My window to the world


Windows Phone and Android apps screen comparison

By Mauricio Freitas, in , posted: 18-Oct-2014 17:57

There’s a long discussion on Geekzone on why won’t you try Windows Phone. Interestingly a lot is talked about the apps (or lack of them). Also there’s a lot of talk about the user interface on these apps. Some people don’t like the way Windows Phone apps look, but I’ve found that most of the apps actually look the same as in other platforms – the main difference is really on the “home screen”.

I’d say that most of the people will find the apps they use are available in all mobile platforms. Few people will find that the app they want is not available on Windows Phone. For example, I have come to really like Authy, simply because I try to use two factor authentication wherever I can and really dislike the idea of having to recreate all those tokens every time I changed devices. Authy makes those tokens portable so you can simply swap a device, load the app and re-authenticate to load everything. It is probably the only app keeping me away from Windows Phone today (after using a Windows mobile platform since its beginning back in the early 2000).

Based on that Geekzone discussion I decided to go around taking screenshots in apps I can find in both Android and Windows Phone and see if they are that different – I don’t think so. Below you will find a series of apps on Android (left) and Windows Phone (right) to compare their interfaces:

Swarm

 

 

PayPal

 

OneDrive

 

 

 

Twitter

 

 

OneNote

 

 

 

 

Facebook

 

Amazon

 

Fitbit

 

LinkedIn

 

 

Instagram

 

 

Pulseway

 

Home

 



Minister for Economic Development...

By Mauricio Freitas, in , posted: 6-Oct-2014 11:27

Just looking through the new MInisterial List announced 6th October and I see Hon Steven Joyce is Minister for Economic Development, which according to a footnote “portfolio includes responsibility for ICT”, and in the next page we find that Hon Amy Adams is Minister for Communications.

It looks like the New Zealand goverment doesn’t know its TLAs. What part of ICT (Information and Communications Technology) are they duplicating?

Also, Hon Steven Joyce is Minister Responsible for Novopay. Only in New Zealand there is need for a minister to manage software projects gone bad.



Your NAS and the Bash vulnerability

By Mauricio Freitas, in , posted: 27-Sep-2014 11:30

If you have a home theatre, or run a small business you likely have a Network Attached Storage (NAS) devices around. Or even if you just have a huge collection of photos and share the storage with other computers at home.

Over time these devices evolved from simple storage that you could access through your network to full computers, running web services, streaming, databases, even virtual machines (just check the TS-451 I had here for a while).

Obviously being a full computer we have to treat these endpoints as potential weak links – and the recently disclosed GNU Bash vulnerability is affecting at least one NAS vendor, according to an email just received. I would believe other vendors are also impacted but I have not seen any documentation yet.

If you have a NAS at home (or run any UNIX-like operating systems including Linux, BSD, and Mac OS X) then you should really look for a patch/update for your system and get this fixed.

Here’s the email QNAP sent to their customers:

QNAP Systems, Inc. has been looking into the recent concerns over potential Bash code injection (CVE-2014-6271) that can lead to security vulnerabilities on the Turbo NAS and other Unix/Linux-based systems. A partial solution for CVE-2014-6271 exists but may result in another security vulnerability (CVE-2014-7169). QNAP is actively working on a solution for this issue, but in the meantime encourages all Turbo NAS users to take the following immediate actions to avoid any possible exploitation of their system.

As a temporary measure until a solution is released for this issue, please ensure that the following services of the Turbo NAS are disconnected from the Internet:

  • Web administration
  • Web server
  • WebDAV
  • Photo Station, Music Station, File Station, and any other NAS app that uses a web-based interface
Normally the local network is not accessible from the Internet easily, users can still use their Turbo NAS safely. If users still worry about the security of their local network, they can follow the steps to disable the QTS web UI completely, and only turn it on when necessary:
  • Login to QTS and disable the Web Server in Applications
  • Login to QTS and disable the secure connection (SSL) in General Settings
  • Disable NAS web administration using a SSH utility (such as putty): 
    • Connect to the Turbo NAS with admin username and password
    • Type the following command and hit the "Enter" key: /etc/init.d/thttpd.sh stop
Note: The NAS web administration will become unavailable after taking the above steps. To restore it:
  • Restart the Turbo NAS, or
  • Manually start the web administration via SSH by typing the following command: /etc/init.d/thttpd.sh start

QNAP will keep users updated with the latest information as addressing this issue. If users would like further assistance, please contact QNAP Technical Support at http://helpdesk.qnap.com.

UPDATE: Here’s Synology’s page on affected NAS models.



Going to Microsoft TechEd New Zealand 2014–who else is joining me?

By Mauricio Freitas, in , posted: 18-Aug-2014 11:45

I got the confirmation I will be attending the TechEd as a Microsoft guest (same as in previous years) with other media presence.

In the meantime, I have just finished working on something with Intergen for their stand - you folks probably remember in previous years there were racing cars and the stand was quite popular.

