I feel so exotic. I just changed my Siri from British Male voice to an Irish Female voice.
Technology
The Story of Our HomePod Mini’s
I mentioned in a previous post about Amazon Echo‘s “Comming Full Circle with Amazon Alexa” that the Apple HomePod minis came out at the perfect time for me. Not only did it fill a gap that I voluntarily created by not using Amazon echo anymore. I also had some gift card money and was able to pick up several of the HomePod mini‘s when they came out and not break the bank.
The original intention was to put speakers in every usable room. We put one in the kitchen to replace an echo. We replaced another echo in our master bedroom. I replaced the last echo in the guest room / office with another mini.
We had a charging base for the Amazon tap in the living room and we put two HomePod mini’s there. The intention with the two HomePod minis in the living room was to make them stereo speakers to use with the Apple TV. They sounded fine however we noticed early on that there was a delay between what was spoken and what we saw on the screen. That was really annoying so I reverted back to my Bose speakers that were hardwired into the TV. We still have both HomePod minis in the living room however it’s only for stereo music playing.
I like that I can handoff from my iPhone to a speaker to play music. What I don’t like is it’s not a consistent experience yet. There are times when it takes a really long time to hand off. There are other times when it tries to hand off to my office speaker when I just have my iPhone on my desk near it. Same problem happens on my nightstand at night sometimes.
Another function I like is streaming to multiple devices at the same time. Although that has been a problem in the past when there were a few instances that I couldn’t break the pairing as easily as you would think. It feels like the functionality is improving however it’s not quite fully seamless.
I also like the intercom. The girls like it as well. They’re not yet using it to message us between rooms however they are using the speakers to put music on every once in a while.
As of this writing it’s been over six months since getting the speakers and they may not be functionally on parity with an Amazon echo for us they are working out just fine.
And Of Course QR Codes Are Tracking Us
Why is it when technology gets pretty useful and cool I have to go and find out that is bad for my personal security or privacy?
My Experience With Our School Acceptable Usage Policy For Parents
One of our daughters is moving up into a new school. As part of this transition there is a lot of paperwork to fill out. I could rant that in 2021 why is there 25 pages or more of physical papers i need to fill out instead of some online form. I could however this post isn’t about that. Within that paperwork is a document that I need to sign called the “Acceptable Usage Policy for Parents”. It relates to technology and social media.
In theory i like the idea of the document. It outlines what us as parents should be doing and not doing related to our kids, other kids and the internet. The document is written for people of all levels of technical experience. That is why when i read the section that starts with “I understand that whilst home networks are much less secure than school ones…” i could not stop laughing. I thought it was very cute they thought their network was more secure than most people’s houses. For one thing with so many people and devices coming and going from their network i doubt that statement is true for most people. It is laughable in relation to my home network.
I am not even a network security expert. I know most of my non-tech friends think I am however I am no where even close. The last time i logged onto a firewall that wasn’t my own must have been 2006. Still yeah sorry school that I won’t say its name, no you are not more secure than home networks. I wouldn’t even think of joining your network without a VPN.
Thanks for turning a morning of filling out boring forms into an entertaining blog post though!
Note the photo is unrelated to this post. I needed something “techie” as the default photo for this. I took the photo of my iBook circa 1999 a week or so ago when i powered it up to check it still works. It does.
I wouldn’t
Apple Watch Went British
My Apple Watch is sporting UK colours for the Tokyo Olympics. Well in commemorating the Tokyo Olympics Apple came out with Country colour watchbands. I was already debating another band for my watch so I was intrigued at the options.
Out of all the national ones to choose from I thought i could only get away with the UK or US ones.Out of all the options I kind of liked the Swedish one the best. Since I don’t live there and really have no affiliation to their Olympic team I went with the Great Britain colour scheme.
To all my American friends and family that is not a political statement. I kind of just liked it better than the stars and stripes American one.
I am still torn on who I will be rooting for in the Olympics. Either no one since I doubt I’ll watch it or the US team.
For full disclosure that watch face is on my watch however i am not using it since other than for this photo and to show off how cool it is. Using it totally takes away from the added value of the shortcuts on almost all the other watch faces of the watch.
The Story of Coming Full Circle With Amazon Alexa
I purchased my first Amazon Echo in April 2016. At the time I noted in my personal journal that the threat modelling used to justify the purchase said it was probably okay at the time. I also said and repeated for a while that I know at some point in the future I would need to likely get rid of the device for privacy reasons My friends who were big into security looked at me like I was crazy when I bought it and talked about. Most everyone else at the time had no idea what I was talking about. Those the new of the echo thought it was cool.
When we moved to the UK I purchased an Amazon Tap. The Tap is now discontinued portable speaker with Alexa. We used it around the house before we moved since the other echo was in transit. I packed it in our luggage and when we arrived in England and got our internet we had a music speaker. Even now we mostly use the smart speaker for listening to music and setting timers. Right after we moved simply having a speaker in the empty house was the goal.
