I was quite surprised to see when I reviewed the articles I’d posted over the years that I’d never written one specifically about Open Source software, and “free” software. Of course the topic has cropped-up quite a bit at Cardiff U3A Computer Group meetings, and I have referred to pieces of Open Source and “free” software on “Just thoughts …”, but I’d never put my ideas down about the reliability, philosophy, use and accessibility of Open Source and “free” software in general. Just as I write this – guess what popped-up on my screen …
… Java – an example of a programming language that has morphed into a software development environment whose component parts are all, or can be replaced by, open source modules. Java is an accepted piece of the architecture of a huge number of the systems we use everyday, as is Apache – the web-platform that powers most of the Internet’s servers. I mention these two as examples because it demonstrates how deeply elements of Open Source thinking is embedded into so many of the systems we use every day. Other ones would be Linux, and WordPress – a multi-platform operating system, and web-publishing software which the Cardiff U3A Group has looked at before. So, in a nutshell – open source is respectable!
What makes software open source then? Technopedia defines open source thus …
“Open source is a philosophy that promotes the free access and distribution of an end product, usually software or a program, although it may extend to the implementation and design of other objects. The term open source gained traction with the growth of the Internet because of the need to rework massive amounts of program source code. When source code is opened to the public it allows for the creation of different communication paths and interactive technical communities; it also leads to a diverse array of new models.”
… thus the code is generally very safe, because it can be inspected by anyone, and any changes in the code can be easily traced. The definition goes on to explain the following …
“Open source revolves around the concept of freely sharing technological information so that it may be improved through multiple insights and viewpoints. Since the technology is open source, the amount of work that needs to be done is reduced because multiple contributions are added by many individuals. This concept existed way before the age of computers and even before the industrial age when people shared and improved recipes for food and medicine, for example.
In terms of open source software, the code is often freely downloadable and changeable as long as the user sticks to what is agreed upon in the software license agreement. Open-source software is usually under the General Public License (GNU), but there are other free licenses like the Intel Open Source License, FreeBSD License and the Mozilla Public License.”
That doesn’t make it necessarily FREE, because developers can charge for the software they develop on the base of open source, however generally if it’s made available under one of the above licences it’s often the Support and Implementation that’s chargeable, not the software itself. Look for the licences (as above) to determine whether the software is genuinely Open Source and thus you should expect it to be “respectable” and “safe”.
So any open source software must adhere to the following criteria:
Free redistribution of the software.
The source code should be publicly available.
The software can be modified and distributed in a different format from the original software.
The software should not discriminate against persons or groups.
The software should not restrict the usage of other software.
Then there’s Free Software. As I’ve explained most Open Source is distributed free of charge, and the intention behind it was freedom of code, and freedom from intellectual property rights. The subtle difference with Free Software is that in the latter the emphasis is on freedom for the user to do whatsoever they want to do with the code. It is truly FREE! As a term and as expressed by the Free Software Foundation it predates the Open Source initiative and was the driving force behind the licences mentioned above. Thus free software must adhere to the following four pillars of freedom (which are rights and not obligations):
The freedom to deploy the software for any use case without any restrictions. For example, saying that the license of a program expires after 30 days makes it non-free.
The freedom to study how the software works and modify it according to your needs and preferences.
The freedom to freely re-distribute the software to assist someone in need. The redistribution can be done at a cost or at no cost.
The freedom to enhance the performance of the software and release your enhancements for the community to benefit—both programmers and non-programmers. You can do this at a cost or at no cost.
Now it starts to get a little bit more cloudy. There’s freeware which might also be described as freememium, or shareware. I quote …
“Typically, freeware refers to a software that you can use without incurring any costs. Unlike open source software and free software, freeware offers minimal freedom to the end user.
Whereas it can be used free of charge, often modification, redistribution, or other improvements cannot be done without getting permission from the author.
As such, freeware is often shared without including its source code, which is atypical to open source software or free software.
Two of the most common types of freeware are Skype and Adobe Acrobat Reader. While both programs are free to use, their source codes are unavailable to the public.
Most developers usually market freeware as freemium or shareware with the intention of encouraging users to buy a more capable version.
Freemium refers to a program that is offered at no cost, but money (premium) is paid for extra, more capable features.
Shareware refers to a program that is initially available without any costs attached, and users are encouraged to distribute copies. However, that cost-free period usually lasts for a certain period; thereafter, a user is required to pay for continued use.”
Finally, you may come across the term “donationware”. This is software that is distributed for free, but the author invites the user to make a contribution to the ongoing development costs (or the programmers coffee). It might also be described as “conscienceware”, or even “thankyouware”!!!
