2014 End of Year Buying Guide: Tablets

I've been asked a number of times to provide advice on what computer to buy.  I've done some research and decided to summarize my advice in a series of four posts.  Three of the posts are titled by the skill of the user and how the computer is used: light, medium, and heavy.  The fourth post, this one, is on tablets, which doesn't really fit in one of those categories.

The usual reason for getting a tablet is to have something bigger than a smart phone but still to be able to easily carry around, from room to room or on a trip.   They have kind of replaced the smaller laptops.  If you are a "light" user, then perhaps the only computer you need is a tablet.

Tablets are for browing the net, handle your email, taking pictures, play games, listening to music, and reading books.

Some advice:

• To save money on new tablets, wait for a sale, which usually occurs when a company is about to release a new model or near the end of a business quarter.
  
• The tablet should have a slot for a flash drive:  standard or miniUSB port or microSD.
• If you do touch typing or do a lot of typing, get a cover that supports the tablet in an upright position and get a bluetooth keyboard.  Note that tablets don't fit the paradigm of using a mouse, so, unless your tablet supports and you feel comfortable moving the focus from field to field using the tab key or the arrows keys, you will still need to touch the screen whenever a mouse is required.
• Get a good case to protect it from spills and drops (Amazon, search "tablet cases", then compare to other sources)
• As with a phone, make sure you set up security so that, if you misplace the tablet, you can lock the tablet and even wipe the drive.     

Buying Guides and references:

• In general, google "tablets" and then what you want to know, such as "reviews," "cost,", "ranking," "reliability,"etc.  Youtube has a huge number of videos on tablets.
• Kim Komando buying guide 
• General PC World Index page:
• Tablet rankings:  net Apple iPad Air 2, Samsung Galaxy Tab S
• Tablet rankings:  net Apple iPad 2, Nexus 7 (but no microSD) 

The "Intelligent" Talking Search Engines- the future

Google Now- a better Siri in your google browser and Android:  http://www.komando.com/blog/245973/now-you-can-get-google-now-in-your-browser?utm_medium=nl&utm_source=notd&utm_content=2014-03-25-article_11-in-body-a

Make sure you know who has your credit card information

If you are like me there are certain companies and organizations where it is convenient to register your credit card, either for payment upon purchase (eg, one click on Amazon or your on-line RX drug supplier) or for payment on a recurring basis (eg, health insurance, utility bills).  It is becoming more obvious there is risk in that practice.  However, if you accept that risk, there are a couple of things you can do to mitigate the risk:

1. Monitor your credit card transactions daily.  The easiest way for me to do that is by using the Quicken account update feature.  Each day I start Quicken. I have set it up to download all the transactions in all accounts (from the last time I did the download).  On the flip side, I have Quicken set up to automatically record in the ledger all recurring transactions I have set up.  Typically, Quicken records the pending transaction a day or two before it is actually executed by the biller, so I should have a warning of the transaction and a matching execution download.  If I don't have a match, then there's a possible breach.  If you notify your credit card company right away you won't be liable for the charge. 
2. Maintain a list of every place you have provided a credit card number for automatic transaction.  That way, if you know of a breach, you can both cancel the old card and know that you have to replace that card with another card.  If you don't replace the card, you will miss payments, with a resulting late payment notice and perhaps a penalty.  

Number 2 is what most people don't do.  Please don't be one of them.

Be careful when ordering from Amazon

I think most of us use Amazon from time to time.  This is an observation about "returns" and Amazon prime.   Here is a computer mouse offer:   I learned something about Amazon.com today that you might find interesting.  As I prepared to order the computer mouse I read the details more carefully and found that it is shipped from China. 

http://www.amazon.com/Delux-M618LU-Vertical-Ergonomic-Comfort/dp/B00D19KF7U/ref=sr_1_7?s=pc&ie=UTF8&qid=1380740601&sr=1-7&keywords=vertical+mouse

Note that this is shipped from China.  This means that if you have a problem with it or just wanted to return it, you'd have to return it to China and be responsible for the shipping costs.  (This was verified through a phone call.)

If you explore Amazon further, perhaps focusing on Amazon prime products, you might find an offer like this: 

http://www.amazon.com/gp/product/B00EYI46L8/ref=oh_details_o01_s00_i00?ie=UTF8&psc=1 

This ships from the US and can be easily returned to Amazon. 

It’s more expensive but definitely worth avoiding the hassle.

Very helpful: How to Plan a Trip (walking, bike, public transport, car) using Google Maps

When I was in England, I depended (probably too much), on Google maps, which can give you to-the-number-of-steps guidance in getting from one place to another walking, biking, by public transport, and by car.  Google maps is integrated with most of the public transport schedules in England, as it is for most cities in the US.  So it will give you instantaneous train schedules and rates.  If you have to change stations, it gives you step by step (number of yards, number of steps) instruction on getting from one station to another or even one platform to another.  If you have to walk to a bus stop, it gives you time and distance, as well as the map.  When you are on your way, you can see where you are on your smart phone at any instant as long as your GPS is turned on.  As the situation changes, you can modify your plans on the fly.  This is a must know for all travelers and even commuters.  Learn how before you travel so you don't have a problem.

Note that, as long as you have airport mode on, you can still get info as you travel; ie, you won't be charged minute rates in England.  However, the maps may disappear until you get near the next wifi.  Always have your smartphone wifi on.  When I was in Europe I got one of those wifi hotspot pucks from http://www.tepwireless.com/.  Very good deal.  (Warning:  there aren't very many places to return the hotspot devices.  You will probably elect to mail it back.  You have to make sure you know how to repackage the device.  So take pictures as you are unpacking it.  I made the mistake of not doing that and, when I repacked it, I failed to properly repack/reconfigure the wall adapter:  got a hefty charge for the damaged adapter.)  Just remember to carry an extra battery pack if you are going any distance.  Oh, some bus services and trains have free wifi.  Check that out.

