Well, we are in a new era in 2017, so nice once again to look at how to stay safe and private in this new age, here are some recommendations.
For the truly tin foiled hat paranoids
Remember just because you are paranoid doesn’t mean you don’t have people snoopy into your digital life, so here are some recommendations from Bruce Schneier. Note that as always, the actually applications these guys produce can be hacked, but you have to trust someone.
- Signal. While there are many secure messaging applications out there, this one is open source and really protected. The main issue is that the other person has to be on Signal too. So I get maybe a message month, still it is the safest.
- ProtonMail or Lavabit. In the post Snowden era, this seems way more practical than trying to use OpenPGP keys etc. They do allow web browsing of your mail by the way.
- Tor Browser. This browser is slow, slow, slow and disables just about anything useful, but it is the safest out there for looking at cnn.com without anyone knowing you are doing it.
- Air Gapped PCs. They do seem take their security seriously and if you keep your connection time to the internet at a minimum. Some would say never connect it and use a hand scroll to copy notes from an air gapped machine to another, you should be safe.
- Veracrypt. With TrueCrypt dead, the best source of on disk encryption is still open for me. But basically you have to encrypt the files that really matter. I need to give this one a try, but it uses Fuse to create a new file system handler so it is pretty transparent. You can get Fuse for OS X from Macports or from Homebrew by the way
- Hashed user names. It is pretty useless to use all this if you just use the same user name for everything, so you want to create a random user name for everything.
Ok, for the double double paranoid, the question is how you got your laptop in the first place and how to prevent recognition given all the cameras out there in the real world.
- Wear sunglasses and a hoodie. OK there are lots of security cameras, so people are selling actual camo gear to confuse image recognition (I said this was about the paranoid didn’t I?).
- And of course take public transportation and map the cameras so you to find some blind spots and change your clothes in them. OK I feel like Jason Bourne now.
- Burner phone and laptop. Walk into a store (preferably about miles from you usually live) with your camo gear and buy a phone. You’ve seen it on Breaking Bad I’m sure and change them often. It’s good that burners and chromebooks are so cheap now 🙂
- Tails . Run the operating system for your laptop from a USB key so you don’t have to worry about viruses. OK, this is getting a little crazy!
- Make sure that when you turn on your laptop or phone, it is in a very public spot as your MAC id on your laptop and IMEI on your phone do identify you the local cell phone tower or access point. You can spoof your Mac ID, I’m not sure about your IMEI
- Throw away your phone and laptop regularly.
For the concerned but practical
If you actually want to talk to more than the 3 tinfoils people in your life here are some other choices.
- WhatsApp. This actually uses the same open source security protocol as Signal and is end to end encrypted. You can tell because Facebook gets in trouble all the time around the world with this applications. It’s less secure than Signal, but more people use it.
- iMessage. Another proof by example, but this should be reasonably safe which SMS definitely is not.
- Private Internet Access VPN. You have to trust your VPN provider, but this will at least get you partially there. These guys are outside the US, so maybe a little safer.
- Startpage. If you do not want Google to track what you do then you want to use an anonymize for your queries. Startpages is one of these companies that give you some protection.
- Apple Encrypted DMG and FileVault. Turn on file vault to on disk encrypt your hard disk. And for really secret stuff create an encrypted DMG on top of that.
- 1Password. They have a zero knowledge system of storage so that they do not know what is being encrypted which also means if you forget then your keys are lost forever, but in the world of encryption, they allow you to use really random passwords.
One Mile At A Time reminded me of a good way to save significant dollars by quadruple stacking
- ITunes gift card are currently 15% off there
- Signup for the free staples rewards program. Over time this is another 1% off
- Signup for a Chase Ink business card. This gives you 5x points for every $1 spent at Staples
- Have a Chase Sapphire Reserve card so those points transfer there and are worth 2.2 cents on average. That’s 11%
- Use cashbackmonitor.com to find a click through site. Click to Staples. Right now that’s another 5% rebate
And there you have it. It’s another reminder that if the price is similar with the Chase systems you want to buy there.