So armed with that information, it’s time for me to provide a list of the free software that I treasure the most.
I’ve been using a WordPress Plugin called OS OpenSpace Maps for quite a while that allows the mapping of trails (I use .gpx format to record the trails) onto an OS Map.
This has worked well, but in updating a blog post I came across the information that the Ordnance Survey has produced a new plugin that works with their DataHub Maps service. This is an even better service and if you’re a low-use user, you can upgrade to the Premium level subscription to get 1:25,000 scale maps.
The map can be easily zoomed and can be clicked to take to full screen size.
Here are a couple of links to help you along the way of installing and using the plugin.
Luckily, there’s plenty of advice and guidance available – often slanted particularly towards our demographic (ie oldies) …
Those two sites are particularly easy to follow and understand, but others are equally informative and targeted.
Your bank probably has guidance which it publishes online and which is accessible to everyone, not just their customers …
I’ll return to further information, guidance and references at the end of this post, but first we need to look at a few issues, discuss some terminology that’s widely used and try and tease out what’s really important, and what’s just an inconvenience and then it’s up to you to judge where you find yourself on the scale of …
Security on the other hand is an absolute – you should not be prepared to accept less than your very best efforts . We’ll deal with that in the third part of the post.
How do you relinquish your privacy, and how much of a loss of privacy is acceptable?
Some services could not be offered without income from adverts, or paid-for advertising – eg Facebook, Twitter and Instagram; and some eg Google and Amazon track and provide information to resellers if you don’t block them from doing so. As an example of how much value Google sees in getting knowledge of what you’re doing and where you’re doing it, they paid Apple $8bn recently to remain as the default search engine for any browser that’s running on an Apple device!
Incidentally, if you clicked on that link you might have been asked whether you wanted to accept cookies – what exactly are they, and what do they do. This article from Norton explains what they do quite well …
Essentially, they record what you do on a website so that when you return to it some of the settings are remembered and applied. Cookies do however also have a downside in that some can also act to track your activity once you’ve left the site. For that reason, you should disable in your browser the ability of third-parties to glean information from a cookie, and also to prevent them tracking your activity once you’ve left the site. You can at anytime, clear the cookies from your browser, and indeed on some internet browsers set them up to delete cookies when you leave (close the window) the site. The browser I use – Firefox – alerted me the first time I went to the site to the fact that Norton was using a Fingerprinting cookie itself …
Another thing you should consider is whether you want adverts to be shown, or not. You might get a request to enable adverts when you visit a site, the answer you supply will be held in a cookie in the browser – that’s how cookies work. Firefox, Brave and Microsoft Edge, by default, block most, if not all, adverts. These are often annoying and having a browser that blocks adverts, or if you use Chrome – using an ad-blocker like AdBlock Plus often makes for a more “pleasurable browsing experience” by limiting the intrusion you might feel upon your privacy.
Which brings us to browsers and search engines
Search engines are not created equal! Whilst Google is often thought to be the same as the internet and is often mistaken to be an internet browser itself, it is in fact just one of a range of possible search engines that you can use to look for information on the internet. It uses a platform called Chromium to display the results of its searches to you through a browser called Chrome. However, other browsers – Microsoft’s new Edge, Brave and Opera all use the same underlying Chromium technology – the difference being they don’t track what you’re doing “to present the content that most meets your needs” (Google’s philosophy) and in some cases (eg Brave) they can actually prevent tracking of your browsing history. For the reasons given above, I use either Brave or Firefox as my internet browser and I’m leaning more to the latter nowadays as it seems quicker and more secure as well.
So what safe and private search engine could you use as an alternative to Google. I use DuckDuckGo …
… but others I could have used might have been Bing, Yahoo or another one you might choose from this article or the list of other articles at the end of it …
There are many specialist search engines (as explained in the above article) that can give you much better, and more targeted results than a broad-spectrum Google search.
Finally, no discussion of Privacy can ignore Social Media and Facebook in particular. These applications, if left to their own default settings, are effectively personal information mining engines. They grab what information they can from you, and sell it on to whoever is willing to pay for it; or are indeed the platform for data mining, vis the Cambridge Analytica affair. Online retailers are not exempt from this and Amazon for instance has a wonderful record of your browsing history! Are you sure you know what it’s doing with that information? So look at this table taken from a recent Which? supplement – Staying Secure in a Digital World – and just check whether you need to change your settings if you use any Social Media apps …
So that’s Privacy dealt with.
Should you be frightened?
The take away message I want you to have is Frightened – no; cautious – yes!