To the directions.  This picture is from Google Maps with the initial entry of planning a trip from Cambridge to Southampton UK.  It picks automobile mode by default:

But if you click on the bus icon, it will start a dialog about public transportation.  (If you click on the bike icon, it will pick a bike route, though not always the best, because it doesn't know all the shortcuts that bikes can take.  If you click on the walking icon it will give you a walking route.  It will use public paths where possible, but it may miss various shortcuts you can only take by walking.  These cases are where the instantaneous feedback from a navigator app can help.)

I'm not going to go through the entire tutorial on how to plan a route here.  Here is a step by step tutorial:
http://www.wikihow.com/Plan-a-Trip-on-Public-Transportation-Using-Google-Maps.  Practice getting from Cambridge to Southampton.  You'll be amazed at how it works.  Try both bus to the train station, then The Tube, then train.  Make sure you click on the "more options and times" link that shows up.  It gives a sliding trip selector.  It is really "wow."

Need help?  Google what help you need.  If you can't find what you are looking for, send a comment to me using the box below.

The Skinny on the How and Why of Two Step Verification (example: Gmail)

Introduction

Two step verification is a security methodology that requires not only a user id and a password but some means of verifying you are who you are on the computer you are using.  Typically, this means that you have to receive a text message with a unique key of 6 to 8 characters every time you log on to a site and it isn't a computer that you have registered before.  To me, it is a sometimes difficult methodology to use, because part of it requires a different password for each application you use, called an application-specific password, but it does have the advantage of being pretty near fool proof:  your account will not be successfully hacked. 

The Sign Up Process

Google requires that you sign up for two step verification.  The signup page is:  https://www.google.com/landing/2step/ .  Click through all the help pages before you decide to do it.  It was helpful to me to watch this video:  https://www.youtube.com/watch?v=zMabEyrtPRg .  

The Confirmation Note

When you sign up, you will get a confirmation note that looks like this:

Hi xxxxxxx, Congratulations on enabling 2-Step Verification for xxxx@yyyy.com! We have a few suggestions to make sure you can always access your account. What if an app stops working Now that you have 2-Step Verification, you may have trouble accessing your account from some apps, such as: "Mail" on iPhone, iPad, or Mac; Chat clients (e.g., Adium). To get your apps working again, you'll need something called an application-specific password. Don't worry—we'll generate one for you, and you won't need to remember it. Get started now. Set up a backup phone If your primary phone is ever unavailable when you need a code, Google can send one to a backup, like your home or work phone or even a family member's phone. To set one up, Go to your 2-Step Verification settings page and sign in. Click on Add a phone number in the Backup phones section. Get backup codes If you don't have access to your primary or backup phones—such as when you're traveling—you can sign in with a backup code. You can keep them in your wallet or save them as a file on your computer. To get your backup codes, Go to the 2-Step Verification settings page. Click on Show/Generate codes. Learn more about 2-Step Verification and update your settings at any time. Sincerely, The Google Accounts team

Do you have any specific questions?

Financial Apps on your phone

It seems a no brainer to include Apps on your phone for banking and credit cards.  I recently received this email from American Express:

Enjoy added peace of mind with protection alerts on the Amex Mobile app. Simply enable push notifications to set up this service. With protection alerts, you can:
Get updates when irregular or fraudulent activity is detected on your account.
Verify fraudulent charges in seconds.
Amex Mobile is available on the App StoreSM or Google Play™

Sounds good, but there is an unintended consequence:  you have to enter your userid and password.  What is wrong with that, you say?  Well, unless you have a secure password manager, you will need to remember the password.  Who has a memory for dozens of 20 character, letter- mixed and lower case, number, and symbol passwords.  According to security best-practices, each one of them must be unique.  Can you do that?  The alternative is to have one or two passwords that you use everywhere.  More than that, those passwords are usually simple:  definitely easy for cybercriminals to break.

So, consider that before you download these apps.  And please follow best practices.  Hacking financial institutions is becoming a weapon of choice for countries and terrorist groups as well as "enterprising" college students:  cheap, easy, with high payoff.

PS:  The alternative is to use a password manager that works across all platforms:  Computers, tablets, smart phones.   Then you will have to remember just one gosh awful password.  For a review of password managers, see:  http://www.pcmag.com/article2/0,2817,2407168,00.asp

BTW, giving a license to one of these would make a great Christmas gift.  Of course, the gift recipient would have to learn how to use it.  At least for Lastpass, the on-line videos are good.  And if you or they are in the neighborhood, you can always give me a call.

The Battle Between the TV Service Providers and the Networks

This morning I was watching Fox news and a black crawler appeared at the bottom of the screen, under the usual news crawler.  It said something to the effect that Dish might cancel Fox News this week end.  It advocated going to a web site to tell Dish that you don't want Fox News cancelled.

To tell the truth, it crossed my mind that this was somebody's hack.  Wow, good technology, but really dangerous:  Sci Fi stuff.

So I googled and found that there really is an issue that involves multiple networks and the TV Service providers.

I know that Newsmax may not be high on your list of news websites, but it does have a succinct article on the situation.  Here is the url:  http://www.newsmax.com/us/dish-network-fox-news/2014/12/15/id/613194/.
PS:  I don't have an opinion one way or the other on this article, but I will have an opinion if Dish is playing politics.

Wikipedia Donation Time

First of all, I'm sorry I haven't been contributing as often as I have liked.  Life has been complicated the past couple of months and I am working on a couple of books.  One is a dummy's guide to Ubuntu- have to see how that flies.  The other is an historical novel on the Puritans and my family's involvement.  It is based on my genealogy research.

But, the reason for this blog entry is to let you know that this is the time of year when Wikipedia is having their donation campaign.  If you use wiki as much as I do (as well as contributing according to your expertise, I hope), you know that it is as valuable, perhaps more so, as PBS.  So take a minute to donate $5 to the cause:  https://donate.wikimedia.org/w/index.php?title=Special:FundraiserLandingPage&country=XX&uselang=en&utm_medium=sidebar&utm_source=donate&utm_campaign=C13_en.wikipedia.org.