This year, working with Microsoft Xbox and Activision there will be Guitar Hero competition - prizes include daily JB Hi-Fi voucher and a Xbox One with Kinect at the end of the competition. More information here: Intergen Guitar Hero Geek competition at TechEd.



State of Browsers Geekzone March 2014

By Mauricio Freitas, in , posted: 24-Apr-2014 09:41

It is time for the annual report on browser usage around Geekzone. At the bottom of this post you will find links to previous years so you can compare all the numbers.

These charts are based on Google Analytics data collected during the 30 day period ending 12th March 2014. I realise part of our audience is more technically inclined, so our numbers are different from those presented by other more mainstream websites (such as Trade Me and news sites) but we have a huge number of non-tech visitors landing in our pages from search results seeking solutions for their problems.

Overall since last year we’ve seen a small increase on Chrome usage (45% up from 40%), very small decline for Firefox (22% down from 24%) and a drop on Internet Explorer usage (18% down from 23%).

New Zealand numbers show a good jump up for Chrome, with both Firefox and Internet Explorer sharing the same space (and loss of audience):

It seems businesses are slowly moving away from Internet Explorer, with Chrome now showing 46% adoption, up from 39% last year. Firefox remains pretty much unchanged with most of the loss in the Internet Explorer side:

After hours we see a dip for Firefox with 19% of people using it this year down from 21%. Internet Explorer shows a dip from 19% to 16%, with Chrome again being the winner in share and increase (47% up from 41%). Safari remains with same numbers as last year.

How is Internet Explorer doing? Despite being a “newcomer” Internet Explorer 11 is coming strong at 44% usage from non-existent last year. Internet Explorer 8 comes second (24% down from 30%), Internet Explorer 9 is down to 17% from 50%, Internet Explorer 10 remains pretty much unchanged and Internet Explorer 7 just shows up (2% down from 7%). All other versions practically disappeared with below 1% usage.

And here is an OS distribution in New Zealand. It pretty much remains unchanged except that Android got up to 5% from 3%, while Linux dropped from 4% to almost nil (now in the “Other” category):

And below the Windows distribution:

Previous posts for comparison:



Free speech

By Mauricio Freitas, in , posted: 19-Apr-2014 12:05

Many times we at Geekzone (myself or moderators) have to take swift action and ban someone from our forums (here is a visual collection of some banhameers used in the process). We have a strict Forum Usage Guideline (FUG) that serve as a guide to everyone in the community. Obviously banned users try to come back in, so we have mechanisms to deal with that.

Quite a few times I get emails with “you are infringing my free speech rights” or “you are being paid to censor me” and so on. As a policy I never reply to these emails and we all know those “free speech” rights are public ones. These rights protect people from being persecuted by the state for their thoughts and words.

Today’s XKCD “Free speech” explain it pretty well (although using the 1st Amendment it applies to other jurisdictions too):



Testing the Kingston DataTraveler Locker+ G3

By Mauricio Freitas, in , posted: 11-Apr-2014 18:50

Just received this Kingston DataTraveler Locker+ G3 to play with. It's a USB3 device, the primary partition shows up as a CD, you run the software (which doesn't need install) and it will create an encrypted partition (or give you access to it):



I ran some speed tests with NirSoft USB Flash Drive Speed Test and here is the result:



For comparison, here is a C300 SSD in a USB3 external case:



Now, this is a Sony memory key, purportedly USB3 as well. Can you see the difference?



And below are a couple of USB2 devices (HP-branded and generic one). See how the write speed on the Sony USB3 is no better than USB2?





Telecom enforces SSL email, uses wrong name in certificate

By Mauricio Freitas, in , posted: 17-Mar-2014 19:12

There’s no end in sight for Telecom email users. While the company’s move to require the use of SSL for email access (Really, all those email passwords were transmitted in the clear over those WiFi access points around the world up until now?) is a Good Move™, the fact they got the SSL certificate with the wrong server name is troubling.

Apparently this certificate was issued to pop3r.xtra.co.nz instead of pop3.xtra.co.nz. People are accepting this certificate just so they can get to their emails. This is bad because I’ve seen comments such as “just accept it I need to get to my emails”.

Not everyone is seeing this error, which points to multiple servers having a good certificate and at least one of them having a bad certificate.

What happens next time these users see a certificate error? They will repeat the “just accept it” routine, thinking it’s just another small problem? Do these people actually know the implication of accepting SSL certs left, right and centre? Probably not. And here is the problem.



Windows XP end of support: 8 April 2014

By Mauricio Freitas, in , posted: 9-Mar-2014 20:40

This 8th April 2014 marks the end of support for Windows XP. Hit the link to find out what it means for you.

Windows XP was released mid-2001. It was a different world then. Things changed a lot in terms of security, safety and privacy online over these 13 years and the OS needs updating to front the new, more evolved risks as well as the avalanche of data we now receive.