Online banking is very secure – a recent survey in Which? produced the following scores …
… plus you are protected and most of the banks are increasingly opting to adopt an online and mobile guarantee to refund you where you’ve been the innocent victim of a fraud. Here for instance is Barclay’s “Online and Mobile Banking Guarantee.”
They really don’t want to shell out money, so they are trying to educate us to be wise to scams. So let’s take a scam test …
Banks are also often supplying software free (or at reduced cost) for you to install to protect your machine, to protect you from fraud – and of course themselves from having to pay out! I was recently offered a piece of software called Malwarebytes by the NatWest and although I have an Apple Mac computer which are well known to be relatively secure from Viruses, Spyware, Trojans and other malware, I installed it. I was pleased to note that I didn’t have any malware on the machine.
Surprisingly you might think … it’s safer to use the mobile app on your phone, or tablet to do online banking and retail purchases than a web browser. This is because the app on the mobile device has to be verified by Google for Android (Google Play Store) or Apple for iOS/iPadOS (Apple Store). Whereas a browser could be infected, or compromised with malware. [That’s something I’ve learnt whilst preparing this post!!!]
When you’re out and about and NEED to do an online transaction from your mobile – use cellular rather than WiFi. The latter can be really open to “sniffers”. [I must admit I try to avoid doing online transactions when away from a domestic network.]
Whilst we’re at it, you might like to think about doing a Detox on your phone, and even consider installing Firefox as the browser of choice rather than Chrome (Android) or Safari (Apple) on your mobile device …
So we come to phishing and pharming, vishing and smishing – I kid you not! We’ll leave aside spear phishing because we’re not important enough for that – it’s used to target “corporations” and individuals within them! [Please excuse me not going into details on any of these. You can follow the links for further information.]
However the most scary scam I’ve been made aware of is one that befell a member of my family when they were distracted sufficiently to become the victim of SIM swapping.
Some of these pieces of advice are really quite straightforward, but some require some intervention by yourselves.
Keep your operating software up to date. This is particularly true if you’re a Windows user, and even more true if you are still running an older version of Windows than Windows 10. If you’re using Windows XP, Windows Vista or even Windows 7 you should seriously consider disconnecting your machine from the internet because even if you’ve got anti-malware software running this is probably not protecting you against the latest threats.
Install anti-malware, or anti-virus software, particularly if you’re a Windows user. Don’t pay more than you need to. Windows Defender from Microsoft is Free and for our demographic relatively undemanding and unsophisticated users, more than sufficient. Keep it up-to-date as well! [As I said previously, your bank might be offering free software as well.]
Keep the software you use regularly up to date as well. Consider removing any software from your machine that you don’t use – this is because software vulnerabilities are discovered sometimes quite a while after the software was first released. It will also save you disc space!
Be cautious over installing extensions into your browser. These are often extremely useful and valuable tools, ie password managers, Dropbox, note taking, Google Back up and Sync, but if you don’t get them from the official sources then you might be importing vulnerabilities, eg spyware and trojans to your system.
Very seriously consider logging-out from social media and other retail sites when you’ve finished using them, especially Facebook, you just don’t know what tracking and logging of what you do, even where you are, if you leave yourself logged in on a mobile device.
Free software is both a boon and a curse. Only download open source software from a reputable site such as Softpedia, and never try and get proprietary software for free. Read this article about Free download sites if you want to know more.
Remember the golden rule 1 – if it seems too good to be true, it probably is, so steer clear!
Remember the golden rule 2 – don’t speak to strangers (an oldie but goldie that one); in other words if you don’t know where an email has come from – ignore it; if the website address looks a little strange – do an internet search on the company or organisation to check if the address you’re looking at is a spoof of the proper one.
Have more than one email address. Use one as your personal address, then use other ones that you can “throw away”when you need to register to a website, but you’re unlikely ever to go back to it again. Or have an email address (UserID) specifically for online purchases. Splitting things like this reduces the risk of you being the victim of fraud.
Seriously consider using an email service that is NOT connected to your Internet Service Provider (ISP). If you decide to change your ISP, and you should review them periodically, then you will have real problems if your email address is linked to their service!
You’ve got Spam filters running? Of course you have – but you better check! Probably your ISP, or email provider (eg Gmail, Yahoo, Microsoft Outlook or Hotmail) is filtering out what it thinks is spam, but occasionally some gets through. If that’s the case then you can always look at the real sender of your message.
You can also apply filters to divert incoming email into different folders in your email system. That reduces the amount of Junk that you need to review. [I’ve also advocated using the “native” email application for your device rather than rely on the web-based service the email provider has. Thus on a Windows device – use Windows Mail (or Outlook); on a Mac use Mail. You can then easily synchronise your email between devices from multiple email accounts. Tidy!]