Thanks

Scams Part 1. US Airlines

I've been away for a while and have a number of blog entries backed up on my desk.  Most are security related, and others have to do with reviews related to technology for Christmas.  This entry is about a letter we received from US Airlines.  This is not USAir.  It says I have qualified for an award of 2 round trip tickets.  Not so.  Do not touch this.  Do not call the 877 number!  For details on the scam, see http://www.bbb.org/blog/2012/07/scammers-lure-victims-with-fake-free-plane-tickets/.

eBooks Through our local libraries

Did you know that you can check out eBooks from the Spartanburg and Greenville Library Systems?  How?

For Spartanburg, the instructions are at http://digitalbooks.infodepot.org/9BF6B9EF-5E76-48C0-9B0A-1971BCED19B3/10/50/en/Default.htm.  You might have to sign in first... and for that you need a Spartanburg library card.  (Even though we can check out books from both the Spartanburg and Greenville systems with one card, I think it is best you have the correct card when using the respective electronic sources.

It involves downloading an app called Overdrive.  On the above page, click the Help icon near the top and there is a link on the following page to download the app.  Then follow the other directions to check out a book.  Any questions, call 596-3502.

Who has the info on the Greenville library system?  Add a comment at the bottom.  Thanks.

PS.  For those who are not in my area, the process will be the same.  Most libraries use Overdrive and  most will have a part of their web site devoted to eBooks.

It Is Past Time to Lock Up Facebook

A couple of issues here.  One is the security of Facebook as a web site.  I recently saw some fishing messages to someone.  There was more than one.  Each message was from a different person she knew was on Facebook.  In other words, someone was fishing Facebook for situations where the Facebook user did not have their friends list and their personal information locked down.  They would use that information to spam those on the friends list.

The security issue is that the Facebook users allowed access to their friends list by people not on their friends list.

So, I have two programs/applications to recommend to every Facebook user to evaluate the security of their Facebook information.

One is PrivacyFix.  This is a plugin to Chrome or Firefox browsers that evaluates several web application environments for security problems; among these is Facebook.  You can get the plugin for Chrome while inside the browser at https://chrome.google.com/webstore/detail/avg-privacyfix/pmejhjjecaldkllonlokhkglbdbkdcni?hl=en.  Firefox would be similar; click on the AddOns under Settings.

In the picture below, the orange person outline is the PrivacyFix icon.  Click on it and the dropdown in the picture displays.   You can see a general evaluation of your internet privacy within that browser.

For much more information, click on the "Dashboard" link in the upper right corner of the dropdown.  You will get a large web page.  Scroll down to find the Facebook app.  Note that it gives evaluation information and links to "Fix" any issue.  

The second application is actually associated with Facebook.  It is ZoneAlarm SocialGuard Privacy Scan.  You can run it at:  https://apps.facebook.com/sgprivacy/.   The GUI interface Zonealarm's SocialGuardPrivacyScan is a Facebook app.  If you launch it, the following evaluation is displayed.

To fix issues, click on the green background "Score higher and gain more privacy."  The following dialog appears.  Note that there are many links that will send you to places in Facebook to fix security issues.  There is corresponding help on what the various settings do.

I urge everyone who has a Facebook account to secure the account.  Only let friends see anything.

The second issue is that Facebook is trying to persuade/pushing everyone toward a new phone app for its messaging, called Messenger.  There is a lot of concern that Messenger will be used to extract information about everything you do.  See the discussion here:  http://www.kxly.com/news/spokane-news/working-4-you-will-facebooks-messenger-app-invade-my-privacy/27388462.  Follow the links in that article for more information.

Please send a link to this blog entry to everyone on your Facebook friends list.  If you don't use Facebook but you know friends who do, and they have your email address, send the link to this page to them.  The link to this blog page is: http://leetlinktips.blogspot.com/2014/09/it-is-past-time-to-lock-up-facebook.html .  Swipe this with your mouse, Ctrl C the marked area, and paste it into an email to send to folks, or , if you have a facebook account, insert this link into a Facebook message and add it to your Facebook page.

Fix-My-Computer Dude and Other Cold Call Scams

I got the following today from an acquaintance:

Today we got a call from "Fixmycomputerdude.com":  They tried to gain our trust on the phone call by saying that they were from microsoft...and monitoring computers generally, and had identified "terrible" issues with here computer.  They instructed us to push the "windows" key with "r" and in the box that appears they gave a cmd address to type in - and then he read back the IP address to us - and explained we should keep it private.  He gave  another instruction to type in the windowsR run box....www.showmycomputer.com .  Options on this screen showed some digits that he asked to read to him. He then apparently gained control of the computer...and began to flash up screens that showed huge lists of errors and invasions.  He then guided us through a check to see if the computer was properly connected to a server so they could "fix" all these problems free of charge.  That (of course) turned out not to be the case, but for only $149.95 RIGHT NOW - so your computer does not crash! - by credit card, we will fix all that.... + you get a contract for "FREE" help for the next 12 months (with only a nominal $12.00 monthly charge).  "We will take care of your computer free for the year - and at the end, your computer will be working perfectly and you can terminate the contract."  Ever heard of anything like this? They then called back... and threatened us with the fact that our computer was not connected to the "microsoft computer", and was not being updated.  Because of all the errors.... our computer may soon crash.  Can this be right??

This is a scam, and an old one.  There is a long forum post on this scam on the Microsoft Forums website:  https://answers.microsoft.com/en-us/protect/forum/mse-protect_scanning/fix-my-computer-dude-company-just-called-me-and/c74ae56d-8156-e011-8dfc-68b599b31bf5.  That post is about 3 years old.

