you use "the common name" you are known by in the real world. Cerf told Reuters that using real names is useful, "but I don't think it should be forced on people." According to the published report, Cerf added that Google currently doesn't require the use of real names.

The key point of the Reuters article is this: "But Cerf recognized using real names could land social media users under oppressive regimes in 'fatal trouble,' and Google will not enforce its policy in such instances. But in many other cases, user authentication should be promoted, he said.

"'Anonymity and pseudonymity are perfectly reasonable under some situations,' Cerf said. 'But there are cases where in the transactions both parties really need to know who are we talking to. So what I'm looking for is not that we shut down anonymity, but rather that we offer an option when needed that can strongly authenticate who the parties are.'"

Some people are unhappy about Google's push for users to log on with their real names. The same charges have been aimed at Facebook. It seems to me that there are competing concerns here and that both have a certain amount of legitimacy. There is the expectation of anonymity and anyone who wishes to speak out anonymously appreciates the ability to do so. But if you've been attacked, harassed, or stalked by someone whose identity is secret, you may find yourself wishing for some way to identify your tormentor.

Cerf has warned that governments around the globe have increased their surveillance of the Internet. Although repressive regiemes are the ones that cause the most concern, the surveillance is not limited to them.

Google and Cerf believe that most people want to be protected from government surveillance and intrusion but most of the people I've heard from are more concerned about Google or Facebook. Google probably has more information about people that do all of the state security agencies worldwide. In the wrong hands, this information could be dangerous. (And some people think that Google's hands are the wrong ones.)

Initially, Google required the use of real names on Google+ but last year the company started to allow some users to post with nicknames. So far, this ability is limited to a small number of the service's 500 million subscribers.

Read the full Reuters interview with Vint Cerf here.

Download with Caution

TechByter Worldwide frequently recommends applications, some free and some commercial. Regardless of the application type, it's important to review the download and installation to avoid unpleasant surprises.

Sometimes the download page for an application will display a huge button labeled "DOWNLOAD" near the top of the page. The catch is that the file you really want to download is shown as a small text link at the bottom of the page and clicking that big "DOWNLOAD" button won't download what you think it will.

All too often these faux links are served by Google and other advertising services. The files are usually safe enough, meaning that they aren't malware. But they're not what you wanted.

Hiding the Real Download Button

SoftpediaEven well respected sites such as Softpedia aren't exactly upfront about what they display. In this case, the download link you probably see first is #1 but it's not what you came to this page to download. That's link #2.

CnetAnd here's an example from CNet. This time there are two links that you don't want, #1 at the top of the page and #3 on the right. The one you came to this page to download is #2.

This kind of behavior happens most frequently with freeware applications and free online services. The ads are what pay the bills but the display techniques used are often intentionally deceptive. Not illegal, but unethical.

Another potential for trouble comes when you download and install an application: During the installation, something else will be installed. The extras are often tool-bars for one of more of your browsers and I've seen this behavior about equally with both free and commercial software.

Eliminating Craplets

Avoiding the extra applications is usually easy if you remember always to select the Custom Installation option. This should show you everything that will be installed and where it will be installed. In some cases, the ride-along crapware will be installed without warning by the Standard installation but in some cases the extra components will be mentioned but in small or grayed-out text.

Here's a particularly egregious example and, unfortunately, it's from an application that I like a lot, PDF Creator.

CnetIf you don't select the advanced installation option, you'll never even see this screen.

And if you do select the advanced option, it would be very easy to miss the fact that this screen offers a custom option and that if you don't click the grayed out radio button, you will install the Pokki Toolbar and set it to be the default.

There is no description for this other than unethical.

CnetNow I've clicked the custom installation radio button and all of the Pokki options are selected by default.

CnetDeselecting the first item deselects all three.

So now you might assume that you're safe. Wrong.

CnetThe next screen offers yet another application that I don't want and, if I don't deselect the item, it will be installed for me.

I understand that people who write freeware applications might want to monetize themusing some method other than free-will donations. As someone who offers the donation option, I can attest to the fact that it doesn't work very well.

But resorting to subterfuge and trickery is not a good business model.

And this behavior isn't limited to small companies. By default, updates to the Adobe Reader will install applications that you probably don't want.

Warnings Should Not be Needed

This isn't the kind of warning I like to write. It's a kind of warning that shouldn't be necessary but unfortunately it is necessary.

Companies should feel free to offer applications such as FrostWire, the Pokki Toolbar, or even additional applications that are related to the application you want to download. But those should be offers—not something that you will receive unless you explicitly opt out.

To borrow the old carpenter's rule and paraphrase it a bit: Read twice and download once.

Short Circuits

50 Million Users of Evernote Must Change Their Passwords

Following an attack that breached security at Evernote, the company says that all 50 million users must change their passwords as a precaution. This was expected following a report last weekend that an attacker had been able to gain access to customer information. The only surprising aspect of the story is that it took Evernote until Wednesday to act.