Well, if you are lucky (woohoo!), you have gotten yourself a Chase Sapphire Reserve and also got an American Express Platinum Business card. Now in the rewards game, things are pretty exciting if complicated, here’s a short list and you can see how when you start with one program, you often get a cascade. That is, if you have United 1K then you get Marriott Gold, so you get SPG Gold so you get China Eastern Elite. You get the picture. Here’s a list of some of the chains:
American Express Platinum
Don’t just get the card, you have to spend 30 minutes or so hitting the enrollment sites to get all the benefits which include:
- Boingo membership (for those pesky airports that limit you like Boston)
- 10 Gogo inflight wifi vouchers
- Priority Pass Select. You actually have to fax this in, but that’s pretty easy, fill out the for and use a free fax service
- Hilton Gold status. You have to call for this and it isn’t listed as a benefit, but it is there
- $100 credit for random charges from a specific airline
- Access to the Centurion Lounges and to Delta lounges if you are flying them
- 5x points for air travel. Hard to beat that! That’s nearly 10% back.
- National Emerald Executive Club
Chase Sapphire Reserve
- Priority Pass Select
- $200 travel credit on any travel related expenses
- 3x for travel broadly defined, so use for all your other travel
- National Emerald Executive Club (really for Visa Infinite holders)
If you have this, remember to sign up for:
- Marriott Gold status (just short of Platinum)
- Then link your Marriott to SPG to get Gold there too
- Hertz President’s Circle
They have a bunch of other programs so now the fun really begins, but note you have to be Platinum for it to work, but the main thing to do is to link the accounts together
- SPG Golds get one point for every mile they fly on Delta
- SPG for Uber points. Get 2 points for every dollar spent on Uber while you are staying at Starwood and 0.5 points otherwise if you stay once a year at a Starwood’s hotel. Note that JetBlue also has a promotion like this as well
- SPG to China Eastern. This is mainly for platinums but again if you like your Gold account, you get priority boarding on China Eastern.
OK, there have been about a million opinions about the new MacBook Pro, here are the tips, tricks and traps:
- Touch Id. I didn’t realize how much time I spent typing my password in and it is super cool that it is integrated into the phone.
- The Sound. Ok, this is the biggest surprise, I don’t understand what they put into the thing, but the sound is absolutely incredible. How did they do this? It is like having Adele living in your computer. And watching movies is just awesome!
- The thinness. Ok, the negative is that battery life, but wow, the thing is really thin, I hadn’t realized it until I look al my MacBook Pro 2010 (and 2014). Even with a translucent case, it is really nice.
- The build quality remains exceptional of course and with AppleCare, this is something that will last. I remain surprised that computers that are 8-10 years old (our iMac 2009 and MacBook Pro 2010) just work.
- The keyboard. I know many people dislike the short throw keyboard, but I like it quiteThe a bit. Probably because my first keyboard I really loved was a Sun workstation with the same short throw. It feels precise to me.
- Having power that works on either side, I sort of miss the magnetic lock, but I do really like the ability to charge the thing on either side. No more snaking cables.
- Really, really, really bright display. Yes some people are jamming 4K displays into 15″ screens, but really you won’t see the difference. What is great about this screen is that it is so bright that at 100%, it feels like you are looking into the sun.
- Support for 4K and Thunderbolt 3 is great future proofing. This really opens up what you can do with the monitors and the flip side of the switch to USB C is that you can really use this thing to run multiple monitors and petabyte drive arrays, so the flexibility is awesome. Although I got the model with 1TB of SSD, I’m really thinking that the 512GB SSD with a portable drive for data is better for most people.
- Longer term leaving the hegemony of Apple proprietary chargers and cables. I think this is subtle, but while Apple makes the only decent 89 watt charger today that will change, eventually, you will be able to get USB C power from every power outlet and cables will actually really work. In the mean time, it is pretty cool to be able to buy $80 bricks and know they can charge everything in the future from MacBooks, to phones. It is kind of cool that in a pinch you can trickle charge this with any USB C 15 watt charge. I’ve done this with my Nexus 5X charger and it works.
- The same goes for docking stations, they are just coming out, but the idea that you can one cable that does power, display and everything else is a reality with this move to USB C.
Well these are obvious but I’ll mention them:
- The battery life. Yes, I actually still have to worry about battery life, when I read the reviews, I kind of expected the thing to die in 45 minutes, but it is about the same as the MacBook Pro 2014 at least for me. At least the fan doesn’t go berserk like the MacBook Pro 2010.
- The move to USB C, but fine once you get there. Yes, sigh, this is yet another conversion from cables and it takes quite a bit of research to figure out what you need. Not to mention a zillion label makers to figure out what connectors and the capacity of each cable are.