I have had perhaps a dozen calls on this from our community.  This is being done by under more than one company name.   Some have paid for the service and for the contract.  This is a kind of scam that is marginally legal.  All the proofs and discussions of Microsoft are lies.  The cleaning may provide some benefit, but, overall, is a fraud.  The support is a fraud.

Worst of all, by gaining access to your computer, you have to assume your computer and all the information on it has been compromised.  They might have uploaded "in the background" personal files, passwords you thought were hidden, and any financial information on your computer, all while you are watching the slight-of-hand in the foreground.

• Rather than repeating "what to do" here, I direct you to the following: https://blog.malwarebytes.org/tech-support-scams/.  This summarizes the scam, what to do if they get on your computer, etc.  
• It does not mention another useful program to run besides Malwarebytes.  This program is AdwCleaner. 
• After cleaning, I also recommend "restoring" your computer to a time before the person first gained access to your computer. (http://windows.microsoft.com/en-us/windows/what-is-system-restore#1TC=windows-7)
• Apple computers... I haven't heard of Apple scams.  Anyone have this happen?
• If you have signed up for the year's "Service," do not allow access to your computer again.  The company might not do anything the first time that would raise suspicion, but at some point ... 
• The article does not cover the issues of identity theft.  Given the exponential growth of this piece of the industry, you have to assume that they have "farmed" your computer.   The US Gov. web page on identity theft covers what your response should be:  http://www.consumer.ftc.gov/features/feature-0014-identity-theft   
• The phone numbers you might see on caller-id are usually fake:  burner cell phones.  They may even be from the US, but that doesn't mean the person is  in the US, or that someone in the US is more trustworthy.

If you need help, give me a call.

Banking Information Hacked on a Large Scale

The Russians are using cyberwarfare against US banks now.  Read this and evaluate it against your current security measures with respect to your banks and financial institutions.

http://www.dallasnews.com/business/headlines/20140828-fbi-investigating-hacking-attack-on-jpmorgan-chase-other-banks.ece.  I don't expect any help from the government on this.

Smartphone battery saving tips

While I'm on Kim Komando, her web site has some excellent tips on saving power on your smartphone, especially if it is at the "low point" and you need to use your phone.  The web page is:

http://videos.komando.com/watch/5241/kims-reports-3-ways-to-squeeze-more-life-from-a-dying-smartphone-battery?utm_medium=nl&utm_source=tvkim&utm_content=2014-08-23-article-screen-shot-d

This page has a series of videos on the subject.

Something I noticed in these videos is that Kim doesn't cover the Droid phones as well as she does the iphones.

One simple trick I've discovered on those Droid phones that have three symbols along the bottom of the phone (outside the screen area), left to right: counterclockwise arrow, then a kinda house symbol for return to home screen, and finally, on the right, two rectangles, one in front of the other.
That last one, the rectangles, shows you all your running apps.  I use that a lot now.  I use it to stop all the apps I'm not using.  Put your finger on the app and flick it to the right.  App gone.  An easy way to get more life.

Note that the GPS using apps, such as navigation and "track" use a lot of power. As, much as possible, make sure you don't have your screen on when using these.  Set your phone out, don't put it in an enclosed place.  (When riding a bike and using "track" to keep track of progress and location, put it in a breathable pocket on your jersey.)

Also, I rely on Google Maps and Track when I am biking in the wilderness.  It's a safety feature and it works most all the time, even here in the mountains.  So, I carry an external battery pack backup, just in case.  When the battery gets low on my phone, I plug the backup battery into my phone for extra hours of "up-time."

Travel Tips: Using Credit Cards, Getting Cash Best Practices

Kim Komando, "America's Digital Goddess" used to be on a local radio station for 3 hours every weekend.  I don't think she has an outlet in our area any more?  (Let me know if you have have heard her on one of the local radio stations.)  I keep up with her through the her daily newsletters.  There is a superb article on her website regarding all things credit and cash regarding making reservation for travel and making the trip.  I urge you to read what she has to say:

http://www.komando.com/tips/267847/credit-cards-best-for-travel-and-money-saving-exchange-tips

Follow the other links in this article for a good summary of best practices for all aspects of travel.  If she has left something out, send a comment to me using the comment box below and I will review and perhaps add it to this post.  

Have You Got eMails from "Turkey" or other country The Forensics: This is how it is done.

I have put together a PDF document that is the forensics investigation of an actual case.  You will see the details on what caused it and where it leads.  .  Because it has specifics on companies and people involved in this scam, I have put it in a PDF file.  (No identification of the victim, just the perps.)  You will need to request access to this document by sending an email to me.  Everyone should read this so you won't get hit by this (as a sender of the fishing attack).

Continued phone scams... 606-755-0236... how to handle these and how to handle junk mailers

I received a phone call from the subject number today. I immediately went to the 800notes website and typed the number in the field on the home page. I got this: http://800notes.com/Phone.aspx/1-606-755-0236.  You can read all about it.  Please excuse me for the swearing on that page.  It still provided the information you need.

The following site has assorted tips on how to handle both phone scammers and land mail spammers:  http://www.yourhomenow.com/sit.html.  This web page, written by Greg Molenaar,describes how to put a SIT (Special Information Tone) tone on the front of your voice message to cause telemarketers and robocallers to think your phone is out of service.  (You've heard this tone sequence before.)  He doesn't really say how to put the tone in front of your voicemail message, so the way to do it is to sit in front of your computer with your browser on that web page.  (As another option, you could download the wav file.) Start your phone message recorder.  Click on the sound with your phone close to your computer's speakers, which will play and be recorded, and then continue with your message.  You'll have to be the judge of whether or not these beeps are an aggravation to "friendly" calls.

Greg also has some great ideas about how to handle junk mailers.  Read the article.

