The Disintegration of Google Photos and the Broken Google Backup and Sync App

We rely on Google for a lot of things every day which we take for granted, from search, to email, YouTube, online document collaboration and sharing, blogs, custom cloud applications, voice services, apps, domain names, photo management, file backup and syncing, and the list goes on. It is regarding those last two that this post will address. I want to be positive and hopeful about the future of Google Photos/Backup and Sync/Google Drive, but after using these services to backup my family photo library for over a decade, I'm recently starting to have real concerns about the reliability of the service.

T-Mobile's Scam Caller Protections

T-Mobile has enabled new scam protection features to help protect its subscribers from scam calls. The Scam ID feature (#664#) notifies you whenever a caller dials you and is suspected to be a scammer.

If you want more aggressive protection, you can enable Scam Block (#662#), which automatically blocks suspected scammers. There is a chance that Scam Block might block legitimate calls, but it might be worth it if you get tons of scam calls. If a number is misidentified, customers can visit https://www.t-mobile.com/callreporting to submit a request to T-Mobile.

To turn Scam Block off, dial #OFB# (#632#). To check whether Scam Block is on or off, customers can dial #STS# (#787#).

People Making Money by Selling Walmart Inventory on Amazon

Most people assume that Amazon typically has the most competitive prices when ordering household products online. We recently ordered two laundry baskets from Amazon. We were perplexed when two boxes arrived at our home from Walmart. The enclosed shipping form showed that the items were ordered by a person with an unrecognizable name, but shipped to our address. We looked up the item on both Walmart.com and Amazon, and discovered that the item was identical (same product number and product image). The price we paid on Amazon was a few bucks more than the price of the item on Walmart.com.

I suspect that this is a new way for people to make a few extra bucks by upselling products from Walmart.com on Amazon. I can't imagine it would be a very profitable business, unless there is a script or bot that automates the whole order process, and with high volumes, they could potentially make a good amount of money. I wonder if this is in line with both Amazon and Walmart's terms of service.

This has probably been happening for a long time, but it was the first time we have noticed it. It makes me think we need to check Walmart.com or other resellers when ordering items from Amazon to make sure we're getting the best price.

Make Sure Google Isn't Indexing Your External Hard Drive

There's a great article on CSO that highlights the danger of misconfigured "personal cloud" services, such as hard drives or routers that enable you to backup your documents, and access them anywhere remotely. Take a look at examples of personal documents that were out there on Google, in the public domain, free for the taking, all because someone inadvertently made their files available remotely without fully understanding the impact.

The article states:

The files were easily located on Google, using standard search operators.

allinurl:ftp:// XXXX filetype:txt | xls | doc | docx | jpg | jpeg | pdf

You can replace XXXX to match any host name you choose, such as:

• comcast.net
• bhn.net
• mchsi.com
• optonline.net
• cox.net
• rr.com
• verizon.net

The bottom line: ensure that you don't inadvertently or knowingly enable public FTP access to your "personal cloud", and never store sensitive account or other information in an unencrypted document or text file.

What happens to your accounts after you die? Designate a "digital heir" for your accounts

What happens to your accounts after you pass away? When I pass away, I will hopefully have sufficient local backups of meaningful content, such as any notes, journal entries, works that I have created, or our treasured family photo library. But, there would still be a good portion of family history and valuable content in my email, and social networking accounts. And, what if something happened to the local backups? It is important to make preparations for family members to gain access to any content that may still be available in your online accounts after you pass away. Here are some options with a few sites where you can designate someone to have access to your data after you pass away:

• Google Inactive Account Manager: Share data with trusted friends or family members after a certain inactivity period, or delete your data altogether.
  
  Google states, "...You can choose to have your data deleted—after three, six, nine or 12 months of inactivity. Or you can select trusted contacts to receive data from some or all of the following services: +1s; Blogger; Contacts and Circles; Drive; Gmail; Google+ Profiles, Pages and Streams; Picasa Web Albums; Google Voice and YouTube. Before our systems take any action, we’ll first warn you by sending a text message to your cellphone and email to the secondary address you’ve provided."
• Facebook Legacy Contact: Facebook allows users to designate a contact that has permission to download a copy of everything you shared on Facebook, write a pinned post, respond to new friend requests, update profile picture and cover photo after your account is memorialized. A friend or family member can submit a request to Facebook to have your account memorialized after you pass away.
• Microsoft Next-of-kin Process: Once a request is received, Microsoft can provide a copy of all of the email, attachments, address book, and contacts list on a DVD.
• Yahoo: As of the publication date of this article, Yahoo does not provide the option to recover the contents of your Yahoo accounts if you pass away. A family member can, however request that the Yahoo account be closed and all subscriptions and billing associated with your account terminated after you die.
• Twitter: Twitter has a process that will allow a family member to request that your account be deactivated after you pass away.

