TechByter Worldwide

Speak softly and carry a large microphone


26 Feb 2017

What's All the Hoopla About?

As I'm writing this, The Contract is playing on my second monitor. It's a film with Morgan Freeman and John Cuscak. I've borrowed it from the library and I can watch another 10 movies this month for free. It's not Netflix, but it's the kind of inventive services that libraries are offering these days, the kinds of things that might grind to a halt if the Federal Communications Commission kills net neutrality.

Press ESC to close.Hoopla is a digital content platform that provides movies, music, ebooks, comics, graphic novels, and TV series on-line. Content can be accessed using a web browser, IOS or Android device, or a Kindle reader. Content can be streamed on most web browsers as well as streamed or downloaded to mobile platforms. Subscriptions through public libraries enable patrons to "borrow" the resources and view them on-line. The library pays a fee and library patrons receive the service at no charge.

That "no charge" part is what differentiates the Hoopla library service from on-line services such as Netflix and other paid services.

Press ESC to close.Users can set Hoopla to "Kids Mode", which restricts the titles shown to those that have been judged appropriate for children. You can also choose whether you want Hoopla to send promotional messages and show or hide your borrowing history. You can also set genres that the service will use to make suggestions.

The Worthington Library website (associated with Columbus Metropolitan Library) says patrons can access digital video, music, comics, e-book, and audiobook titles for use on a computer, smart phone, or tablet. All content is available for streaming and some can be downloaded for off-line viewing. Offerings include current and classic comics, e-book, and audiobook titles from a variety of genres; movies, television shows, educational videos, and documentaries; and, music albums. There are no waiting lists and lending periods vary from 3 days for video to 7 days for music, and 21 days for e-books, comics, and audiobooks.

Press ESC to close.The selection isn't as wide as you'd find at Netflix, of course, and the streaming quality doesn't match what Netflix provides. You're also limited to borrowing 12 titles per month. That's still one every two or three days. The first motion picture I used Hoopla for was Into the Woods, an amusing amalgamation of numerous children's stories that I first saw on stage in New York City many years ago.

This is an appealing option for those who like to watch videos on tablets or phones because the videos can be downloaded there, but not to standard computers. Hoopla is also a good example of how libraries continue to change with the times. I don't visit the physical building as much as I used to, but I do use a lot of library resources.

In fact, maybe it's just about time to put together another segment on just how many invaluable resources libraries offer.

More Joy from the Makers of Malware

Macs continue to become more appealing targets for those who create malware, even as some Mac owners hang on to the outdated belief that Macs are immune. No matter who you are or what operating system you have, you're probably somebody's target

The latest threat is ransomware that encrypts files on Macs. The most common vector seems to be BitTorrent websites. The really bad news is that if you pay the ransom, you won't get your files back.

Users of the MacOS are still generally right in thinking that they're less likely to fall victim to these kinds of things, but in this case that's not a good thing. The thieves who wrote the malware did a poor job, which is why users won't get their files back.

The malware has been given the name "OSX/Filecoder.E" and it pretends to be a tool that lets users remove copy protection from commercial software. It's written in Swift, a programming language from Apple. It's also not digitally signed, which makes installation difficult on the latest versions of the MacOS, which tries to protect users from malware.

OSX/Filecoder.E encrypts files by creating an encryption key and then stores the files in encrypted zip archives. The developer didn't create a way for the malware to communicate with a command and control server, though, so anyone who follows instructions and pays the ransom will have no way to recover their files.

The only solution is backup, which is always the best solution anyway. Anti-malware company Eset says that their researchers have monitored the bitcoin address used by the crooks, but apparently no payments have yet been made.

Google-Fi is a New Kind of Cellular Service

A bit more than a week ago, I ported my cellular number out of T-Mobile to Google-Fi. It wasn't because of T-Mobile's service, which has always been pretty good or its support, which has always been adequate. It was mainly a cost issue.

I had opted for the least expensive plan that included some data. For about $50 per month, I had unlimited cell phone calls and 500MB of data. Some months I made no phone calls and used only 100MB of data. Then Google came along with an offer that's hard to refuse: Unlimited cell phone calls for $20 per month and 1000MB of data for $10. If you don't use all the data, you get a refund. So based on my usage, I'm looking at $20 per month instead of $50 most months.

Google-Fi works with T-Mobile, Sprint, and US Cellular systems, so it picks whichever signal is better and can hop from one system to another. But what appeals to me is that it will default to a Wi-Fi signal if one is available -- and that's for both phone calls and data.