HOAX: Dangerous: Notice to appear in court; Green Winick

The following looks very official, but it is dangerous malware:

You can google "Green Winick" or "Notice to appear in court" for more information.  One link is:  http://www.onlinethreatalerts.com/article/2014/7/10/virus-email-message-green-winick-attorneys-at-law-notice-to-appear-in-court/

"System Image" Question

Question:  Is it a good idea to back up the Windows 8 Program files and Program Data?  Or do we have that pretty well covered in the system image?

Answer:  That should be in the System Image. You can google "what is in the Windows 8 system image" and you will get lots of hits.  Here is one:  http://winsupersite.com/windows-8/windows-81-tip-use-system-image-backup.  The image you create is "frozen" in time.  So if you add new programs, download updates, etc., those will not be in the image.  But it is better than having to start from scratch with a Windows installation disk or .iso file.  Also, you may have included all your own "user" files, such as documents and pictures.  Those will be restored too, to that moment in time.  So it is best to have a continuous cloud or off computer backup of all your own files.  You'll have to reload all your files from the backup after deleting those that came with the system image restoration.  

Tablet Review (Summer 2014)

The personal computer space has been undergoing a transition from laptop and desktop to tablet.  My general recommendation is that if you just use a computer for browsing and email, plus perhaps an occasional document, consider a tablet.  If you are a touch typist, then consider a tablet and a real keyboard.

(Personal note:  I don't have a real tablet; I have a smartphone with a full size blue tooth keyboard.  The reason is that I already have an array of computers, not that I don't consider and wouldn't place as a top priority consideration of a tablet as my "main" computer.  Though I don't have a tablet, I have serviced enough to be considered an "expert" on their ease of use, quality, and performance.)

Conversely, if you are a power user, then a tablet could be an accessory and you would keep a laptop or desktop as your primary device.

Tablets can be bought with any one of two and a half operating systems.  At the root level, there are two:  Windows and Unix/Linux.  Ignoring eReaders, which are also Unix/Linux variants, Unix/Linux comes in two "shells:" Apple's iOS and Android.

If you are in the market for a tablet, use the following articles to inform your decision:

• iPad vs Android vs Windows Buying Guide
• 10 Reasons to buy a Windows tablet  (On that page, click on the picture strip, picture by picture, to see the reasons.)
• Lenovo tablets (I tend toward Lenovo products for quality/value)(Disclosure:  I retired from IBM and worked on hardware, software, and manufacturing design. However, Lenovo has long since become its own company.  I've just found Lenovo has less problems and any non-chicklet keyboard can have a better feel.)

If you don't like any of these articles, google "tablet iPad Android Windows" or something more specific.  Add "prices" or "bargains" to that to go internet shopping.

I recommend trying your top two selections before buying.

PS.  In general, the features that are of most interest to me are:

• USB port:  Don't know how you can replace your existing computers without one USB port
• processor:  Many come with the Atom processor.  That's the same as a phone processor.  Get a quad core.  Anything less will drive you crazy.  Intel i3 or i5 4th generation at a reasonable price (less than $600) should be available soon.  
• keyboard:  touch type capable keyboard is a must for me, but it can be done by getting an independent bluetooth keyboard.  It is just kind of awkward to carry the keyboard around when it doesn't "conform/fit" with the tablet.  
• storage:  I know I can get by with 32 G for a phone, but a tablet replacement for a laptop or desktop- another story.  I think 64G minimum, 128G better.  (with a 3.0 USB port)   64G USB 3.0 flash drives are at a very reasonable price point now, so you can extend your memory using the flash drive.

You have been chosen for the 2014 Edition of Worldwide Who's Who... (Woopee!)

A new scam... well as old as the internet, but this is a new push:
(see http://www.ripoffreport.com/reports/specific_search/worldwide%20who's%20who)

Worldwide Who's Who info@dnstatistics.net via yahoo.com	Jun 16 (1 day ago)
to

Hi Duane,

You were recently chosen as a potential candidate to represent your professional community in the 2014 Edition of Worldwide Who's Who. 

We are pleased to inform you that your candidacy was formally approved on June 16th, 2014. Congratulations.

The Publishing Committee selects potential candidates based not only upon their current standing, but focusing as well on criteria from executive and professional directories, associations, and trade journals. Given your background, the Director believes your profile makes a fitting addition to our publication.

There is no fee nor obligation to be listed. As we are working off of secondary sources, we must receive verification from you that your profile is accurate. After receiving verification, we will validate your registry listing within seven business days.

Once finalized, your listing will share prominent registry space with thousands of fellow accomplished individuals across the globe, each representing accomplishments within their own geographical area.

To verify your profile and accept the candidacy, please visit here

.

Our registration deadline for this period's candidates is June 30th, 2014. To ensure you are included, we must receive your verification on or before this date. On behalf of our Committee, I salute your achievement this year and look forward to welcoming you to our association.

Warm Regards,

Benjamin Morrison
Editor in Chief
Worldwide Who's Who

498 RXR Plaza
Uniondale, NY 11556

To remove yourself from further mailings, please visit here

.

Confidentiality Notice: This e-mail communication and any attachments may contain confidential and privileged information for the use of the designated recipients named above. If you are not the intended recipient, you are hereby notified that you have received this communication in error and that any review, disclosure, dissemination, distribution or copying of it or its contents is prohibited. If you have received this communication in error, please delete the communication and unsubscribe from the mailing using the options available in this email. Worldwide Who's Who - 498 RXR Plaza, Uniondale, NY 11556.