Once we were settled in the wired Amazon Echo ended up in our bedroom. The Tap wound up in the kitchen so we could move it around and use it when we needed to. One of the advantages of the tap was that you could disable the always listening mode of Alexa. That way you could turn it on only when you wanted it to do something. It was less convenient but more secure. That was a selling point for me. Then we just got lazy and left it on all the time to unknowingly call out for it and have it not hear us two or three times before it reacted.
When I was debating on building out and an Internet of things network in the house I purchased another Amazon Ech Plus or whatever they called it. It was the version of the Echo that had the ability to become a home hub. That went into the guest room/my office.
Over time I kept reading stories of the privacy concerns people had with the the Echo speakers. I also experienced one or two shall we say oddities with the speakers that made me think it was listening a little more then you realise it should be. I convinced M to use a plain old “dumb” Bluetooth speaker for music in the Kitchen. I was able to get her one for £25. I also purchased myself a portable Bluetooth Speaker so I could listen to my audiobooks. With that new speaker I unplugged the bedroom echo. With M’s Bluetooth Speaker I intended to unplug the Amazon Tap in the kitchen however I didn’t feel that M was comfortable enough with just the Bluetooth speaker to do that.
Around this time Apple did a funny thing. They released the HomePod mini. Based on my current threat model that was my opinion the answer to my technical challenge. We had some gift card money so I purchased a few of the Home Pod Mini’s at John Lewis when they came out. I immediately removed all three of the Echo’s that we had.
The home pod mini is not as feature rich as an Amazon Echo. For what we use it for it has so far been good enough. That’s another story for a different day. The reason I bring it up is it was the final piece to the puzzle that enabled me to throw out the Echo’s and still have a relatively safe alternative.
Technically I did not throw anything out. I gave one of them to my nephew and another to a friend of mine. I think we still have one left to give away or may have given it away already. I cannot recall. We also still have Amazon Fire’s that the girls use. I severely limit what they can do and there is no always on listening. So it’s not like I just stopped using Amazon hardwa. It’s that we don’t use their what has always been a bit spooky audio devices. And now if you’re thinking about it I am not a hypocrite. Apple’s privacy policy and how they use the recordings on the surface seems much more palatable then what Amazon does. That means at least for now I’m happy to leave Apple devices listening in the home and not Amazons.
My MacBook Pro Repair
Even before the lockdown in March I was working from home a lot. It was cold, i was sick on and off in the early winter, etc. That meant that my MacBook Pro was almost always plugged into my desk monitor. One day a few weeks ago I unplugged reboot it and do something on the native keyboard and not use the bluetooth one I usually do. When i did i noticed that the lid did not close all the way correctly. The bottom bulged out a bit as well and did not sit flush with the table. I had a bad feeling something was wrong with the battery.
Once lockdown was lifted enough i wanted to bring the laptop into the Apple store. problem was all appointments seemed to be booked up. After days of trying i saw an appointment open up for mid week on the week i was on holiday. Turns out i was right and the battery likely had an issue. Luckily work had apple care on it with support left for over a year. I hopefully get it back within a week. To Apple’s credit I got a call/email 6 days later saying the computer was ready. I wasn’t able to get out of work early so I picked it up the next morning. Exactly a week after I dropped it off.
I am thankful that I setup a Windows 10 machine at home that I was playing around with. I was able to use it for the 2 work days that the MacBook was out at repair.
Sad Fishing
I know fishing is a big problem. I got this text today. It is like they are not even trying. The URL isn’t even a true paypal URL. They did not eve spell multiple correctly.
All kidding aside I assume people still fall victim of this. Simple rule, do not click on links in email unless are epxecting it. Even then never let your guard down.
Monitor Arms Makes My Desk Better
When I lived in New York and was single I had a rather large L-shaped desk. On one part of the desk I had a heavy duty monitor arm that held a 30 inch HP display. On the smaller part of the L I had another monitor arm with a 23 or 24 inch display that I used when I work from home. When I moved into M’s apartment I had to get rid of the smaller part of the desk and the L bracket that joined the two pieces together. There just wasn’t enough room for it all. I had bought of modular desk and added to it over time. When it came time to move all I took was the main base of the desk. It is what I’ve had ever since. I love that desk. By the time I had moved I switched to an Apple Cinnema display instead of the 30″ monitor so the big arm went away. The other one did too when I got rid of the smaller part of the desk.
For years my setup remained an Apple Cinema Display plugged into either a desktop or laptop. Since I’ve been in London I bought a second Dell 27 inch monitor. That way I can have my work laptop on one screen and my home computer on and other at the same time. It made for an extremely cluttered desk. It did not leave me a lot of surface area to do anything. With all this extra working from home this season and now the indefinite working from home due to the virus it finally dawned on me to take some sort of action.
I did some research and found a relatively inexpensive well reviewed dual monitor on arm. The review said it would hold the weight of my Apple Cinema Display even though the specs in the product description were unclear. The arm arrived early this week. It was trivial enough to mount my Dell monitor to it. Mounting an Apple Display is another story. It needed a special mounting bracket to do so. Since Amazon and Apple no longer carried the Apple VESA mount adapter kit I picked up one new on eBay. It arrived a few days later and after a little bit of fussing I got the adapter on the monitor. Mounting on the alarm was again pretty easy after that. I learned immediately after I put the monitor on the arm that this setup was not going to work. This particular monitor arm really would not hold the weight of an Apple Cinema Display.