Actually, it's called Project Fi and it requires a phone that you probably don't own. I had a perfectly usable Samsung Galaxy Note 4, but it won't work with Google-Fi. You'll need either a Nexus 5X, a Nexus 6P, or a Pixel. The Pixel is by far the most expensive choice, but it's the first phone built for use with the service. It comes in 4 models, standard and XL, with 32GB or 128GB of memory.

The Pixel has Android 7.1 and the Nexus phones have Android 6.0. The Nexus 6P has the largest screen and the basic Pixel has the smallest. The Pixel XL has astounding screen resolution, 534 pixels per inch, but the 6P and 5X aren't far behind with 518 and 423 pixels per inch, respectively.

Instead of having to type in an unlock code, I can now give the phone the finger. My finger. The pointer to be exact. It reads my fingerprint and unlocks with a slight shudder. The fingerprint can also be used to unlock LastPass. The sound quality seems to be better than the Galaxy Note 4, but that might be because the call is on Sprint or US Cellular -- or Wi-Fi.

Among the features I like:

  • There is no annual service contract required and there are no termination fees.
  • As with virtually all other services, you can transfer your current personal number over to Project Fi when you sign up; if you have both a cell phone number and a Google Voice number, you'll have to choose one or the other, though.
  • When multiple carriers are available, Project Fi will move you to the network that Google's analysis shows will be fastest in your current location, whether that is 4G LTE, 3G, or 2G.
  • If you buy a new phone, move to Google-Fi, and later decide you don't like it, a Pixel, Nexus 5X, or Nexus 6P from Project Fi comes unlocked and can be used with other wireless providers if you choose to leave.
  • Additionally, if you already own one of the three supported phones, you can bring it to Project Fi and Google will send you a new SIM card for free.

I'll provide a more in-depth review of the phone and the Google-Fi service once I've used them for a while. But after only a week, I'm impressed with both the phone and the service.

Short Circuits

The Breach that Wasn't

When you buy a car, new or used, you give the dealership a lot of information. NPR once quoted someone in the industry as saying once they sold cars, but now they're a bank that just happens to also sell cars. You'll sit with the finance and insurance person at the dealership and that person will try to sell you gap insurance, life insurance, mechanical breakdown insurance, rustproofing, and about three dozen other things. What happens to all the data that's collected?

Some of the information will be shared with the company that manufactured the vehicle, of course, but some will also be shared with companies that the manufacturer or the dealer work with to judge your satisfaction with the process or to sell you additional products or services after the sale. This information is valuable and you can be sure that somebody who shouldn't have it is trying to get it.

A little more than a week ago, somebody sent an email to executives at dealerships claiming to have millions of buyer records from some of the largest dealership management systems.

The Banks Report said that email was designed to look like it had come from a well known group of scammers. The response was immediate and, for the most part, wrong. The message pointed to data on a server where stolen information is stored. Had anyone bothered to look, they would have found that no personal identification information (PII) was on the server.

Banks says "the email also included six URLs to what is known as a paste bin site, used to upload and share text files. Each URL contained text data with customer information from six different dealer groups that the email named." The report continues to say that apparently it was a clumsy and amateurish attempt to sabotage a company that works with dealerships.

None of the big three dealership management system providers named in the email had been breached and the third-party information vendor has identified a former employee as the likely source of the attack on their system. "Nevertheless, the email sent the affected parties scrambling. Hundreds of thousands of dollars were spent trying to determine whether the threat was legitimate."

"Events such as this demand rational responses," the Banks Report says, "But there is little agreement on how to define 'rational'. [One company] often takes the more aggressive stance claiming it has a responsibility to protect both the data and security of its systems. By doing so, it says, it is protecting the security of the data of its dealership customers" even though this can interfere with the business operations of dealers.

If you want to read the full report, you'll find it here.

Yahoo Price Drop on Aisle Three

Verizon requested a discount on the purchase price for Yahoo. You might think that $350 million is a lot of money, but the entire deal is still worth a little less than 4 and a half billion dollars. But the deal will continue.

You no doubt recall the story of two record-breaking breaches that Yahoo admitted in the past year, one affecting half a billion records and the other affecting a billion records. Keep in mind that the population of the entire Earth is somewhere around 7 billion.

A report this week says that some of Yahoo's systems are still not secure. The Wall Street Journal said security issues might present a problem with attempts to integrate Yahoo's systems with Verizon's AOL unit.

Yahoo and Verizon issued a joint news release, and perhaps some people in each company wish they HAD a joint, but I'm getting off topic here. The news release said that the breaches and any losses resulting from them will not be considered in determining whether a "material" adverse effect has occurred; instead, the companies will split the costs of responding to the breaches.