This email was sent to xxxxxxxx. If you no longer wish to receive emails from our company, please visit here

 or write to the address below.
Worldwide Who's Who - 498 RXR Plaza - Uniondale, NY 11556 - USA 

Another mail delivery notification scam

This has the same look as the one before but comes from a different place.  You can see it is from Germany (.de location).  I looked up the server associated with the link "Print Shipping Label"  (DO NOT CLICK ON THAT LINK) and I find the server is located in France:

Registrant State/Province: FR
Registrant Postal Code: 92800
Registrant Country: FR
Registrant Phone: 0147780289
Registrant Phone Ext: 
Registrant Fax: 
Registrant Fax Ext: 
Registrant Email: maurice.malbrand@free.fr
Registry Admin ID: 
Admin Name: Claranet France
Admin Organization: Claranet France
Admin Street: 68 Rue du Faubourg Saint Honore
Admin City: Paris
Admin State/Province: Paris
Admin Postal Code: 75008
Admin Country: FR
Admin Phone: +33 1 7013 7000
Admin Phone Ext: 
Admin Fax: +33 1 7013 7001
Admin Fax Ext: 
Admin Email: hostmaster@FR.CLARA.NET

Delivery Notification

Inbox

x

Expedited Shipping delivery.id89@matiz-music.de via yahoo.com	Jun 7 (2 days ago)
to

USPS.COM

Notification Your parcel has arrived at June 5th, 2014. Courier was unable to deliver the parcel to you. Print your label and show it in the nearest post office to get a parcel.
Print Shipping Label
Copyright 2014 USPS. All Rights Reserved.

New scam involving email package notifications from post office

I received the following email this morning:

There are some obvious idiomatic mistakes that suggest this might be phish-ware.  The link associated with the Print Shipping Label goes to a server in Greece.  The person who registered the site spelled Athens Athins.  

FTC Response to Microsoft Support Scam

RE:  Phone calls from "microsoft" saying that there is a problem/infection/whatever with your computer and offering to fix the problem by logging on to your computer
Result:  If you fall for this, they will charge  $$$, get your credit card info, potentially extract all user ids and passwords from your computer, (even though you might think they were safe), and, in the worst case, if you are uncooperative, trash your computer, potentially destroying your hardware.

The FTC suggests going to this page:  http://www.consumer.ftc.gov/articles/0346-tech-support-scams
There is a "scam alerts" object on the left side of this page to see the latest. (I understand that this and other FTC pages can change frequently, so the scam alerts object might move to another place.  In your browser, search for FTC {put scam type here} and make sure you go to an ftc.gov site and not a scam site.

By the way, the phone numbers the scammers use.  The FTC rep I talked to said the numbers are related to "burner phones" and can't be traced.

Another Microsoft Scam Number 844...

I just got a phone call from"out of area."  He said he was calling from Microsoft and my computer had a problem.  I asked for his number so I could call him back.  He said his name was Alex and that the call back was 844.615.7281.  Then I referenced http://800notes.com/Phone.aspx/1-844-615-7281  You can see it is the scam.  Please do the same.  Don't fall for this.  BTW, this 844 is a "new exchange"  I would be suspicious of any 844 number.  

How to "search" in Google products

When we want to search we often use the term "google" because the brand has become synonymous with searching.  But not many know how to use the search function effectively.

As a subtopic of this topic, few of us make effective use of filters in Google mail to manage our email, especially relating to spam.  (Filters settings can be found as a main topic on the Google email settings page.)

https://support.google.com/mail/answer/6593?hl=en&ref_topic=3394914 is the start of the Google help on Google filters, especially related to GMAIL.

On this page there are links on the right hand side to follow.  Of special interest is the one on Advanced Search, which discusses syntax.  (In general, special characters, such as ? or *, are not used.)

Youtube help:

• General advanced search from Google Search box
• Filters in Gmail

Calls from John Kendall, 347 753 9068 are toxic

These calls are from a scam company that is trying to get on your computer and get your money, either through payment of a fee to fix your computer or by stealing your identity.  To see more, see this description.  I am getting about 2 calls a week to fix the problems caused by this and similar calls.  It's good for business, but bad for you.  Please be careful.  Microsoft and any other company will not call you about infections or any thing else involving your computer.  If you have a problem, call me first and I'll sort things out.   Let me know if you get any calls.  If possible, provide the callback number or other information so I can expose them.

Internet Explorer 11 Has ANOTHER Vulnerability *Important

The vulnerability is discussed at:  http://www.bleepingcomputer.com/forums/t/532994/microsoft-issues-out-of-band-update-for-internet-explorer-vulnerability-2963983/.  Make sure you have updated your Microsoft Windows operating system with http://support.microsoft.com/kb/2964358. The date on this is May 1.

Songs for Glassy Men's Chorus

I thought for kicks I would put some U-tubes here of some of the songs the Men's Chorus is singing this Spring/Summer:

• Lydia, the Tatooed Lady
• Loch Lomond
• Musical version with video of Loch Lomond
• Solo in Scottish Brogue and lyrics, Loch Lomond background
• Mens Chorus
• And All the Earth Shall Own Him Lord
• On the Atchison, Topeka, and the Santa Fe
• Original Judy Garland, "Harvey Girls"
• Johnny Mercer, The Pied Pipers - On the Atchison, Topeka
• The Testament of Freedom, Army Chorus
• Offertory
• Sweet Georgia Brown
• Louis Armstrong
• Chorus Version (the choreo alludes the Harlem Globetrotters) 
• Barbershop Rendition

Internet Explorer (the big blue e) has a serious defect that hasn't been fixed- and XP will NOT be fixed!

Rather than repeating the details, please see "Critical zero-day endangers all versions of Internet Explorer-- and XP isn't getting a fix."  If you want to keep your computer and don't want to spend over $100 to get an operating system (Windows 8) that may be "too much" for your old computer, consider installing Ubuntu, or having me install it.  See my blog on how to convert to the operating system called Ubuntu and keep your old XP.

Heartbleed browser extension available

I've found an extension to browsers that let you know when a site was/is vulnerable to the Heartbleed defect.  I don't have any opinion on its efficacy, but here is a link to a description of the chrome version.  I'll revise this post if I develop an opinion.  