My Apple Cinema display is easily 10 years old. It still works pretty well however it showing its age. I almost had to replace it a few months ago when the power cable was starting to fray and all the wires were exposed. A bunch of electrical tape later it’s still working. The only way use my work computer with it is with a special thunderbolt to USB C adapter. I’ve been pondering buying a new one for a while. With my monitor arm plans foiled I started researching other monitors. I settled for the newer version of a Dell 27 inch display I already had. The weight is about the same or lighter then what I already have so mounting wasn’t an issue. What I bought also looks pretty similar to what I have so there’s some symmetry there. Yes that actually matters a little to me.
When the new Dell monitor arrived it was pretty trivial to get it mounted on the arm like the first Dell I had. Once that was done I wrapped the cables coming from the monitor in the innerduct I had lying around. Yes I have innerduck I bought and had lying around for the exact purpose of wrapping cables in. The innerduct made it look nicer. Once it was all put together I was pretty pleased with the end result. The only thing I forgot was I needed to plug in a WebCam on the monitor that replaced the Apple Cinema Display. I do video calls with work and it slipped my mind that the new monitor did not have a camera. Luckily I had one to use.
Now that I’ve finished the new setup and the desk is reconfigured I don’t know what took me so long to do it in the first place. It looks much better and is more functional than the old setup. The extra space i can get by easily moving the monitors up and out of the way is nice!
Using a From Email Address as Validation is Not a Security Measure
I have been on a mission as of late to migrate all of my login details for account’s I use email from one domain name I have to another. I decided to stop using the main domain name I have been using for years. One of the main drivers was cost. It’s pretty expensive each year to own it. It is a country specific one and not cheap like a .com. It is also no longer as relevant for me. I loved its simplicity. It just didn’t make sense to keep having it long term. It is paid for through 2021 or something. I have time to confirm I’ve captured every account and moved it.
In the process of doing this I am also closing accounts I don’t need anymore. It’s a great spring cleaning in the autumn. I originally wrote this in the fall of 2019.
When I attempted to change the email address I used with NordVPN I realized they do not have an option to do that in their online portal. I have come across this issue a bunch of times going through this change process. Eventhough it’s annoying I typically open a case to request a change and its done pretty quickly.
For my own security reasons I use a unique email address for every account that I create online. This allows me to know when my information is being sold or if an email is authentic. It also protects me if one provider is compromised and the account details are sold or published online. There’s lots of times where I recieve a message that looks semi-legitimate. It is only when I look and see it’s going to a completely different email address than I gave them that I know it’s fake.
This setup makes things more secure from fishing or other exploits. The downside is it is not so straight forward to get a message via one of these aliases I setup and reply back easly. That is because my email provider Protonmail charges for each alias you use. To get around that I use their catchall feature. I can have unlimited inbound email addresses. The catch is I can only reply back coming from only 5 of them. Most of the mail I get other than personal mail I don’t really need to reply to. The trade off is worth it for me most of the time.
In this instance with NordVPN I was asked to reply to the support case via email. Ussually in this situation what I typically do is I have an email program that allows me to send outbound mail and I can edit an alias to match the email address I’m using with that vendor. It’s slightly annoying however if I don’t have to do it often it’s not that big of a deal.
There were challenges in validating my account with the NordVPN. That required several emails back and forth. In one instance when I was away from my desk I got lazy and just replied from my generic catchall address. That exposed my default address to the vendor. I wasn’t that concerned about revealing that address to them however it was sloppy for me. What was silly was their reply. After two more rounds of back-and-forth I was told I need to send a response from the original email address since that was the one on file with them.
What seems silly to me is this company was relying on an email “from address” as some sort of security validation? Whenever I do send them mail I’m literally cutting and pasting the contents to a new message and spoofing the address. Anyone can do that. Yet somehow they feel that if I recieve their message it isn’t enough. In my case i am spoofing an address of my own so thats not bad. What is bad is mail spoofing is super easy and this company somehow thinks its a securty function to get mail from a specific address.
If you are going to insist on a security measure why are they not having a secure ticket portal that my login to their service gets me into? Or a built in chat system within their app amoung other things that are more secure than email.
I found this whole experience dealing with this VPN provider to be very frustrating. I am only writting about it because of the hypocritical things they said. Do not tell me you are a security company and then rely on a “reply to” as a validation you are speaking to the right person. Another thing they did was they wanted me to send old credit card details in cleartext email. Yes the card was 2 years old however still dont say you are a security company and ask for PII in a clear text email.
The situations been sorted. I have updated my email address eventually. I’ve been using NordVPN provider for years. This extremely poor experience has left me looking for a new provider when this one runs out. It’s partly due to just the bad communication back and forth. And part of it is the hypocrisy of claiming that they are a security company and doing some of the most unsecure methods to communicate.
UPDATE: Just as I started to write this post in late 2019 it came out that NordVPN had two seperate public incidents where they were compromised. That along with this story got me to move providers 4 months before my contract term ended with NordVPN.