Monthly Archives: June 2012

You have Facebook Mail – even if you don’t want it. 0

Congratulations. Even if you never asked for it – even if you didn’t want it – you now have an @Facebook.com email address. Oh, and it’s your default.

Not learning from previous firestorms over opt-in versus opt-out policies, Facebook has decided that you really want all email to go to [email protected] in all circumstances, so they’ve made the change for you. To be clear, this is indeed a safety and security issue, and Facebook’s idea is very good, but their implementation is horrifically flawed and getting people pretty steamed up.

What happened is that Facebook as changed your default email address attached to your profile to [email protected] This means that if anyone uses Facebook to find and use your email – something many business users want to happen – they will not get your real e-mail address, but rather a facebook.com pass-through address. You’ll get your mail, but the person sending it won’t get the correct e-mail address.

Problematic on many levels, the biggest issue here is that Facebook didn’t tell anyone or ask permission. They simply made the change for all Facebook users. So if you wanted visitors and friends to see and use your real email address, that won’t happen. For many users, this is a very good thing, as it promotes privacy and stops web crawlers from harvesting your address for spam. For business users who *want* to have customers reach out to them, this is a big problem. For example, even though not public on Facebook, I have a special email address that I use for site/blog visitors to contact me. I want people to use that email address (which you can find in the sidebar of this blog) and specifically *not* to use any other one they may have seen or heard.

Luckily, you can turn this new “feature” off pretty easily. Simply log into Facebook, and click the small down arrow in the upper-right corner near the word Home.

FBSettings

Then click on Account Settings, and then click “Edit” in the section for your email addresses. Make your preferred address the default, and then either ignore or delete the new @facebook.com email address you find there.

I do applaud Facebook for taking the initiative to offer more anonymity and security for their users. I also will take them to task for yet again not making the default for a new setting “off” instead of forcing it on every user across the board. Much like any other mandatory Facebook “feature upgrade” they have missed the mark, and caused more users to avoid or overcome this feature instead of using it where it is a best fit.

Maybe next time…

What’s with all the vendors ditching the App Store? 0

Many readers have noticed that software tools they’ve downloaded from the Mac App Store are alerting them that they will not be able to continue receiving updates via the App Store, but instead must switch to the non-App-Store version of the same software package. This has caused quite a bit of confusion, and has lead to two major questions:

1 – Why the switch?

2 – What happens if I don’t switch?

Let’s take them in turn:

1 Why the Switch?

Apple will be introducing several new technologies in the next generation of the App Store, currently scheduled to ship with Mountain Lion later this year, but the changes will also apply to Lion (the current version of OS X). Among these changes is a set of security technologies called sandboxing, which have actually been around for quite a while (See this Wikipedia article for the basics). The short story is that sandboxing will change the way apps may interact with OS X in general, and may block some critical functionality of apps you download and run. For the most part, the apps could be re-written to accept sandboxing, but that’s a process that would require a lot of development in some cases, and the vendors are unwilling or unable to make those changes. So, they will not be permitted to be purchased and downloaded via the App Store any longer.

The second reason many apps are now leaving the App Store is paid upgrades. For software on many platforms (Windows, Linux, OS X, etc.) the standard for upgrades is typically free upgrades within the same major version you purchase, and then a discounted but paid upgrade to get to the next major version. So going from version 4.1 to 4.3 would be free, but going from 4.3 to 5.0 would cost money. The Mac App Store has no method to permit previous version owners to buy the software at a lower price. If you build a new version, and don’t give it away as a free update, the App Store can only charge one set price to everyone. This means that vendors either have to give away major releases to current owners, or else charge everyone – including recent purchasers of the previous version – the full retail price.

Vendors would prefer to offer a discount to current owners, and even to give the new version away free to very recent purchasers, and only have new buyers pay the full retail price. That’s great for both vendors and end-users, but not possible at all in the App Store, so vendors are moving back to the more traditional methods for selling their software.

2 – What if I don’t switch?

You could, of course, follow your vendor’s instructions and use the version they make available to replace the one you have installed already. I’ve personally done that for about six apps so far, and they’ve worked quite well. But some vendors are not offering instructions, and others won’t allow you to “swap out” the App Store version for the commercial version. So what happens if you don’t switch?

First, a lot of this depends on your vendor. They will decide how much of the following applies to you. Be sure to reach out to them via their email/web contact information to find out how to proceed.

If you choose to stay on the App Store version of the app, Apple will allow vendors to continue making updates to the current version of that app only. This means that you can get critical patches, but you cannot ever upgrade via the App Store once the sandboxing comes into play. So if you choose to not switch to the commercial version, you’re stuck on the version you have now forever.

