°<°

The Testament of the Android

The Testament of the Android Non-profit and free for redistribution Written on November 11 | 2014 Published on October 27th | 2015 For entertainment and research purposes only

================================== DISCLAIMER: The Paranoid's Bible and its writers hold no responsibility for the acts of others. The Paranoid’s Bible is for research and entertainment purposes only. Please visit our blog for more PDFs and information: https://www.paranoidsbible.tumblr.com/ ================================== Contents Preface    4 What is Rooting?    5 Benefits and drawbacks of root    6 Common custom versions of Android    7 Basic apps Google doesn’t want you to know about    9 XPosed Installer    11 XPrivacy    12 Rooting 101    13 Installing your custom ROM    14 Afterword    15 ================================== Preface Hello guys. I was asked by the Paranoid’s Bible team to make a short segment about Android rooting and security to complement the main book as the team is too paranoid to move on from their Nokia 3310. Well, here it is. In this guide, I will talk about some easy methods to root your phone, why you need to do it this very moment without excuse, mention some ROM’s for you to load onto your phone and finally, some apps to protect the little privacy you have left in your life. At least for a week until the NSA decides to reveal that all phones since 2001 has had several hardware-level backdoors installed. ================================== What is Rooting? Rooting is the process of gaining “root”-level access on your Android device. For some reason, Google thought it was a brilliant idea to lock away the Android version of an Administrator account for “your own safety and ease of use”. Basically, your phone is gimped on purchase. While most people won’t even notice it, the admin account is out of your grasp. Imagine if that was true for your PC. Something’s wrong, and it’s easy to fix, but you can’t run CMD.exe as admin to fix the issue with three lines of commands. You want to install this piece of software, but you need admin rights to do it so you can’t use it. That’s the default setting on Android. As you can see, it’s basically a middle finger to consumers and developers alike, and many phone producers (like HTC and Samsung) are aware of the potential drawbacks of this and therefore have made it much easier for the average user to unlock this power of system administration. Also, with root, you can get rid of /ALL/ apps installed on your phone, so if you have a Samsung (or any American carrier phone with bloat installed), you will feel blessed by the seven gods of fate over the ability to remove said cancerous bloat that does nothing but take up space. ================================== Benefits and drawbacks of root As I touched on briefly before, Root has some amazing benefits. I’ll make a short list of it now, followed by a list of cons to make it easy to decide if rooting is for you. Pros: • System-level control • Uninstall carrier apps • Custom OS install • Hardware-level tweaks (CPU speed, battery life, better screen controls, multi-touch boost) • Install ALL apps on your device • Custom functions and button mappings • AdBlock • System images for 100% reliable backup • Super secret privacy stuff on your device • xPosed network Cons: • Risk of soft-bricking your device • You may void your warranty • All updates of your Android version must be done by hand • Minor compatibility issues • You won’t ever be able to live with stock android again ================================== Common custom versions of Android Even if you aren’t into rooting, you should already know about CyanogenMod. It’s probably the most expansive, compatible and well-marketed version of Android out there and it has been customized to run on a frankly insane amount of devices. But for now, let’s do a run-down on the most popular ROM’s and some a little more obscure and device-specific for your pleasure. ==Cyanogenmod - https://www.cyanogenmod.org/ == As mentioned just before, Cyanogenmod is probably the way to go for a beginner root user. It’s so simple that my mom actually uses it and likes it. That should tell you pretty much everything you need to know. If a 51-year-old woman finds joy in using this ROM, even the most tech-ignorant should be able to not mess it up. I would recommend this for every beginner because it’s as close to stock android as you can come, but with a hefty amount of added features like security reinforcement and theme support. The best thing about Cyanogenmod is that it comes with its own easy installer. Just hit up their site and follow their “how to install” guide and you are up and running in less than 15 minutes. ==Carbon - https://carbonrom.org/== Like CyanogenMod, this ROM is remarkably close to stock, but it has some nice goodies out of the bag as well. First off, it has a sleek, beautiful design, powerful optimization and is designed with a great user Experience in mind. The rom also has a nice toolbox for Carbon-exclusive features for you to tinker with. ==SlimRom - https://www.slimroms.net/ == SlimRom is another one of the UX-based roms that look, feel and work wonderfully. This rom is pretty unique and has a nice slew of features that makes the phone adapt to you, from theme inversions, left-handed mode, privacy guards and a lot more listed on their website. Do check this out of you feel like having some bling to your functionality. A fair warning: The ROM isn’t s light-weight as the previous mentions, so keep in mind that it probably won’t run well on a mid-low tier phone. ==AOKP -  https://aokp.co/ == “Infused with Magical Unicorn Power” indeed. They don’t lie with that tag line. This is probably the most impressive