So we come to Passwords …
… this is the point at which you need to consider intervention and changing your behaviour! You might also need to do a fair bit of work, but it’s worth it if you want to have a secure internet experience.
Let’s just see what using an insecure Password can lay yourself open to. Type in the word Password, or ABC123 from the link above – frightening eh!?
I seriously do recommend signing up for the Which? Scam Alert Service – sign up for an email alert – and I seriously recommend you NOT broadcasting other people’s warnings to you about scams; they could be old, they could be inaccurate, they could be scams in themselves.
Log in to your e-mail account. Log in to your bank account. Log in to Facebook, WhatsApp or twitter. Log in to your Amazon account, or any other retail site. Log in to your photo sharing service. Log in to Thought grazing, or any other membership based organisation eg U3A, Which?
Is it possible to remember the number of applications you use on a regular basis that require a password? How do you keep track of all of all those passwords?
Here are a few tricks you might have tried or considered (with hints about why you may want to steer clear of some of them):
Memorise passwords. This is a great technique if you use your passwords every day, but maybe not for those you only need occasionally. If you don’t use a password regularly, there’s a good chance you could forget it if you rely on your memory alone. In addition, Web browser cookies can remember your login session for days or weeks at a time, meaning you only enter the password manually once in a while even if you use it every day. This could therefore be a weakness and security breach if someone stole your computer. So to login to your computer, or connect to your bank this might be the best approach, but be mindful of the potential security breaches and use for only a limited number of uses. [NB The login credentials to your bank are not saved on your computer, but other sites may well store them in cache or cookies to make it “easier” for you to connect!]
Use the same password everywhere. Memorising a single password for every account does make life simpler. For security reasons, though, this isn’t a great idea, because it makes it easy for a hacker who finds your user name and password for one account to break into your other accounts, too. So what you could do is have a base (root) password that is the same, and then add something you believe you’ll remember to identify the pairing of the password with the site (a variable). Thus making the password unique to that site. So if you wanted to connect to Boots the Chemist you might choose “B00ts&” before your root password. I gave some ideas on choosing a root password in an earlier post.
Write passwords down on paper. This is an ideal solution if you can hide the written information where no one else has access and you can remember where that place is :-). However not only is this a risk if someone finds the list, but a written list or an assortment of scraps of paper could also be lost or damaged, and you’ll need to find and update the list each time you update a password. This is most definitely the most frequently chosen option, and most certainly is the worst option too.
Write passwords into a file on your computer or mobile device. This is less likely to get lost than the paper, but you do risk losing the file if you have hardware failure. In addition, this file is as vulnerable to hackers as other files on your computer. You could encrypt it for an added layer of security, which makes this strategy similar to the next solution. I used this option for a while with the file saved on Dropbox and protected by a Password, so it was safe from loss – but it wasn’t encrypted and most definitely wasn’t very safe – but it was a safer option than the previous method.
Use password management software. Password management software is a utility you can use to save and retrieve all your passwords. This software could be a standalone application on your local computer or a feature within another application (such as your browser) – or both. This option greatly limits hackers’ possible routes to your password data while adding convenient features for organising and retrieving information. This is the strategy that is strongly recommended for everyone and for use on a single computer – it can be FREE.
When I sat down to write this piece, I obviously looked around to see whether there was any information I could reference. After I’d done that, it was clear that there was no point in me re-inventing the wheel. So I point you at this excellent introduction to Password Managers and review of the leading Password Managers out there. Read it before you go any further!.
Password managers – how do they work? Are they safe?
So you’ve read the article mentioned above? Yes – then proceed. Otherwise I really do insist you go back and read it.
So now you know there are browser-based password managers, cloud-based password managers and locally-stored password managers. You do know that, don’t you? If not, go back and read this article again!
Are they safe? – you only have to remember ONE password, the master password, and that unlocks your Password Vault. So compared with unsafe, easy to guess passwords, or scraps of paper – they are very safe; and you can’t lose them, forget them, or mislay them. They’re all in one place!
How do they work? – well, I don’t need to tell you much about this because you’ve already read this, haven’t you? Essentially, you can choose to let the Password Manager generate random passwords for every site you need to provide login credentials for, or you can provide the Password Manager with a password when prompted. I tend to do the latter using the “variable + root” approach I discussed before. It’s not that I don’t trust my Password Manager, it’s just that for many of the sites that I use frequently, it’s quicker and easier for me to supply the password because I can remember it!