Note that this also means that – at some point – vendors may drop support for the App Store version completely. They’re under no obligation to continue supporting older versions after a period of time determined by Apple. The industry standard is about 2 versions ahead of the currently available version, but your mileage may vary.

As I’ve seen myself, vendors who are moving away from the App Store are working very hard to make the move as seamless as they can. For most of the apps I’ve upgraded to commercial versions there was no charge, and all I had to do was run the App Store version once, then launch the new version and the license transferred over. In one case, the vendor made the move with a new major release, and charged me a fraction of the cost of the full software like they would do for any customer who was buying a major upgrade from them.

So there you have it. You can choose to stay with the App Store version of a software product, but risk losing out on new features and non-critical updates. You may be able to move to the commercial version of the product, but it will require some steps on your part to make sure you do so correctly (as per the vendor in question). Either way, many apps will continue to be in the Mac App Store, so you might be lucky enough to not have to worry about it. Chances are, though, that at least one app you know and love will make the switch, so be ready.

What’s with all the vendors ditching the App Store? 0

Many readers have noticed that software tools they’ve downloaded from the Mac App Store are alerting them that they will not be able to continue receiving updates via the App Store, but instead must switch to the non-App-Store version of the same software package. This has caused quite a bit of confusion, and has lead to two major questions:

1 – Why the switch?

2 – What happens if I don’t switch?

Let’s take them in turn:

1 Why the Switch?

Apple will be introducing several new technologies in the next generation of the App Store, currently scheduled to ship with Mountain Lion later this year, but the changes will also apply to Lion (the current version of OS X). Among these changes is a set of security technologies called sandboxing, which have actually been around for quite a while (See this Wikipedia article for the basics). The short story is that sandboxing will change the way apps may interact with OS X in general, and may block some critical functionality of apps you download and run. For the most part, the apps could be re-written to accept sandboxing, but that’s a process that would require a lot of development in some cases, and the vendors are unwilling or unable to make those changes. So, they will not be permitted to be purchased and downloaded via the App Store any longer.

The second reason many apps are now leaving the App Store is paid upgrades. For software on many platforms (Windows, Linux, OS X, etc.) the standard for upgrades is typically free upgrades within the same major version you purchase, and then a discounted but paid upgrade to get to the next major version. So going from version 4.1 to 4.3 would be free, but going from 4.3 to 5.0 would cost money. The Mac App Store has no method to permit previous version owners to buy the software at a lower price. If you build a new version, and don’t give it away as a free update, the App Store can only charge one set price to everyone. This means that vendors either have to give away major releases to current owners, or else charge everyone – including recent purchasers of the previous version – the full retail price.

Vendors would prefer to offer a discount to current owners, and even to give the new version away free to very recent purchasers, and only have new buyers pay the full retail price. That’s great for both vendors and end-users, but not possible at all in the App Store, so vendors are moving back to the more traditional methods for selling their software.

2 – What if I don’t switch?

You could, of course, follow your vendor’s instructions and use the version they make available to replace the one you have installed already. I’ve personally done that for about six apps so far, and they’ve worked quite well. But some vendors are not offering instructions, and others won’t allow you to “swap out” the App Store version for the commercial version. So what happens if you don’t switch?

First, a lot of this depends on your vendor. They will decide how much of the following applies to you. Be sure to reach out to them via their email/web contact information to find out how to proceed.

If you choose to stay on the App Store version of the app, Apple will allow vendors to continue making updates to the current version of that app only. This means that you can get critical patches, but you cannot ever upgrade via the App Store once the sandboxing comes into play. So if you choose to not switch to the commercial version, you’re stuck on the version you have now forever.

Note that this also means that – at some point – vendors may drop support for the App Store version completely. They’re under no obligation to continue supporting older versions after a period of time determined by Apple. The industry standard is about 2 versions ahead of the currently available version, but your mileage may vary.

As I’ve seen myself, vendors who are moving away from the App Store are working very hard to make the move as seamless as they can. For most of the apps I’ve upgraded to commercial versions there was no charge, and all I had to do was run the App Store version once, then launch the new version and the license transferred over. In one case, the vendor made the move with a new major release, and charged me a fraction of the cost of the full software like they would do for any customer who was buying a major upgrade from them.

So there you have it. You can choose to stay with the App Store version of a software product, but risk losing out on new features and non-critical updates. You may be able to move to the commercial version of the product, but it will require some steps on your part to make sure you do so correctly (as per the vendor in question). Either way, many apps will continue to be in the Mac App Store, so you might be lucky enough to not have to worry about it. Chances are, though, that at least one app you know and love will make the switch, so be ready.