ROM out there and needs no introduction to the people in the scene. You simply won’t find any ROM with more functions out of the box. An honestly baffling amount of hardware-level tweaks, software customizations and said Unicorn magic will make you love this ROM. Note that this will work on mid-high level phones and above. The drawback to this one is its honestly overwhelming feature set. So, if you want this to be your daily driver, please take your time to figure out how it works. ==Paranoid Android - https://paranoidandroid.co/ == Paranoid Android… Just the name makes it fit right into here. A bunch of security, a touch of amazing material design and always up-to-date, this is probably the rom for you if you like a great experience without all the hassle of tinkering with it yourself. ==Android Revolution HD - https://android-revolution-hd.blogspot.com/ == This ROM is for select HTC and Samsung devices only. Wait, why do you list it here then, Pleb, I hear the strawman in my head talk. Well, if you have ever used HTC’s version of Android they named “Sense”, you would know. The Sense overlay and features are simply some of the best. I am not even kidding here. I avoided to root my old HTC legend just because I couldn’t get a keyboard that was half as good as the one the phone came with. And all of the nice features. And the amazing UI…. Anyone that has ever used Sense wouldn’t be able to go back. And now, some wizard made a custom rom based on Android 4.4.2 and Sense 6 for you to install on your phone. So people with and HTC One M7 can still benefit from the new version of Sense that HTC doesn’t officially support for the device. Simply Magical. Please note: There are a lot of custom ROM’s out there I didn’t mention here. Just do a quick Google search if you feel like the short list I provided wasn’t enough for you. ================================== Basic apps Google doesn’t want you to know about Okay. This is where the magic happens. Did you know that Google doesn’t allow a lot of really, really useful stuff onto its main marketplace, the Google Play Store? No? Well, sit down and listen, because you are going to have your mind blown. Here’s a list of my most commonly used grey market apps for you to install: AdAway As the name suggests, this App is an ad blocker. But not just for your browser, but your entire fucking phone. Ever get tired of ads in your free games? Let’s take Cut the Rope as an example. One minute of game, three minutes of adverts. Well, that’s all in the past now, as AdAway blocks most ad networks via the hosts file on your device (See, I told you that rooting is useful). AdBlock Edge Well, let’s be honest. AdAway doesn’t catch everything, and neither does AdBlock. But together, the two cover for each other, and since I have had both of these puppies installed on my phone, I haven’t seen a single ad anywhere. Not in the browser, not in my notification feed, not anywhere. Just do yourself a favor and do this. As an added benefit, you’ll save bandwidth on your phone. Any Play Store replacement Yeah. For one reason or another, Google isn’t keen on letting you know that there are other ways for you to install apps on your device if you don’t like the hive-mind all that much. And the best thing? It’s pretty easy too! Here’s a short list of app stores you should take a gander at as an alternative: F-Droid: A basic, but developer-driven play store alternative that has some experimental apps that for one reason or another didn’t get onto Google Play. Do check it out. Amazon App Store: Yep, Amazon has its own app store, complete with both paid and free apps and games. SlideMe: A nice, community driven app store based on exploration AppsLib: A play store alternative mostly based for Tablet apps that couldn’t pass Google certification. Hidden gems galore. BlackMart: YO HO HIBBITY HE BEING A PIRATE IS ALL THERE TO BE DO WHAT YOU WANT CUZ A PIRATE IS FREE YOU ARE A PIRATE!! This one offers you paid apps for free. Yep. No strings attached. Personally, I would prefer you guys to pay for your apps as the $1 they cost isn’t really a major setback. But if you want to run a 100% info-free device, you have no other option. MarketEnabler: Not as much a replacement as it is a way to get out of region-locked downloads. BootManager This app is another one that requires Root to run. What does it do? It completely kills the auto-start triggers some apps have. You know how Skype is impossible to actually close because it always re-opens on pretty much every occasion it can? Well, nevermore to that. AppOps starter AppOps is a developer tool in Android that Google leaked by accident and has covered up since the leak. What does it do? It pretty much disables individual permissions every app you have installed has, iOS style. Because they “patched it out”, you need this to actually open the menu. But now, Angry Birds will never have to know where you sit on the toilet playing it, I guess. GravityBox Remember the hardware-level tweaks and OS tweaks I talked about on the custom ROM section? With this app, you can get that on stock, or hell, any ROM there is. No-frills CPU control Well, it’s exactly as it says on the tin. Control your CPU speed without any hassle. Titanium Backup Best backup tool there is. Just do yourself a favor and get this. UnbelovedHosts Removes ads, access to malware domains and other host-file tweaks you will love. Of course, there are many more, but I want to keep this short and sweet for the newbs. Remember, search engines are your friends if you want to have more stuff. ================================== XPosed Installer Oh boy. This one is pretty grand. It’s the single-most amazing benefit of root. The story behind this is that a guy wizard on the XDA forums