Which Password Manager you choose to use is down to your situation – you could read this Review of Password Managers – which picks Dashlane and LastPass as best products. Either of these would be good to implement and use but they have different use cases. I use LastPass and pay a small amount annually so that I can use it on more than one device. I also use it because as it’s cloud-based, I can log into my LastPass account from any machine and access my online services. Dashlane lets you make the choice of local machine or cloud-based password storage – but it is not free, whilst Keepass (which is open source and free) works on a single machine, the passwords are stored on that machine – so that might be the option for you. If you only tend to use a laptop or desktop for browsing websites where you need to provide Login credentials, the free version of LastPass or KeePass is more than adequate.
Note: I do not recommend for the reasons explained in the article, that you use the Password Managers contained in your browser.
How do you use your Password Manager?
This is really beyond the scope of this article but elements of usage are covered in the two articles that have been referenced above. You should refer to the documentation for your chosen Password Manager.
What’s all the fuss about Two-factor Authentication then? Do I really need it if I’m using a Password Manager?
Well yes you do! It’s bandit country out there on the Internet. You’ll know that if you’ve been on Have I been pwned? and seen your email address has been captured by a leak, or a hack. So it’s always possible that someone has got at least part of your login credentials, and from that it might be possible for them to request a new password – blocking you from using a service – or they may have even requested a new userid! So that’s where 2FA comes in.
What is it though?
Essentially once you’ve implemented 2FA you’ll be asked for secondary information about yourself (Face-ID, or Touch-ID if you’re using an iPhone) or confirmation that you are the person you’re purporting to be – by asking you to supply a code that is displayed on a smartphone or other device you own, and which is to hand. Thus having your UserID and Password is not sufficient alone to access your account.
If you’ve used Online Banking recently you’ll have noticed they’ve implemented 2FA widely. In fact I believe they’ve been required to by the Banking Regulator. Thus accessing your bank from your device is intrinsically safer now than it used to be.
I’m not going to say much more about 2FA , I’m going to refer you again to a Guide rather than repeat the information myself – and quite possibly make a mistake in doing that. There are a number of sources of reference out there, from Google, Apple, Microsoft but the one that I’m pointing you at is this one which I think explains things well, and also points at how to implement it for a number of popular and well-used platforms and services.
Making life easier with an Authenticator for 2FA
Wouldn’t it be nice – instead of waiting for the site you are trying to access to send you a code to type into the box they’ve provided – if you could just look at your phone and see a code on it that you could then provide and type in?
And that’s it! Thanks for getting to the bottom of this long article. I promise you, if you follow the advice and guidance included in it, and in the referenced articles, your online life will be much safer, more secure and your stress levels will be reduced!
After Netscape Navigator was eclipsed by Microsoft’s Internet Explorer as the browser of choice for many – mainly because it was hard-wired into Windows initially – the world of internet browsers has seen first the rise of Firefox from the Mozilla Foundation as an alternative open source option and then the succession to Google’s Chrome and it’s huge market presence.
I’ve written about Google’s dominance and the alternatives to Chrome before in “Just Google it …”
Now Microsoft has stirred from its inactivity in the browser market place. It has ditched its proprietary Edge browser and replaced it with … Microsoft Edge. No confusion there then!
It is interesting because it will run on MacOS as well as Windows, something the old Edge didn’t do, and will use the same open source code base – Chromium – as Google’s Chrome and of course Brave (my browser of choice). This allows them to use Extensions written for that code base. I already use many extensions written for Chrome in my Brave browser.
What will this mean for Google especially as Microsoft Edge will effectively have a built-in ad-blocker? Who knows. It’s certain that as more users decide to use the Microsoft version of Chromium, so Google’s business model and revenue stream will come under attack. Will they retaliate in some way? Probably not. Interesting times.
Here’s an article that describes keyboard shortcuts that you can use with Microsoft Edge.
This post was created for the Cardiff U3A Computer Group meeting on the 23rd January 2020, but is possibly of more general interest.
Starting Point – the givens; what we’re trying to achieve
Having a manageable amount of email will make your life easier and better.
Focus on lifestyle habits rather than hard-and-fast rules.
Work out what you don’t want from your email, and then create habits that prevent it from happening.
Work out how you will handle email daily and if you can – weekly, and monthly, and decide whether you need a method to archive or store emails, or the information contained in them.
The importance of context. Use the appropriate tool wherever possible.
You need an immediate answer – use the phone, and leave a voice message if there’s no reply, possibly with a text message – “please get back to me after you’re listened to your voice mail” – as backup.
You need a record of the answer to a question – use email; and seek confirmation by email if the answer comes back a different way.