- The price so wait if you can. This thing is really expensive, but it looks like prices are sliding now, so if you can I would wait to buy one. This fall, you should see a 32GB version which is nice and it is not that much of an upgrade over MacBook 2015 or 2014 that you should run out and switch.
- Touchbar. Well this was the nifty feature that made me really want the thing, but in practice I haven’t found it super useful for everyday typing and browsing, certainly the autocorrect feature is pretty useless, if they do that, it should just appear on the screen. I do think that applications that use it are really the future. FaceTime for instance does a great job.
Since this is probably a computer that you will be using in 2026 (yikes!), it pays to keep it new. There are two reasons, first Apple is more likely to fix the product if it is pristine and second, with the flattening in performance curves, it’s pretty likely that it will still run applications then, so what are the pieces to get:
- Translucent case. You want to show off the space grey (it is really beautiful), fortunately, for about The Mosiso case is absolutely awesome for $30, it fits perfectly and looks great. It also comes with a film protector for the screen. I normally don’t like film, but it looks pretty good and protects the screen.
- Keyboard cover. UPPERCASE makes a really nice one, completely clear and it fits properly. They do include adhesive because the case is so low pitch. But you really want a cover because there is nothing more depressing that yuck on the keyboard or worse yet a Diet Coke spill
- Getting the right cables. This is the biggest way you can torch this thing. I’m testing a bunch, but right now the J5create JUX01 is the best combination charging and data transfer cable. It is 100 watts and 10GBps at 1 meter.
Now that I’m taking so many more pictures with iPhones, I’ve been thinking about how to best move files off. With digital cameras, here is the flow:
- offload the SD or CF card
- use DxO to process them as I find it’s automatic features blow things out less than Adobe Photoshop.
- Add location information with Lightroom and change dates as needed in the EXIF as I sometimes forget to set the date and time correctly when traveling (I do everything in local time)
- then put them into a simple file system (not Lightroom) that makes it easy to access and which is independent of the editing application. It’s work, but protects me from changes in software. These files go into a RAID-6 Synology NAS. I separate the JPGs from the RAWs so that I have an archive and also something that is in common format
- Backup these files onto another Drobo NAS and then into Crashplan so I get four backups
- FTP them to Bluehost running Gallery so there is access to them (although this is super slow so I need to either upgrade Bluehost or switch to a faster photo poster).
- For sharing purposes, use the low resolution iCloud Photo Sharing as it’s simple to add from the iPhone (more on that later) or from a Mac.
However with iPhone’s, this seems a little silly since the devices are naturally connected, so in experimenting with the flow. Also there are many more phones in our family and I’d like to collect the data there:
- Turn on Photo Stream if you only need JPEGs. I normally have left this off, but it allows full resolution backups of anything from the phones which is really a good idea. The main thing that you lose here are all videos and the live photos. Photo Stream only supports regular JPEGs
- Turn on iCloud Photo Library. If you have less than 5GB of photos (e.g. are cheap and do not want to pay Apple more), then this works, it copies all 5GB of photos up to your Mac automatically. The main issue is that you have to be disciplined about how much you store on your phone. In practice, other things are using iCloud storage, so you have to disable iPhone backup (I do anyway since it is pretty easy to recreate configurations) and disable a bunch of the applications that are storing stuff on iCloud, like WhatsApp for instance. The other thing you should do is to sweep through the iCloud Drive on your Mac and see what files are there, I had 1GB of old Keynote presentations.
- Final hint is that you should go to Photos/Preferences and unclick copy into library, you want as little as possible in the iCloud Photo Library so you leave most of the room for the iPhone camera.
From here you pretty much have the standard flow:
- Go to a Mac and use Photos to do selection and quick edits of these photos.
- Then export the photos as unmodified originals usually to the file system
- I have started to take DNGs now that iOS 10 allows that and DxO does not like this, so I use Photoshop to convert from DNG to JPG.
- Now I can delete the photos from Photostream and from the iPhone storage as well. The result is that I can now manage my photos as needed without have to “dock” the iPhone.
- Finally when I use multiple phones, I just access their photostream. This does require that I have the user’s password, but that’s not a huge problem in a family. Then I can use their Photostream to do the same as above.
There is a dizzying array of ways to make your tax payments. And I have to say they are not super discoverable, but here is what I have found from cheapest to most expensive:
- directpay.irs.gov. This requires that you valid by knowing some facts from previous returns and then it will let you put your checking account in and the government gets your money. It takes a day or two to settle so plan ahead.