There is still much progress to be made in this area, and I'm sure that "digital estate planning" will continue to evolve over the next few years as more companies provide users with options for controlling the access to your digital accounts after you pass away. In the meantime, don't forget to make local backups.

Gmail Setting to Enhance Privacy and Eliminate Spam from Google+

Google released a new Gmail feature that allows people from Google+ to send you an email. What could possibly be wrong with this? For those who want to opt-out of this feature, simply login to Gmail, click Settings (the gear icon), and find the setting called "Email via Google+," and change it to "No one":

Purchased movies in the cloud pulled due to licensing agreements

When was the last time you purchased a movie? What format was it in? DVD, Blu-ray, iTunes, Vudu, Amazon, Google Play? It is very likely that you used some sort of cloud-based video service such as Amazon's Instant Video service, Vudu, or UltraViolet. These formats are becoming more and more common as our devices are more connected, and the old, physical media model is going away. Having your entire movie collection in an online library, accessible from any connected device sounds awesome, right?

But, what happens when a movie you buy is pulled by the content provider and you are not able to watch it? I know, I know, first world problem. But, that's what's happened to consumers of Amazon's Instant Video service, who purchased Christmas videos. Disney, the owner of the content, has a license restriction with Amazon that allows them to pull the content whenever they want. In this case, Disney wanted certain Christmas videos only available for viewing on their TV channel, and not through any other means. So those Christmas videos customers purchased? Well, they won't be available for viewing again in their video libraries until July 2014. Something to be aware of the next time you purchase a movie.

UPDATE 12/17/13: Amazon said that this was apparently a glitch and has apologized. Although they still retain control to enable/disable purchased items in your online video library.

Obamacare is a Lie

I'm really trying to be positive and look for the good that will come from the Affordable Care Act. Everyone has a story about how they've been devastated by exorbitant medical care costs and increasing health insurance premiums. I think everyone would welcome some change in this area.

President Obama said recently, "The bottom line is we are making the insurance market better for everyone."

I don't know about everybody else's bottom line, but in 2014, I am losing my existing health insurance plan and being forced into a high-deductible plan with higher premiums, and less choices. My employer admits that the changes are being driven by new federal regulations and states that the new plan will give us all "a way to get smarter about using health care and be more thoughtful about managing costs." That's a nice way of saying, "You're going to pay more." So much for keeping that health care plan.

Our family's out-of-pocket health care expenses rose 40% from 2012 to 2013 (as of August 2013), and we still anticipate more health care expenses this year, which will make that percent increase even higher. In 2014, our family deductible (in-network) will increase by 67%, and our family out-of-pocket maximum (in-network) will increase by 80% compared to 2013 amounts.

I know this is a "first world problem," and that I really need to just be grateful for what I have. Maybe I need to shop around and just buy my own health insurance plan rather than take the one offered to me by my employer. If only there were a web site where I could access a central marketplace of offerings. There are a lot of promises being made about how the ACA will make things better for everyone. Let us be wise and consider the impact these changes are really having on us. Trust the math.

The erosion of trust in our society

Bruce Schneier wrote an excellent piece about how the recently revealed, secret government surveillance programs have eroded the trust that is so critical to a healthy, functioning society.

Both government agencies and corporations have cloaked themselves in so much secrecy that it's impossible to verify anything they say; revelation after revelation demonstrates that they've been lying to us regularly and tell the truth only when there's no alternative.

Secret courts making secret rulings on secret laws, and companies flagrantly lying to consumers about the insecurity of their products and services, undermine the very foundations of our society. -Bruce Schneier

Hopefully, trust in our government and corporations can be rebuilt over time. But as long as they keep playing word games and intentionally deceiving the people while secretly redefining the laws of the land, it will only erode further.

Apple's WWDC 2013: What you need to know

Check out AppStorm's awesome summary of the important stuff announced at this year's Apple World Wide Developer's Conference.

Good deal: 16GB USB 2.0 Flash Drive $5.99 Shipped

Best Buy has a 16GB USB 2.0 flash drive for $5.99 with free shipping.