You need to just keep in touch, or chat – use text (SMS) messaging or WhatsApp (or any other – I don’t want to recommend one – chat platform).
Tools you can use (all the “F’s”)
Forever email – whatever your email address is now, seriously consider getting an email address that will last forever and not be dependent upon your currently favoured Internet Service Provider (ISP). So … Google’s gmail.com mail would be a good choice, as (if you’re wedded to one technology, say Apple) would be the email provided by that supplier, eg icloud.com. Here’s an article that lists the best email accounts currently. Personally, I wouldn’t go beyond the first three, and I would be tempted to say only the first two! So that would give you a choice of Google, Microsoft plus (in my case) Apple. Fake email address – you don’t have to have just one email address. Create a duplicate for using when a retailer asks for your email address. For you alone – don’t share an email address with a partner; have separate ones; you can always setup an email programme to read both email accounts on one device (eg a tablet). Keep your personal email address for yourself, and for life! Feature-rich email program (a rather contrived “f” this one) – use the mailer that your operating system provides for you. On Windows and Apple this would be called Mail. On your phone or tablet it might be called Gmail or Outlook. There are others as well. Forward your email to one place – if you’ve set up a new email address, you can forward mail from your old address to your new one and then apply filters (see below). Filters – these are very useful and relatively easy to set up (or create). They allow rules to be followed and your email to be handled the way you want it to be handled and not just hang around clogging up your Inbox. Flags (or labels) – you can put a marker against individual messages in some email programs. Perhaps a colour code to indicate their urgency or priority. Folders – these are invaluable and when combined with a service such as the three (Google, Microsoft or Apple) I’ve mentioned, can ensure that you have an archive of messages that should last as long as you realistically would ever want them.
Techniques to keep your eMail under control
Aim for Only 20 Items in Your In-box
[Warning … Do as I say, not as I do!!!]. Twenty e-mails means that you can see your whole in-box without scrolling. As soon as you deal with a message, file or delete it. Only messages from the past week that you’ve yet to respond to belong in your in-box. Stick to a Schedule (difficult but invaluable)
[Warning … Discipline needed] Even though I check my mail several times a day just in case something pops up which really needs to be urgently handled, I try to not process them right away. I try to only do that once a day, either at the beginning of the day or in the evenings. So I need to adhere to respecting the difference between checking and processing. So … Delete ruthlessly, when you’re checking Don’t reply immediately unless …
Can you write back in two minutes or less? If so, do it immediately, and delete the incoming email from your Inbox. Your reply together with the original message should be in your Sent mail.
If an e-mail requires more time, perhaps flag it so it can be handled during a scheduled window later that day or the next morning.
Important … if an email looks as though it can’t be answered easily – pick up the phone!
Sounds obvious but … you don’t need to read every single mail that comes in. Pick and select what’s relevant to you.
I subscribe to several newsletters – but I don’t read all the mails that are sent to me. I don’t delete them either, because I know they may have valuable information contained in them. Instead, I sometimes set up filters to automatically archive them to different folders (labels on Gmail), or move them to the appropriate folder manually. I only read them when I want to get more information on the topic.
Remember you can Unsubscribe from an email list – it’s not difficult and can reduce the amount of email you get quite considerably! Turn off notifications that appear on your desktop. You really don’t need that kind of message appearing which drags you to your Inbox!! Close email when you need to concentrate on something else. Close your email application or sign out of webmail when you need to do work that requires real focus for at least 30 minutes. When an email program is open, it’s tempting to check periodically (or obsessively) for new mail. Closing the program entirely (not hiding it) removes the temptation.
Try to remember to remove old email messages from your Trash Can, unless you’ve set it to Auto-Delete after a week, or a month, or whatever. Email programs and setting up accounts. This is much easier now than it used to be and instructions are usually provided for your email provider on their website, eg Google’s Gmail.
More on Folders and Filters, and Flags (Apple)
Folders (or labels, if you use gmail) are there to help you organise your mails.
Firstly, use a relevant naming system to what you’re doing.
Secondly, use hierarchy structure. First level folders are for the big categories, and second level folders are for sub-categories, and so on.
These work best when you’re using an email program such as Mail or Outlook. Filters are tools that help you sort out the mail automatically when it gets into your mail. There are 2 basic things are required for a filter – (1) The term to look out for (2) Action to apply if the term is matched. You can set up filters for different email addresses, subject titles, body text … whatever! Depending on what filter it is, the mail will be automatically sorted into a respective folder / archived, or moved to the Trash can. Flags are ways of colour coding a message to give you an indication of how you might want to handle the message.