XP Used in the Restaurants/Stores/Healthcare, etc Near You

XP support ended April 8.  Many (How many?  Don't know!) businesses, restaurants, health providers, ATMs:  any device used to process your transactions are still on XP.  (background)There are some things these enterprises can do to mitigate risk, but I wouldn't trust any of them.  You think you don't know all you need to know about security!  The conditions where you should be concerned are:

1. XP is used somewhere in the path of a transaction (even if the clerk is recording your phone number or swiping your loyalty card) AND
2. The information has a direct path, even through a firewall, to the outside, or the terminal and business do not protect against insertion of a usb flash drive in the XP computer.

 I'm not sure asking a clerk if XP is involved in any way in your transactions will result in an informed response.

I read this over and I say to myself, I guess many of my electronic transactions are at risk.  So, what to do?  Go all eTransactions?  Heartbleed anyone?  Truth is that us, as consumers, are at significant risk for the next several months.  Reading suggestions from other blogs, I think the prudent approach is to "profile":

• Use cash in especially sensitive stores, such as independent gas stations and corner stores (I've also seen XP still in use in medical facilities, which may or may not be a problem.)
• Do NOT use a debit card unless you are confident the store or ATM has all made the change over AND has mitigated against the Heartbleed defect.
• Consider using "single use credit cards on line"  Google "single use credit card" to see who offers these and the terms of use
• Your credit card should have a limit of $50 for unauthorized use and some companies will cancel any charges where "confirmed" fraud is involved.  So use a credit card if you can't use cash.

If all this sounds wishy-washy, it is.  There isn't a list of businesses that have removed XP from their data stream and business; or visa-versa.  Trust is not a virtue right now.

Heartbleed: List of sites, showing those impacted and those not- be sure to look at this

The site mashable.com has a list of websites and companies impacted by the Heartbleed defect.  Note that popular email providers we use are impacted.  Also note that most banks are listed as not impacted.   However, I showed in a previous post that, though Chase is listed as not impacted, Chase Credit has a notice on its landing page to change your password.

Someone asked me today why they should be concerned about, say Facebook, since they said there was no information of concern there.  The answer has to do with the way many create passwords for different sites:  they don't.  The same password is used for most sites.  One of the first procedures a crook will use when he gets a possible password is to electronically visit many, many sites and see if the same password works for any of those sites.  More often than not, because people use the same password for most of their logons, the crooks will gain access to many sites, including ones that do have private information.

HeartBleed and Banks

The password manager Lastpass has added a function to test all the sites it manages and let you know what to do about that site with respect to the HeartBleed defect.  When I ran that function I got back a list of a dozen or so sites, including banks, along with Lastpass's determination of whether or not the defect had been patched and whether or not the new certificate had been issued.  I address this at more length in a subsequent blog entry.  It did tell me that I should change the password for Barclays.
I went to the Barclays web site and, after logging in, found this on the left side of the main page:

I clicked the link and the instructions were as follows:

Conclusion:  we all have some work to do.  Fortunately, I use Lastpass, so I have a list of all the sites where I have user ids and passwords.  Plus Lastpass has offered this service to help me prioritize what I should be doing.  

The New Home Security Threat (Heartbleed) and What You Should Do

When you use a secure web site the url starts with https://  The "s" stands for secure.  When you correspond with this kind of site, your browser and the site's software cooperate to send and receive your messages in an "encrypted" format.  Theoretically only you, ie your computer, and the receiving web server can "read" what you have set.  This protects your message from being intercepted on its way from your computer to the target web server.  (Did you know that your message bounces from one server to another before finally reaching its target. I've see my messages go back and forth between coasts, north and south, then Chicago, then Atlanta, and so on before reaching its final destination.  Both the transmitted signal and the intermediate servers can be points where your message gets read and your identity stolen.)

The Heartbleed security flaw is making news because the defect, which potentially allows the message to be intercepted and read and all the information on a server to be harvested by criminals or governments, is in the software, OpenSSL, that performs the "s" function.  This is/was a serious issue that probably impacts everyone who is reading this.

The best information I can find instructing you on what you should do is this:

• Understand that every site where https: is used has potentially been compromized, but not all sites.
• Understand that all network-oriented hardware, from routers to smartphones, can be compromised, but not all.
• The compromised sites and manufacturers must identify the impact, update the OpenSSL software to plug the hole, and reissue new "certificates." Without reissuing certificates, even the fixed software is compromised.
• Once the new certificates are issued, the compromised sites and companies should notify you to change your password. (If you are very concerned about a site or company, you can change your password now, even before a new certificate is issued. However, when the new certificate is issued, you will need to change your password again.)

If you are interested in more information, google "Heartbleed."  You will get well over a million hits.  One of the best "non-techie" language sources of information is Kim Komando.  She has a Saturday radio program and I subscribe to her web site and blogs.  She has a great article.  Unfortunately, you have to click through several pages to get the whole article, which can be confusing.  So, I am making a plug for Kim Komando's site. To make it easier for you to read the article, it is copied below, so that everyone will be able to navigate it. I have edited it to remove some information not particularly germane to this entry. Go to her website for the complete article.


Kim Komando's Article (with some info on password managers removed):
In case you missed it, the big news of the week is the “Heartbleed” bug that’s been exposing sensitive information on two-thirds of the websites on the Internet for the last two years. Yes, it’s as bad as it sounds. Earlier in the week, I wrote a tip describing how Heartbleed works and how to stay safe.  If you missed it, click here to read it. However, I’ve gotten lots of questions asking for more detail on a specific suggestion I made for staying safe. So, here it is, in more detail. And this advice isn’t just for Heartbleed; every computer user needs to know how to do this one thing. I am, of course, talking about the right way to change your online passwords. Even if you think you know how, read on to make sure you aren’t missing an important step.
Controversy: There is still some debate about when you should change your online passwords in response to Heartbleed. If you change a password before Heartbleed is fixed on a site, hackers can get your new password and you’ll have to change it again. On the other hand, hackers might already have your information and could use it at any moment if you don’t change your password. So, it’s really up to you how you want to proceed. I think changing your password immediately is better, but I understand it makes things more difficult. Let’s be honest; Heartbleed is a very difficult problem, for all of us. Fortunately, most of the major sites have updated their servers at this point, so it should be fine to change your passwords. Click here to see which major sites were affected.  For smaller sites, you can check to see if they’re still a threat with  these sites.
I recommend the following process for dealing with Heartbleed:
1. CREATE A LIST OF SITES
2. PRIORITIZE
3. MAKE NEW PASSWORDS
4. CHANGE YOUR PASSWORDS
5. AVOID SCAMS