MacBook Pro 13" (latest version) $962.54 on Amazon [u]

Amazon has the latest MacBook Pro 13" with a 2.5GHz Intel Core i5 processor (Ivy Bridge), 4GB RAM, and a 500GB HD for $1,034 $962.54. It's not the MacBook Pro with Retina display, nor the slimmer MacBook Air (neither of which are upgradeable), but I'm seriously considering jumping on this. I think that down the road I would upgrade the RAM to at least 8GB and throw a 256GB SSD SATA 3 drive in it. What do you think, folks?

Here are the specs:

Screen Size	13.3 inches
Max Screen Resolution	1280x800 pixels
Processor	2.5 GHz Intel Core i5
RAM	4 GB DDR3
Hard Drive	500 GB
Graphics Coprocessor	Intel HD Graphics 4000

Update: Best Buy is also offering the same $1,034 deal. While Amazon's price dropped from $1,034 to $962.54.

Update (11/23/12, 4:23 pm): The price on Amazon dipped to $962.54 briefly, then jumped back up to $1,034. Amazon's prices tend to fluctuate. Utilize CamelCamelCamel to set price alerts for a pre-determined price for a product on Amazon.

Sweet deal: OCZ 256GB SSD $130

Here's a sweet deal for an OCZ Agility 4 256GB internal solid state drive (SSD), SATA III, 6 Gbit/sec, 2.5" for $130 after rebate from TigerDirect. Breathe new life into that aging laptop for not very much money!

iPhone 5 screen distortion

I noticed something strange with my iPhone 5. When I apply light pressure to the screen, the image on the bottom left distorts. Anyone else seeing this? Might be time for a trip to the Genius Bar.

Glitchy/Crazy iPhone 5 Keyboard

My friend and his wife have this strange issue with their iPhone 5 (Sprint) keyboard. Whenever it prompts him to enter his password for iTunes or for the App Store, the keyboard looks glitchy and strange as shown in the video here:



My wife and I haven't seen this issue on our iPhone 5's yet. Apparently, this guy had the same problem on his Sprint iPhone 5, and someone at the genius bar told him to reinstall iOS 6, which apparently fixed the problem. I wonder if it's isolated to Sprint.

Look up actual MPG for your car

I ran across a helpful tool that collects actual fuel efficiency ratings for cars in the US at FuelEconomy.gov. The data comes from actual vehicle owners, and is a nice way of seeing how the car's stated fuel efficiency compares to real-world fuel efficiency. (via MakeUseOf)

LastPass Wallet

If you were to lose your wallet, would you know your credit card numbers, and the customer service numbers to call in case you had to cancel your cards? What about other important information in your wallet? LastPass Wallet is a cryptographically secure solution on iPhone, iPod Touch, and iPad for saving and syncing important data should you become separated from your wallet. I've long been a fan of the multi-platform password management tool, LastPass. According to the LastPass,"Wallet stores the data you carry in your physical wallet on your iOS device, so you can securely backup your most valuable personal information to LastPass."


Wallet adds the ability to attach text, pictures, and audio recordings (secure voice recording available within the app--great for creating a quick memo), to your notes. All data will be synced with LastPass in your browser and mobile apps, but attachments are currently only available in Wallet. A quick test drive of the app shows that it is beautifully polished, snappy, and a delight to use.

As with anything LastPass does, security is never an afterthought. "Wallet offers security settings to restrict access to stored data. 'Logout on close' ensures that the active session is killed when the app is closed, while a pin code prompt can be used to re-authenticate when multitasking between Wallet and other apps." An Android version of LastPass Wallet is reportedly in the works as well. (Source: LastPass)

Disinfecting a Windows machine

I recently received a spam email from a family member with an unfamiliar, suspicious link. This prompted me to reach out to try to help clean up their computer. I recommended changing the email password from a clean, uninfected machine, but after a few attempts at that, the spam email continued. My next conclusion was that there must still be some malware on the machine. Following are some steps that I provided which may be useful to others who are trying to disinfect a Windows computer from a virus, rootkit, or other malware:

