Venmo security concerns
I haven’t reviewed Venmo security in a long time. Originally I took a look when my middle daughter was looking for an electronic payment service to sort out payments to roommates and friends in college. At that time (2010?), Venmo appeared to be one of the best options.
That has changed – By default, all peer-to-peer Venmo transactions are public (except transaction amount). Wired article, “Public By Default”, Hang Do Thi Duc’s site walks through the problem and example API output links are below.
I’m not sure what to recommend to replace Venmo, but I’m going to do a lot of testing over the weekend and post some recommendations.
Click here to see the last 100 transactions posted to Venmo (seriously).
https://venmo.com/api/v5/public?limit=100
It’s Time to Stop Sending Money on Venmo
https://www.wired.com/story/venmo-alternatives/
Public By Default
https://publicbydefault.fyi/
Backup hardware and software recommendations for family computers
Lots of people ask about backup and disaster recovery for family computers. I use an external USB/eSATA case and Acronis True Image software to image all my friends and family computers. Reference links below for the hardware and software.
The biggest value to me has been flexibility in upgrading drives, decommissioning a system, and migrating to another system. Also, if (and this has NEVER happened) my system were to be compromised, it’s not worth my time and I don’t trust recovery of a compromised system. I will just restore my most recent image and recover my data from the cloud. Also, for people with kids in college, there is one less thing to worry about when they are away at school.
My recommendations:
” Rosewill external USB/eSATA enclosure
” 2TB or larger, fast SATA drive
” Acronis True Image Software
NOTE – Acronis updates its software every year. I have leveraged inexpensive multi-pack upgrades they offer to keep current and install the software on the many family computers…
I like the Rosewill enclosure because it can handle any SATA drive (small SSD to full size SATA) and the cooling fan can be switched on/off as required. I used this enclosure to expand the capacity of my DVR in the past as well as an external and backup drive for my laptops, desktops, and lab equipment.
For backups, I have been using the cheapest 2TB drives I can get and I keep the drives for ~5 years (after that I don’t trust them). Next replacement cycle I might go to 4TB drives.
There are lots of other options, so I included recommendations from The Wirecutter below for portable and external hard drives for reference.
Acronis True Image
https://www.amazon.com/s/ref=nb_sb_noss_1?url=search-alias%3Dsoftware&field-keywords=acronis
3.5 Inch Hard Drive Enclosure to USB 3.0 / eSATA
https://www.newegg.com/Product/Product.aspx?Item=N82E16817182247
The Best External Desktop Hard Drive – Jan 2018
https://thewirecutter.com/reviews/the-best-external-desktop-hard-drive/
The Best Portable Hard Drive – Oct 2017
https://thewirecutter.com/reviews/best-portable-hard-drive/
Browser recommendations – performance and security
This is a post to answer some regular questions I get from friends and family. I’ll update it regularly as required.
First, I use an ad blocker. Sites don’t like you to block ads, but there are so many malicious ads out there that chew up bandwidth, slow my browser, and clutter my screen that I don’t recommend using a browser without an ad blocker.
The ad blocker I recommend is uBlock Origin by Raymond Hill on Chrome, Firefox, Opera, and Microsoft Edge browsers.
Browsers I recommend:
” Firefox Quantum – currently the fastest browser I’ve tested and it works on just about every site I use.
” Google Chrome – good general use browser, and any Google sites are optimized for use with Chrome.
” Microsoft Edge – taking a lot of abuse from the tech crowd, but it’s fast, secure, and my only issue is problems with some sites.
” Epic Privacy Browser – based on Chrome, it’s designed to be secure. If you want to make sure you’re secure, this is the browser to use.
” Opera – another solid, fast browser, it has a nice VPN capability if you’re trying to access content that’s blocked based on your geography (example could be BBC content).
Next, I use the beta versions of the Firefox and Chrome browsers. They are very stable, all the add-ons and extensions I have work with the beta releases, and I think they are less vulnerable to exploits if I’m on a ‘not so safe site’. Reference links for both below, they are generally referenced as “dev channels” (as in development).
Next, if you want to make sure your browsing session is as secure as possible, check out the browsers below. Epic Privacy Browser and Opera (built-in VPN).
The Epic browser is particularly secure, but may give you problems on a financial services site or some commercial sites because it’s locked down pretty tight.
Epic Privacy Browser (based on Chrome)
https://www.epicbrowser.com/
Opera
http://www.opera.com/download
Chrome Dev Channel – I think you’re running 64 bit Windows, so pick that Beta Channel download.
https://www.chromium.org/getting-involved/dev-channel
Firefox Dev Channel – download the Beta version
https://www.mozilla.org/en-US/firefox/channel/desktop/
Microsoft Edge
https://www.microsoft.com/en-us/windows/microsoft-edge
Ajit Pai (FCC Chairman) is not our friend
We are watching the FCC sell out the consumers it is supposed to protect. Ajit Pai is the head of the FCC. He’s a smart guy, but he is not the friend of the consumer, he’s a former Communication Industry law partner. He’s selling Network Neutrality like he’s on an infomercial (it’s not what he says it is). Now they are proposing “direct to voicemail” calls.
My suggestion is to get a Google Voice account and configure it as the voicemail for your cell phone. It will automatically detect ‘SPAM’ calls and you have the option to block calls (or block all calls…).