EverNote messageAlthough I use Microsoft's OneNote instead of Evernote, I do have an Evernote account that I opened when I was evaluating the two services. The attack occurred sometime prior to last weekend (Evernote hasn't specified when) and I learned of it on Monday but it wasn't until Wednesday morning that I received the company's official notification.

The company said the password reset was being done "in an abundance of caution." The attacker was able to access some encrypted passwords but Evernote wouldn't say how many. It should be noted that decrypting an encrypted password is not a trivial task.

Evernote is an application that allows users to store small snippets of information so that it's available from any device where the Evernote application is installed, including phones, tablets, and computers.

Evernote's message to users said "In our security investigation, we have found no evidence that any of the content you store in Evernote was accessed, changed or lost. We also have no evidence that any payment information for Evernote Premium or Evernote Business customers was accessed."

The message continued: The investigation has shown, however, that the individual(s) responsible were able to gain access to Evernote user information, which includes user names, email addresses associated with Evernote accounts, and encrypted passwords. Even though this information was accessed, the passwords stored by Evernote are protected by one-way encryption. (In technical terms, they are hashed and salted.)

If you're an Evernote user, you should log on to your account as soon as possible. After signing in, you will be prompted to enter a new password. Evernote says that it will be updating several of its applications "to make the password change process easier."

Evernote described how to create and maintain a secure password: Avoid using simple passwords based on dictionary words. Never use the same password on multiple sites or services. Never click on 'reset password' requests in emails - instead go directly to the service.

Hey, Apple, Where Are Your Touch Screen Laptops?

After using an Android tablet for a year and a Windows tablet for a couple of months, I find myself increasingly wanting to reach out and touch the screens on my Windows desktop computers and particularly on the notebooks. It seems that Apple users are going through the same thing.

Farhad Manjoo, writing for Slate, notes that most portable devices that run Windows or Android (whether tablets or notebooks) have touch screens. Consider Google's Chromebook Pixel ($1300), Asus VivoBook ($500), HP's Pavilion TouchSmart ($650), for example. All have touch screens. Or, Manjoo notes, the thin and light PCs that compete with the MacBook Air. They all have touch screens. All but the MacBook Air. "[I]f you touch its screen, all you'll get are smudges."

I read some magazines on my Windows tablet. The Barnes and Noble Nook reader has the best interface because it is a Metro app and responds to gestures. Some of the magazines I read are available only on the Zinio reader, though, which has an acceptable Metro app. But a few of the magazines are available only on the Zinio 4 reader, which runs on the Desktop and doesn't respond to gestures.

There was a time when I thought touch-based computers were silly. That impression lasted until about 20 seconds after I tried my first tablet with a touch screen. If I had a current-model Apple notebook computer, it would make me crazy not to be able to perform tasks by touching the screen.

I think Manjoo is onto something here: "I tended to touch for leisure activities, and I'd stick to the keyboard and track pad when doing work. But this wasn't by design, and I only discerned the leisure-vs.-work behavior when I thought about it later. Indeed, while using these touch laptops, the touching became intuitive and invisible. I flitted among the screen, the track pad and the keyboard from moment to moment without ever having to think about it."

That, it seems to me, is what's so delightful (if I may use that word about any operating system) about Windows 8: It includes two interfaces. One of those interfaces is perfect for reading books and magazines or playing games while the other is perfect for working with words, data, and images.

So, asks Manjoo, why hasn't Apple (the inventor of the Ipad) added touch-screen capabilities to its notebooks? "Apple would also have to reimagine its OS, redesigning it so that every element could be controlled as easily with your fingers as with a pointer. Microsoft solved this problem by building a touch-friendly interface that sits alongside the old Windows' point-and-click interface, but I don't think Apple would go for that -- it feels too tacked-on and inelegant."

So it appears that Manjoo believes Apple will eventually turn out touch-screen-enabled notebook computers but "for the foreseeable future, we're likely to be stuck with touch-less Macs."

Read the full article here.

Google Looks at Same-Day Delivery

Buy something from Amazon and, if you've paid your annual Amazon Prime fee, you'll probably have it in your hands 2 days later and with no fee for shipping. Google seems to want to compete with Amazon and is offering same-day delivery. If you live in San Francisco.

"Google Shopping Express" works with local stores that want to sell products online. Make a purchase through the service and Google will schedule a delivery service to pick the product from the store and deliver it to you. The system is currently in test mode and has been for several weeks.

The price hasn't been determined. It could be a per-item delivery fee or an annual subscription such as what's used by Amazon ($79 per year). Wall-Mart has tested a similar service but many people consider the delivery fee to be too high and Wall-Mart's service doesn't provide a way for shoppers to return items other than taking them back to the store.

Amazon's wide variety of goods and it's 2-day delivery option cause many shoppers to go directly to Amazon's website to conduct a search instead of starting with Google. As a result, Amazon gets the sale and without having to pay Google for the lead.