1. Go to Add/Remove programs and uninstall any "extraneous debris," or any software that you simply don't need. Additional software only increases the attack vector for hackers seeking to leverage known vulnerabilities in software.
2. Download the Windows Defender Offline tool and create a bootable CD or USB drive from a clean, uninfected computer. You will boot to this tool on the infected machine, which will run before Windows ever loads. What happens is that the malware is so sophisticated that it is able to hide itself from the antivirus scanners using what are called rootkits. The Windows Defender Offline tool should overcome that by booting first and rooting out the problem.
3. Consider running an additional offline scan using the Kaspersky Rescue Disk. Remember to create a bootable USB or CD from an uninfected computer. Follow the instructions to run an offline scan (meaning that you boot to the rescue disk before Windows loads).
4. If the above two steps are able to uncover any malware and clean it, then boot the machine as you would normally, and launch the Secunia Personal Software Inspector (online). This requires Java, which I normally recommend uninstalling unless you specifically need it for something, since many of the exploits in recent weeks have leveraged an un-patched flaw in the Java run-time environment. This will scan your computer for any vulnerable or outdated software. Apply the updates as recommended, and ensure that Windows Update is configured to automatically download and install any new updates from Microsoft. You should even launch Windows Update to make sure that there aren't any pending security patches.
5. If steps 2 and 3 fail to find any malware, consider backing up all of your important files to an external USB drive, then reformatting the computer with your system restore disk (Windows install disk). Sometimes, rather than spend hours and days trying to weed out malware, it is better to start with a clean slate. When you re-install Windows, make sure to load Microsoft Security Essentials before doing anything else.
6. Going forward, make sure to not click on any unfamiliar links in email or open any email attachments, unless it is something you are expecting--even then, open with extreme caution. Be careful about what software you install--is it something you really need, or are you just installing it for fun? Make sure to run files you download through VirusTotal, which scans the file using a large database of antivirus programs.

Netflix thinks B-horror movie is "just for kids"

This morning my 2 year old was happily watching Yo Gabba Gabba on Netflix using the "Just for Kids" interface on the Wii. The video stream had been periodically pausing and buffering. I went downstairs to change the laundry over (I was literally away for about 3-4 minutes) and when I came back upstairs, my son had grabbed the Wii Remote, and was clicking around, likely trying to fix the paused video stream (he's a good troubleshooter). Surprisingly, he was no longer watching Yo Gabba Gabba, but instead a 1960's B-Horror movie called Doctor Blood's Coffin was in the process of loading up. Luckily, I got there in time and changed it back. I was surprised that Netflix would even make horror movies available via the "Just for Kids" interface on the Wii. What likely happened is that he somehow got into the non-kid-friendly Netflix interface and just randomly clicked on a title. "I can't leave you kids alone for 3 minutes!"

Malicious poisoned redirects in Google search results

This morning I did a Google search for "free psd web button". I clicked on the third result which links to http://www.sharkwebstyle.com/2011/07/80-prefect-free-photoshop-web-buttons-psd/.

However, upon clicking on this third result, I was automatically taken to Russian site http://uaroyalys.ru/industry/index.php, which is clearly not the correct location, and is apparently an attempt to redirect me to some sort of malicious site (I don't recommend you try to visit this site). Thankfully, I had ScriptNo for Chrome and NoScript for Firefox so, the site didn't do anything, and thankfully it wasn't able to reach its dirty tentacles into my machine (I hope).

I originally discovered the malicious redirect on a Windows machine, and I immediately assumed that the machine must somehow be infected. I switched over to a Mac machine and discovered the same malady, suggesting that the malicious redirect originates on the server side and not on my side.

What's unclear is if this is the fault of the target (SharkWebstyle perhaps infected with a XSS attack), or poisoned Google search results. What's frustrating is that most unsuspecting users are doing these types of web searches all the time and clicking on tons of links. Most are using Internet Explorer or another browser with scripting (JavaScript) fully enabled. Since most infections are launched via some sort of scripting on web sites, it is recommended to use an add-on (such as ScriptNo for Chrome or NoScript for Firefox) that only allows scripting in your web browser for sites that you explicitly allow. It makes me sick to my stomach to think of a friend or family member getting infected with some type of malware served up by Google's own search results. Be safe, folks!

UPDATE (2/15/12): It appears that this was most likely the result of a compromised instance of WordPress (most likely through a maliciously modified .htaccess file). Older versions of WordPress can be susceptible to attacks. If you self-host your WordPress site, you need to make sure you update to the latest version, change passwords for your web host account, FTP, and MySQL database. Check this link if you think you might be compromised. You can also check your site to see if it is infected with any known malicious code at Sucuri SiteCheck.

UPDATE (3/3/12): I received a note from the site administrators at Sharkwebstyle that said, "We encountered a problem with a vulnerability in timthumb script used in our WordPress theme, and that vulnerability can change the .htaccess file content, so that's why there was a redirection to other website." Here are some technical details about the Timthumb Wordpress vulnerability and hack.