Network World – technical background and reference links.
http://www.networkworld.com/article/3199565/security/tell-the-fcc-you-dont-want-robo-voicemail-spammy-direct-to-voicemail-messages.html
Consumers Union statement
https://consumersunion.org/news/fcc-urged-to-protect-consumers-from-unwanted-telemarketing-and-debt-collection-voicemails/
Hiking
I’ll start to post more about hobbies as well as technology.
On our Yosemite trip this month, I focused on packing light. I weighed and documented everything I took. This resulted in a much more successful and enjoyable trip.
New equipment included a new, lightweight sleeping bag, a 10L compression sack,and some lightweight packing sacks.
Raspberry Pi-Hole
I was trying to optimize my home network and determined using a local DNS server significantly improved our internet experience. I did the testing with my home server, but it’s a beast (six cores, 32GB RAM, and 4-6TB storage). Since I have a spare Raspberry Pi B+, I figured I would use it.
Researching further, I found the Pi-Hole Project (http://pi-hole.net/). Not only does it provide a local DNS server, but it integrates ad filtering! It works quite well, and didn’t take any technical skills to provision.
- Install Raspbian build on Raspberry Pi – reference link below
- Run this command from the shell (command line): curl -L install.pi-hole.net | bash
- Configure your computers/devices to use the Pi as their DNS server – I configured my wireless gateway to point to the Raspberry Pi so all my systems automatically use it.
NOTE – setup your gateway to use an external DNS as a secondary to avoid issues
Reference Links
Raspbian image downloads
https://www.raspberrypi.org/downloads/raspbian/
Pi-Hole Project
http://pi-hole.net/
Edit Word Normal.dot template
How to open the Normal template in any version of Word
- To edit the normal template in any version of Word on any Windows operating system do the following:
- Open Word.
- Open the vba Editor by Pressing Alt+F11 together.
- At the bottom of the vba Editor window is something called the Immediate window. (Press Ctrl+G to activate this window if you don’t see it.) Click in that Immediate window.
- Type the following (or copy it from here and paste it):
- application.NormalTemplate.OpenAsDocument
- Press Enter
- Close the vba editor
- You are now editing the normal.dot or normal.dotm template.
- Make the appropriate changes and save.
The next time you open a new document, it will have the defaults you saved in the template.
Raspberry Pi-Hole
I was trying to optimize my home network and determined using a local DNS server significantly improved our internet experience. I did the testing with my home server, but it’s a beast (six cores, 32GB RAM, and 4-6TB storage). Since I have a spare Raspberry Pi B+, I figured I would use it.
Researching further, I found the Pi-Hole Project (http://pi-hole.net/). Not only does it provide a local DNS server, but it integrates ad filtering! It works quite well, and didn’t take any technical skills to provision.
- Install Raspbian build on Raspberry Pi – reference link below
- Run this command from the shell (command line): curl -L install.pi-hole.net | bash
- Configure your computers/devices to use the Pi as their DNS server – I configured my wireless gateway to point to the Raspberry Pi so all my systems automatically use it.
NOTE – setup your gateway to use an external DNS as a secondary to avoid issues
Reference Links
Raspbian image downloads
https://www.raspberrypi.org/downloads/raspbian/
Pi-Hole Project
http://pi-hole.net/
Android issues with Netgear R6250 and Motorola SB6121
I haven’t read about other people with this exact problem, so I’m posting my solution in the hopes of helping some other poor soul.
Problem
We had significant performance issues with 2.4GHz and 5.0 GHz wifi connections on our Android phones. The symptom was clicking on any link required over a minute to render the page. Worse case was as much as 2-3 minutes for shortened links (regardless of short link provider). I tried installing Android based proxy servers and DNS servers. Also checked to make sure I used good DNS servers, and installed Microsoft and Linux DNS server on my network configured to use root instead of a forwarder. Nothing improved wifi performance.
Solution
Installed Tomato for the Netgear R6250. Install details below, and after configuring the Wi-Fi, the upgrade resolved all the Android performance problems. I’m familiar with the Tomato firmware and ran it on several older Linksys devices (WRT-54G and others), and I’m very impressed with the release for the R6250.
My install process is below. Software downloaded from AdvancedTomato – https://advancedtomato.com/downloads/router/r6250
1. Using the Netgear interface perform the following tasks:
a. Backup R6250 configuration and save it in a reference rolder
b. Restore default settings for the router using
c. Use existing interface, install the Tomato “initial’ binary using the GUI
2. Log in to tomato and re-flash router using AIO.trx file
3. Erase NV ram – you can do this by clicking the “erase nvram” box when you load the AIO binaries
4. The Tomato Flashing Guide expects the wireless will not be detected after reboot.
a. The Wifi appeared to be working correctly, for me.
b. I restarted anyway, all was well
5. Wireless was detected and working correctly
6. Read Tomato documentation and configure your system in a secure fashion
Cable Provider: Comcast, Performance Tier service, 25/6 Mbps
Cable Modem: Motorola Surfboard SB6121
Wireless Router: Netgear R6250, native firmware v. 1.0.3.6
Reference Links
AdvancedTomato – Netgear R6250
https://advancedtomato.com/downloads/router/r6250
Docker security issue?
Doing a lot of research on Cloud services. Aside from services, features, and cost, my focus has been Federation (with on premise Active Directory specifically) and Security. I haven’t duplicated the root access in this article, but this is exactly the thing that keeps me up at night.
Using the docker command to root the host (totally not a security issue) // reventlov’s silly hacks.