I was asked last week about a message that had appeared on a Lightroom 4 users’ screen with this warning …
… scary eh!?
Well yes it is but if you’ve got a relatively new Mac you do have the choice NOW of making sure you have the latest version of software that will support older versions of Lightroom, and do an upgrade to Mojave (v.10.14) BEFORE Catalina (v.10.15) is released later this year – probably in October. That way you’ll be nearly up-to-date with your version of MacOS and that may be sufficient for you if you don’t feel the need to have the latest version of MacOS.
If you have Lightroom 6 installed (or even 3, 4 or 5), you may be getting the message above EVEN THOUGH it is a 64-bit app. This is because the Installer/Uninstaller and Activation code software is 32-bit. That means the software “should” continue to work, but you won’t be able to re-install it to a MacOS of Catalina (v.10.15), or later.
The only other alternative if you want to stick with Adobe Lightroom is to swallow hard and subscribe at £9.98pm to the Photography Plan of Adobe’s Creative Cloud programme. You do get Photoshop as well as what Adobe call Lightroom Classic, plus their in the cloud version of Lightroom which they (confusingly) call Lightroom!
UPDATE: I’ve just read this really useful and interesting article from the magazine MacWorld – I suggest you read it too – and I’ve found out that Microsoft 2011 for Mac and Picasa (amongst others on my iMac) will not work with Catalina. Whilst I’m not particularly concerned about losing either of these as there are alternatives I’m already using – such as (in the case of the former) Google Docs, Open Office, Libre Office or Apple’s Pages, Numbers or Keynote applications – it’s better to be prepared and to have made the decision to move before I have to jump! Also in the case of Picasa, that I haven’t got anything in the database that I haven’t catalogued elsewhere – I think that unlikely, but I ought to check!
I’ve also stumbled upon an entry in “About This Mac > System Report …” which you get to from the Apple Icon in the top-left corner of your desktop. Go to Software and if you’re running Mojave there’s an entry called Legacy Software. Look at that and you’ll be able to see quickly what software is unlikely to work in Catalina. If you’re running an earlier version of MacOS go to Software and click on Applications and look for non 64-bit applications (a column to the right of the window).
This will probably be one of the most challenging posts I’ve ever attempted to write because in all truth, I don’t think we really still know what actually happened to my daughter’s online identity, let alone wholly knowing how it happened, but I’m going to try and explain the sequence of events as an alert to you all, and a reminder to us too!
Some background and a plausible explanation of why they got themselves into the situation they found themselves.
They’d been self-employed for a short while now, working as a freelancer, and had just submitted their first tax returns in that capacity.
They were working from home, with two young children with one under six months old, and both very demanding of their time.
The family is living in another family member’s house whilst they “do up” their new house.
They’re adept at multi-tasking (obviously too adept as it turns out) and is (as many of their age are able to do) capable of nestling their phone between chin and shoulder whilst doing other tasks!
What happened next!
She had a phone call purporting to come from HMRC (we’re presuming this was just a fortuitous coincidence from the fraudster’s point of view – they had no way of knowing the employment status of the family member) – saying that they had a refund owing. As explained above she thought this was quite possibly the case as she had just completed a tax return – again an unhappy coincidence! She was told to click on a link in a text message to complete the process of getting the refund. She had their youngest child on her hip, was preparing a meal and was “distracted”. She filled-in the required information from the link!!!!
Shortly afterwards (the same day) she presented her credit card at a supermarket and payment was refused. She realised something was wrong. She found she didn’t have access to her online banking. She contacted the bank by phone. The bank “supposedly” froze the account there and then but it was apparent that at least two transfers of money had been made to someone who was a Payee in her account – why? That’s the clever bit of the scam, I’ll explain later!
More payments appeared to have been made … help!!!
How could this be? The account was frozen … wasn’t it?
Get the family involved!
Having a son who’s an IT expert comes in useful, especially if he lives on the other side of the world! He worked through the night (day) in securing as many of her accounts as he could. Changing passwords, which were admittedly rather weak and used more than once (should have listened to Dad) – but he had no idea just how much data had been downloaded, or indeed just how much they had to start with as a result of perhaps a previous “pwned” event.
Having another local son who’s also very practical and logical helps also. He suggested that she contact the payee and tell them about the payment and request it be refunded. What transpired next turns out to be the “clever” part of the scam, although on this occasion it wasn’t conducted very expertly because they attempted multiple payments to the same payee. The payee confirmed that they’d had this payment, wondered what it was and had been a bit puzzled as to why Mr X had contacted them and requested a refund to a bank account because “he’d made a mistake”.