Start with a list of the websites where you have accounts. This is probably going to be a long list, but it can’t be helped.
Find out which sites Heartbleed affected from this list. That list sticks mostly to major sites, so for smaller sites use these tools to see if Heartbleed is still a problem. Move the most sensitive sites, like email and social media, to the top of the list and work your way down to the least important.
Note: Major bank sites didn’t have a problem with Heartbleed. However, if you used the same password for other accounts as you did for your banking account, you need to change that as well. (Editors note (DGL): I question this. I will create other blog entries that demonstrate that some major banks do have a problem, if not in the software itself, then in their hardware.)
If you’re changing your passwords, obviously you need to make new ones. Be sure they’re strong and unique for every site. Click here for my steps to creating strong, unique passwords that are easy to remember.
Bonus tip: Don’t forget to beef up your security questions while you’re at it.
Visit the first site on your list and log in to your account like you normally would. The option to change your password is usually under the Profile or Settings section. If you don’t remember your password or are having trouble finding where to change it, click the “Forgot password” link. This is usually near the sign-in area and will eventually land you on the page to set a new password.
Bonus tip:If the site is one you haven’t used in a while, think about if you actually need an account. If you don’t, close out your account or replace your information with junk information. A site like AccountKiller will tell you how to close your account on most major websites. Once you’ve changing a password, cross that account off your list and move on to the next one. Once you’re done, keep the list handy for reference in case a site you might have forgotten pops into your head later. You can check to see if you already hit it.
Warning: Scammers
Scammers are going to use this Heartbleed situation to try and trick you. Lots of real sites are sending out email asking you to change your password. Scammers are going to try slipping some fake email into your inbox as well. The ironclad rule is to never click on an email link to change your password (or for any other in an unsolicited email). Always go to the site yourself and follow the directions I gave above. Links in fake email will take you to malicious sites, or a page that looks like the legitimate site’s login page. If you put in your password, hackers will have full access to your real account. So, be careful. Want the latest on the Heartbleed virus and other new threats? Be sure to visit my blog regularly.

My Antivirus/Antimalware program found an infection and its name starts with PUP: Is that a problem?

PUP is an abbreviation for "Potentially Unwanted Program."  This abbreviation is industry-standard.  The definition is:  "A potentially unwanted application is a program that contains adware, installs toolbars or has other unclear objectives."

Printing part of a web page

When you print a web page, do you get all the ads, headers and extraneous information on that page printed; the stuff you don't want.  Well, there's an app for that!  It is called Print Friendly, and there is a version for whichever browser you use.

When is an email dangerous (phishing)

I recently received the following email (I've erased the link after "Log in to").  There are certain elements of an email that you should examine to determine if an unsolicited email is a phishing email (Link to phishing examples.)  Unfortunately this example is ambiguous.  I looked at the url that followed "Log in to," where I put the xxx's.  It looked OK.  However, the rest of the email is just... not right.  I suspect it is OK, but.  copyright 2011?  I'm not associated with Aetna any more.  Why this?

Here is my point:  Aetna should know better than to send such an email.  I've spent a little time searching for "email marketing best practices related to avoiding the appearance of a phishing email" and haven't found what I'm looking for.   I can imagine this is a tough time for companies trying to legitimately communicate with their customers.  And, I assume if someone were to publish a "best practices guide," the more sophisticated phishers would soon convert that guide to "best practices for phishing!"

The best I can offer the consumer is, when you get an email from a company you use, don't use any links in the email.  Use your browser and go to the company's web site.

-----------
Visit your Personal Health Record today
Log in to xxxxxxxxxxxxx

Checking your Personal Health Record every so often is a good practice. You should make sure your information is up to date and accurate so we can alert you to actions that can help you stay healthy.

We also noticed you haven’t updated your Health Trackers in a while. While visiting your Personal Health Record, take a moment to review your progress and make any updates to your Health Trackers. They will help you follow your progress towards improving things like your weight, blood pressure, or cholesterol, over time. Making these updates is simple and won’t take much time.

We want to help you be successful in your journey of healthy living. And we think your Personal Health Record might make the journey a little easier.

Share your information securely online
It’s easy to share your Personal Health Record securely online with your doctors so they can review your health information too. Just visit the Share my PHR section on the right side of the screen.

Please do not respond to this e-mail. This mailbox is used for outgoing communications only.


Your Personal Health Record is an Aetna tool, but the information is yours. Aetna will not share it with anyone.

The Aetna Personal Health Record should not be used as the sole source of information about your health condition(s) or medical treatment. Health benefits and health insurance plans contain exclusions and limitations. Information is believed to be accurate as of the production date; however, it is subject to change. For more information about Aetna plans, refer towww.aetna.com

.

If you have any questions, click Contact Us

 to log in to your secure member site and submit your question.

You are receiving this because you have elected to communicate with Aetna through e-mail. View our legal disclaimer

 and privacy policy

.

We are located at 151 Farmington Ave, Hartford, Connecticut 06156
©2011 Aetna Inc. The Aetna name and logo are registered trademarks.

---

IMPORTANT WARNING: Information contained in this email is intended for the use of the individual to whom it is addressed, and may contain information that is privileged, confidential, and exempt from disclosure under applicable law. If you are not the intended recipient, or the employee or agent responsible for delivering the message to the intended recipient, you are hereby notified that any dissemination, distribution, or copying of this communication is STRICTLY FORBIDDEN. If you have received this communication in error, please notify us immediately by return email and delete this document. Thank you.