I was surprised someone on Twitter posted “This Windows XP update exists solely to tell you that it is Windows XP and Microsoft wants you to pay more money to upgrade.”

Interesting way of putting it. Apple launched OS X 10.0 around the same time of Windows XP and they have been launching new versions of OS X over the years, and every few versions software need to be updated or it won’t run properly. But I never read anyone saying “they’re doing it to get people to pay more”.

A big difference here is that software that run on Windows XP will most likely continue to run on Windows 7 and Windows 8, with few exceptions including drivers (if you have devices that old they are probably reaching the end of their lives anyway).

For users of Microsoft’s platform this is good and bad. It’s good because reduces the cost of going to newer OS versions. It’s bad because (some argue) newer OS versions need to keep supporting these older software and APIs, keeping the OS rather large and the maintenance costs (in both time and number of developers) adding over time.

It’s also bad because adding security safeguards to old OS versions is not always possible, due to limits in the original implementation.

For consumers who still haven’t received the message about security, safety and privacy Windows XP still seems a pretty good OS. Most of the current software still run on this old OS, it doesn’t need big hardware and it’s pretty easy to use. The end result? From January 2014 – March 2014 around 29% of Internet-connected computers were still running Windows XP (down from 39% the year before). This shift is not moving fast enough.

The next Windows Update for Windows XP will add a message that will be presented to users to let them know this OS is no longer supported.

Still, many people using pirated copies of Windows don’t get updates anyway (security or otherwise) and most likely don’t care. And I guess most will just click the box “Don’t show this message again” and be done with it.

Microsoft has extended support for its anti-malware software until July 2015. For  enterprise customers, this applies to System Center Endpoint Protection, Forefront Client Security, Forefront Endpoint Protection and Windows Intune running on Windows XP. For consumers, this applies to Microsoft Security Essentials.

Also note this end of support doesn’t apply only to Windows XP but Windows Server 2003 as well.

Someone commented that the malware developers need only reverse engineer the first few security updates released for Windows 7/8 but not for Windows XP to create new tools to attack and control those unprotected machines. Let’s see what happens in June 2014.



Take a bit of time to cleanup your Twitter authorisations

By Mauricio Freitas, in , posted: 8-Mar-2014 10:22

Yahoo! has acquired Vizify… And it proceed to do what it’s done with 30 startups it previously bought: close the service down. According to people following the tech industry this means the company has closed 31 out of 38 startups it acquired since Marissa Mayer took the helm. But this doesn’t happen on Yahoo! only. All other large tech companies acquire technology to incorporate into their own products and differentiate themselves in the market. If this works out well for consumers or not is another story.

But that’s not what I am thinking about here. I am thinking about your online security. Every now and then I take ten minutes to go through the Twitter authorised apps list and remove some of them:

I also do this on Facebook and LinkedIn. My reasoning? Who knows what is going to happen with those tokens granting account access that are stored in these databases? How do I know the new owners can be trusted?

Sure, you’d say “It’s Yahoo!, they won’t go around spamming your followers from your account”.

My original “contract” was not with the new owners and I have no idea of their plans. The best thing, the safe thing, to do when a service is acquired is to revoke those tokens. Go through your Twitter Apps list (Twitter | Settings | Apps) and look through it. See the number of apps you gave permission to access your information, impersonate yourself to post in your stream, read your friends/followers lists, etc?

Some of those you only used once. Some of those you don’t even remember what they are.

Go on, clean up the mess and you will be safer.



freitasm's profile

Mauricio Freitas
Wellington
New Zealand


I live in New Zealand and my interests include mobile devices, good books, movies and food of course! 

I work for Intergen and I'm also the Geekzone admin. On Geekzone we publish news, reviews and articles on technology topics. The site also has some busy forums.

Subscribe now to my blog RSS feed or the Geekzone RSS feed.

If you want to contact me, please use this page or email me freitasm@geekzone.co.nz. Note this email is not for technical support. I don't give technical support. You can use our Geekzone Forums for community discussions on technical issues.

Here's is my full disclosure post.

If you'd like to help me keep Geekzone going, please use this Geekzone Amazon affiliate link when placing any orders on Amazon.

A couple of blog posts you should read:

Social networks presence

View Mauricio Freitas's profile on LinkedIn


My Blog by tags...

Blog...
Entrepreneurship...
Media...
Personal...
Technology...
Viral Marketing...
Web Performance Optimization...
Windows...
Windows Phone...

Other recent posts in my blog

Windows Phone and Android apps...
Minister for Economic Developm...
Your NAS and the Bash vulnerab...
Going to Microsoft TechEd New ...
State of Browsers Geekzone Mar...
Free speech...
Testing the Kingston DataTrave...
Telecom enforces SSL email, us...
Windows XP end of support: 8 A...
Take a bit of time to cleanup ...

New posts on Geekzone