- eftps.gov. I think this is mainly meant for business, it does the same thing, but requires that you first enroll, you then get actual physical paper with your pin, then you can setup your password and tie it to your bank account. It also let’s you schedule payments for quarterlies if you do that. More hassle I think, but you don’t have to have a copy of your tax returns around.
- https://www.irs.gov/uac/pay-taxes-by-credit-or-debit-card. Then there are third parties, if your bill isn’t large, you can use a debit card for about $2 a transaction. Or if you are a points lover and your points are worth more than 1.6%, you can use an actual credit card. This is not a bad way to hit things out of the park or at least meet spending requirements. There are lots of providers, but I’ve used Pay1040.com and PayUSAtax.com successfully.
Ok in consumer electronics, here are the next recommendations:
- TVs as Computer monitors. Do not get one, instead, get a low-end TV. At 43 inches, this will let you really develop software well assuming you have the room on your desk and believe me you will want to. The Samsung 6300 line for instance is $500 for 43″.
- 4K HDR Televisions. The world of quantum dots and 4K HDR are here, the picture has never been brighter and televisions cheaper. The sweet spot are 65 inch television which you can get for $1K. We aren’t moving up in resolution for a long time. For folks with a little more dough, heading to HDR makes sense. The new Sony’s look amazing.
- 4K content. This has also matured. Windows 10 supports DRM on 4K, so you can watch your Netflix, but the best choice right now is the nVidia Shield. With the latest software update, you can watch 4K HDR from Amazon, Netflix and Youtube. Note that all Shields are getting a software update to do this and you should get the $200 one because they have two USB connections for adding storage.
I got two adapters that convert USB C to a SATA interface, you can bus power a SSD, so this is not a bad test. I then ran Black Magic Speed Test and found to my surprise that one of the cables is 20-30% faster than the other. I used two SSDs, a Toshiba OCZ TR150 1TB and a Samsung 850 EVO 1TB and as expected the 850 EVO was slightly faster.
- Sabrent 2.5″ SATA Hard Drive/SSD to USB Type-C Adapter EC-HDSS. This cable’s main drawback is that it is long (about 0.5meters long), but it has an LED to tell you it is operating and both of these drives averages 510MBps read and 480MBps write on this interface. It also says it supports UASP so should be good for small reads and writes. At $17, it is hard to lose
- Cable Matters USB C to SATA. I don’t have the exact part number for this, but it’s main advantage is that it has a much shorter cable, probably about 0.25 meters. However is is slower for both these drivers running at 400MBps read and 380MBps for the Evo and 360MBps read and write for the OCZ. Not sure that makes a huge difference, but I use these for big backups, so it does save time. One reviewer by the way says it’s not compatible with the MacBook Pro late 2016, I haven’t found this to be a problem at least on my 15″ MBP.
- Startech USB 3.1 Adapter Cable for SATA with USB C. I also have ordered this but haven’t tested it yet.
I’ve been using Google Slides quite a bit lately and I’ll be on to Office365 next, but here are some power user tips:
- The themes are really powerful, but you can many themes with the same name. There is an invisible GUID for themes, so when you are confused about formatting turn on the themes and then click on the “In this Presentation” button, you will probably see many themes of the same name. If you delete all but one, then things will be sane again.
- Deleting lists. Lists in this product are really strange. You can add them with the GUI, but there appears to be no way to get rid of lists. In a slide, you can use a keyboard shortcut, CMD-SHIFT-7 but this does not work in a theme. Very strange.
- Images are really easy. You just go and give it any link, but the tricky thing is you can actually crop images to shapes. Just click on the crop icon on the right and you will see you can crop to any shape. It is not in the format images menu though so hard to find.
Well they now allow unlimited photos with an Amazon Prime account and you can share your high resolution photos with up to five family members. It does sound like the ideal backup strategy. But here are the problems:
- Live Photos. They still have a 5GB limit for videos and other storage, unless you pay $59 a year. The problem is that I have mixed my videos and photos all together and live photos have a video component, so you pretty quickly get hit that limit.
- They rename the photos! OK, this matters mainly to me because the actual names of the photos have meta data for me. That is, they will often have the name of the camera and also once the photos get renamed, you cannot just download them and use it as a straight backup, you either pickup Amazon’s scheme or not.
Anyway, continuing to look for a good photos sharing solution. As I said before iCloud Photo sharing isn’t bad but limits the photos to 4Mp. Amazon doesn’t but renames files. Still looking for something that is relatively free!