Trying out a wireless keyboard for iPad 0

Recently – as many of you know – I was on a flight to Orlando to participate in the Microsoft TechEd North America trade show/event on behalf of my employer. I travel a good deal on business, but mostly throughout the Northeast US, and so generally I prefer the train. Plenty of room and sufficient power outlets that using my MacBook isn’t an issue.

Of course, on an airplane, you get neither of those. I was on one of those mid-sized jets with only two rows of seats per side of the isle, so this was even more cramped than usual. I found myself in a standard aisle seat,near the front of the plane. With very little room to move, much less type, even the MacBook Air I had with me just wasn’t an option. This was especially true when the flyer in front of me decided he wanted to see just how far he could make his seat recline into my face.

Luckily, this trip, I had both my iPad and a bluetooth keyboard to work with. In my case it was a Joy KT-1063, but from what I hear around the web there are many others that work equally well. As long as they’re full-sized and made out of something sturdy, I think you’ll have the same experience.

Working with the iPad and keyboard that is non-attached (non-integrated into the cover) gave me a level of flexibility that I wouldn’t get with an attached model or a laptop. When we started out, I could push the iPad back to a stable viewing angle and keep the keyboard at a comfortable distance. When Mr. I-Want-To-Sleep put his seat back, I had to shift things around a bit, but the combination approach was much more useable than trying to wrangle an attached keyboard into a useable position.

Since I tend to prefer to write in a rich text editor, with very few bells and whistles, interaction with the screen is minimized, just a quick tap here and there to correct a typo. Also, since I prefer to navigate around text with arrow keys, the tap and hold system on the iPad always drove me nuts. Mind you, the approach is not without faults. Cheaper keyboards/keypads tend to not recognize keystrokes very well when you type quickly. Even this one (about US$70) would occasionally do the opposite and double-type some letters or spaces. Overall though, it performed admirably.

So, if you’re traveling a lot, especially on planes with limited room, the combination of the iPad with a bluetooth keyboard that moves independently of the case/device might be a great option. I certainly found the experience more than functional for use in crowded spots than a laptop or case-attached iPad keyboard.

Yeah, I’m back on Facebook 0

Well now, that didn’t last long.

After totally removing my Facebook presence not that long ago. I began to realize that I did, indeed, need a Facebook account.

Here’s why I made the decision to come back:

– Everything requires it these days. So many different sites use Facebook as their main signin/login methodology, not having a FB account made it very difficult to use a ton of services on the web.

– People couldn’t find me. Believe it or not, there are many folks who use FB as a way to find people they’re trying to get in touch with. That may be searching for my blogs, or just trying to reach out to me about various topics. And so, it’s become like having a listing in the old-school phone book.

But, I’m doing things differently this time:

– You’ll see there is almost no information about me on FB. I’ve purposely kept my profile clear of anything but the most public information about me, and I won’t post anything there that isn’t set up for the whole world to see anyway.

– I rarely do anything there. My Tweets do get posted there, and blogs will shortly show up there, but that’s it. No more games, updates, location check-ins, or anything else that isn’t just a cross-post. I *may* make a comment or two, if I’m feeling really moved to do so.

So, I’m just using FB as a digital phone book and a single-sign-on for various sites around the web. It’s a good compromise for a necessary evil like FB, even if I still do hate the company. I’ll give them the absolute bare minimum required to “pay” for their service, and that’s all.

Not for gaming. 0

Nogames

While OS X – and Macs in general – are great for most users, there is a segment of the digital marketplace that are not served well by the Apple platform on the desktop. That would be mid- to hardcore-gamers.

Macs excel at work and at play for most people. They have apps (either included, Apple or 3rd-Party) for email, calendars, contacts, web browsing, music and video, graphics/photo editing, business management, and just about everything else. They also have a fair number of games that run great on them, but they’re just not gaming machines. Here’s two reasons why:

1 – Game Studio Support. This is the biggest issue. While powerhouses like Blizzard (World of Warcraft, etc.) have adopted the Mac platform wholeheartedly, others like Sony and (no shock here) Microsoft Studios have not. The same goes for a variety of other development studios, making finding games for the Mac a rough ride. Even though there are lots of big-name games for the Mac, many are well behind their PC counterparts. BioShock is a great example, as the Mac version came out years after the PC version. There are some straightforward technical reasons for this (the games typically have to be rebuilt for different key combinations, OS code, etc.) but there’s also the fact that there are a lot fewer Macs in the hands of hardcore gamers to begin with. Studios write for their customer base – and I can’t blame them there.