This was obviously NOT the same account as that from which the payment had originated and turned out to be the way the scammers were hoping to transfer funds from the hi-jacked bank account to one of their own! Fortunately, my son’s suggestion alerted the payee and the payee advised their bank NOT to transfer the money.
Phew! How did this all happen when the bank account was supposed to be frozen?
The key to this scam was getting control of my daughter’s mobile phone number. She didn’t realise it immediately, but soon became aware that it had been “stolen” through a scam called SIM swapping. This usually is done by a seemingly distressed person going into a mobile phone shop and pleading for a new SIM with a phone number “because their phone has been stolen” and “it’s absolutely imperative they have their number back immediately as there’s something very important happening right now”. This is described here.
Why do they want to do this? Because they can transfer calls made to the rightful owner of the phone to their own phone.
Why do they want to do this? Because they can then request the bank account to be unfrozen, and also use their access to the phone number for any number of authorisation features.
How did they do this in this case? Well GiffGaff is an online service provider and they have stated that they did everything they were supposed to do to authenticate the request for a SIM swap – but it is evident that there are serious weaknesses in their processes. They have stated they are looking at this for the future. Just Google “GiffGaff SIM swap Fraud” to see what is returned – it’s frightening!
So what happened next, and was there a happy ending?
Well, believe it or not, even with a personal visit to the bank and assurances that no more payments would be made, the bank did allow the account to be unfrozen and transfers out of her account were attempted. A second visit to the bank resulted in heartfelt apologies being made and offered over the way their fraud department had handled the problem and a complaint being raised by the branch against their own department on my daughter’s behalf – I don’t know the outcome of that!
Well, there was a happy financial outcome. Thanks to the prompt action and thinking of my local son, the initial transfer was halted. It’s not conclusive whether my daughter could have received compensation (as detailed here) as she was the instigator of the problem through her own mistake (the HMRC phone call). All other attempted transfers were eventually trapped by the bank and refunded to her – so no financial loss.
Much more significant than the potential financial loss was what it did to her confidence. She insisted on getting a new phone, because she wouldn’t accept any advice from any family member (especially me) that there wasn’t anything on her phone that wouldn’t continue to monitor her.
She also lost all confidence in using any online systems – which up until then she’d been very reliant upon.
She also lost a lot of confidence in herself as she realised just how gullible (but extremely unfortunate) she’d been … but the positive side of this, and the main reason for sharing this is that she’ll be much more careful in the future!
We don’t know whether the identity theft side of this will ever be resolved. We all know that a huge amount of information is held on us on the internet. We all know that some websites have had their security breached and identity information stolen. We don’t know what was held by others about my daughter. She had a public profile, they now have the potential to add even more information to their database about her if they had managed to download information from her email (and other) accounts before my son locked them down. We just don’t know.
There was a mysterious book that arrived at her house with a cryptic message in it.
There have been some scamming emails purporting to come from her since this event.
She now uses a different email account.
We just don’t know whether these are connected to the fraud event or are just strange random occurrences … and I suppose we never will know just how much additional information they may have downloaded – emails, photographs, documents, etc. etc. Very frightening.
Thought you might be interested in seeing this. Don’t rely on your GPS signal if you’re within 50 miles of Sennybridge at the beginning of April …
The Ministry of Defence conduct occasional tests on military systems which may result in some loss of service to civilian users of the Global Positioning System (GPS) including in-car navigation devices and networks which rely on GPS signals.
— Read on www.ofcom.org.uk/spectrum/information/gps-jamming-exercises
You’ve got to hand it to Apple. They do look after their customers well – at least this one they do!
You may remember I’d been having trouble with the boot-up of my 2013 iMac – yes, it’s at least 5 years old. It’s a powerful machine which I bought to do photo work and it’s been a delight, but the problems reported here … I’ve now had an introduction to the SBOD
… had come back this month. After a couple of attempts to fix the problem myself, which I had assumed to be software problems, which involved me re-installing the operating system on a completely clean disk (ie I had to re-install all my data and applications from backup which was painless and automatic, but took a bit of time), I contacted their support via online chat, and after Traci had exhausted everything she could remotely, I was referred to the Genius Bar in the local Apple Store for an appointment that same day (actually 18:45 in the evening). A very competent and pleasant hardware technician (David) did “triage” on the machine and announced that the Fusion Drive was in fact faulty – it was a hardware problem.
And … they offered to replace and repair it at no cost to myself as I’d bought it from Apple, not elsewhere. That’s the way to create brand loyalty. Thanks David. Thanks Apple Store, Cardiff.