2 – Hardware configuration. Talk to any gamer and they’ll tell you all about the mods they’ve made to their PC. They’ve added new video cards (often several of them at once). They’ve added over-clocked processors and liquid cooling systems. Basically, they re-arrange the guts of the machine on a regular basis. With Macs, that’s just not easy to do. You certainly could modify an iMac, but not without specialized tool kits and very limited modification options. You definitely can do it with a Mac Pro, but again there are limits to what additional hardware you can add. As for MacBooks, the choices are slimmer, and Airs are right out as everything is soldered to the mainboard. So modifications that are a normal part of the gaming culture just aren’t practical (either physically or financially) on the OS X platform.

There are other reasons, but those are the top two – it costs more to build independent Mac versions of games, and it costs more (and may not be feasible) to mod the hardware to the extremes that hardcore gamers want.

So, what can you do? Well, games do exist for the Mac – quite a lot actually. They’re not the latest and greatest, or they’re not the power-hungry-est games out there, but there are a lot to choose from. Alternately, you can run a Boot Camp partition with Windows and use most of the games on the market for the PC world – albeit at typically lower graphics settings for most of the latest games. Since Boot Camp runs Windows wonderfully, and since modern Mac hardware is pretty high-powered anyway, this may be your best bet.

But, alas, if you’re looking to play hardcore games; the Mac may not be the best platform for you.

Photo Credit: Rob Gallop

So LinkedIn got hacked, now what do you do? 0

LinkedInPen

Into each life, a little hacking must fall – it’s become a universal law of the Internet as of late.

As many now know, LinkedIn seems to have allowed about 6.5 million usernames and passwords slip, and they’re now becoming open information. That’s bad, but not the end of the world, and there are steps you can take to protect yourself.

First, here’s what appears to have happened. Somehow, a database of usernames (which for LinkedIn are email addresses) and passwords got into the wild. This was either an accidental breach or a direct theft, time will tell. While the passwords were obscured by a hashing technique, the tech used was notoriously easy to crack, and the bad guys have already begun doing so. Several hundred thousand have already been cracked, meaning that over time the rest will mostly become public.

It’s possible your username and password were discovered, but frankly I would advise against trying to find out or waiting to know for sure. If you have an account on LinkedIn, here is what you should do right now:

– Don’t panic. This was a great piece of advice for Arthur Dent in The Hitchhiker’s Guide to the Galaxy, and it applies just as well here. Yes, your account information may have been stolen from LinkedIn, but if you act quickly and sanely, you can ensure that the breach does not impact the rest of your online life.

– Change your LinkedIn password. Doing so is fast, easy and will fix the problem even if your password was not among those compromised. Open a web browser and go to the LinkedIn home page and log in. Then, in the upper-right corner of the page, click on your name and then on Settings from the mini-menu that drops down. Halfway down the settings page, look for “Account Settings” and click on it. Then click “Change your password,” put in your old and new passwords and you’re done.

– Change your password on any other site that you have used that same password and your email address to log in with. Since the data thieves can now get access to that username/password combination, they’ll try to use it on a wealth of other sites to see if they can get into your accounts across the web. So if you used that same email/password combo elsewhere, you should consider any site with that info to be compromised and change your info there as well.

Now, what to do about this for the future:

– DO NOT click on any link in any email saying that your LinkedIn account has been compromised and asking you to log in to change your password. The official emails LinkedIn will send out will *not* have links in them, they will ask you to manually go to the LinkedIn site and change your password there. There are already reports of phishing emails that are trying to use the fear of this breach to get non-compromised people to give up their login info, so be extra careful.

– Use unique passwords for sites. This gets difficult fast, so use a password manager like 1Password (or many others) that can auto-generate custom passwords and track them for you. This way, you remember the master password (which never leaves your desktop/laptop/phone) and the system handles filling in the unique passwords on the sites.

– Demand that social networks (and any other sites) use stronger security. These LinkedIn accounts were exposed because the data that was stolen was protected using a very weak form of hashing technology. LinkedIn could have used a stronger method, which wouldn’t have stopped the theft, but would have made it much more difficult for the thieves to use the data for anything.

Granted, a dedicated thief with time, equipment, and knowledge could eventually crack any set of data. However, if the thieves would have had to spend months un-encoding the passwords in order to use them, they may have decided it wasn’t worth the time and effort. It’s not a cure, but it is a preventative measure that could have, and should have, been put in place.

Once more, don’t panic. Take a minute or two today and change your passwords. Make sure you’re not using that same email/password combo elsewhere. Never click in links in email (go to the site manually via your browser instead). This advice works equally well for any website where you have user account info, and can keep you from losing your mind when breaches inevitably happen across the web.

Photo Credit: TheSeafarer