found a way to make ROM-level changes on your phone without having to boot into recovery and manually patch your ROM. Yeah. Because of this, xPosed installer is the single-most useful tool for device customization and hardware-level tweaks. It’s basically a toolset for toolsets. Basically, this is a framework to install tweaks on your phone. Just as easy to use as any app store, but with 100% useful things. XPosed installer is also needed to install XPrivacy (duh), so you better just grab this from the get-go. All you do to install a module is pick it, download it and reboot your phone. Bam. If tweaking an OS could get any easier than this we would all be exalted into godhood. ================================== XPrivacy Well. In the chapters passed, we have touched briefly upon security. Now comes the mother of all privacy apps on the system. XPrivacy is a toolbox, not unlike the ones you can find on XPosed, but this one focuses on, well, you guessed it: Privacy! Okay, right away, I want you to just go buy the pro version. The guy who made this has sunk half his personal time into making this, and the paid version basically runs itself, so just do it. It’s worth the money you cheap bastard. Well, what can you do with this awesome piece of software? Restrict App permissions, restrict hidden permissions, show how much data each application uses, sends and downloads behind your back, makes a debug log for you, forces secure connections when it can, flushes your cache for identifying data, FRAKKING FAKES YOUR DEVIDE ID, NUMBER, SERIAL, HARDWARE, SCREEN RESOLUTION, GPS COORDINATES, MAC ADDRESS, IMEI NUMBER, ANDROID ID, GSF ID, ADVERTISING ID, COUNTRY, OPERATOR, GSM CELL ID, SSID AND USER AGENT. AND IT RANDOMIZES IT ON REBOOT TOO! THIS PIECE OF SOFTWARE BASICALLY SINGLE-HANDEDLY CLOAKS YOU AND YOUR PRIVACY IN A NUKEABLE WAY Another added benefit of having the paid version is the community filters. We are all too lazy to manually poke around with permissions on the 100+ apps that are on our phones, so with a simple click of a button, you can cut the balls off of all of your apps at once. No hassle, no sweat, no nothing. Just get this. You have no excuse not to. The software basically runs itself after you set it up (pretty simple to do, too). ================================== Rooting 101 Okay, now, after you have digested all of the nice options that are open to you, you want to root your phone. “But Pleb!! How do I do that??” You ask? Well, it’s actually pretty simple nowadays. Back when I rooted my first device (A HTC Legend, notorious for its Fascist-tier boot loading protection), I had to work around with custom SD cards, command line hacks and shady software. But nowadays, you can pretty much hook your phone to your computer, press a couple of buttons and bam. Done. Here are some ways to easily root your phone: CyanogenMod Installer: https://www.cyanogenmod.org This one is probably the simplest. Go to CyanogenMods homepage, download the tool and follow instructions. Within ten minutes, you should have a nicely rooted phone. Since this is literally the easiest thing in the world to do, I won’t describe how it’s done. It’s literally a 1-2-3-4-done thing. Kingo Root: https://www.kingoapp.com/ This is the second easiest option you have. It’s another plug-and-play with simple directions that are impossible to mess up. Just follow the steps and you are done. This doesn’t have a 100% success rate, but if it fails, nothing happens. So you won’t mess up your phone this way. If you have a HTC or a Samsung phone, this is the tool to use as it also bypasses the protection these phones might have installed. FramaRoot: https://forum.xda-developers.com/apps/framaroot/root-framaroot-one-click-apk-to-root-t2130276 Okay. I lied. This is probably the easiest way to root since it doesn’t even need a computer to do so. Just download the .APK, run it and bam. Rooted. This app runs a couple of exploits to force Super User and Root access on your device, and because of that, it can pretty much tell you if you are wasting your time right away. Just look up the thread on the XDA forum I linked to read about how to use this app. Finally, if you are unsure about how this works in practice, you can just search “Android Root tutorial” on YouTube and see it in action. It’s literally never been easier to root your phone than it is nowadays. As an extra bonus, you can look up showcases of Android roms on there too, in case you want to see them in action before committing. Speaking about…. ================================== Installing your custom ROM This is a little fiddlier than just rooting your current ROM, but it’s still a fairly easy thing to do. Here’s a short tutorial on how to do it in end-2014. This might be updated once a better way is developed, but you can just Google it if you feel like not bothering me. WHAT YOU NEED: • A rooted phone • A computer • A Mini-USB cable • Internet connection After you have downloaded your ROM of choice, you need to also download the Google APK files in case you want to have Google maps, play store and all the other things. Different tiers of the APK files can be found here: https://www.sharedapk.com/google-play-services-3-0-25/ Turn your phone off and boot it into recovery mode. This differs from device to device, so a quick search for “recovery mode [device name]” should do. Now, open this link: https://www.youtube.com/watch?v=fHULkfePcTg  and follow the instructions to install TWRP Recovery and follow the steps to install the custom ROM. The good thing about TWRP is that it has a touch screen interface that makes recovery much easier than with stock. Bam! Now you are done. Easy, wasn’t it? ================================== Afterword So, this 101 EZ-guide is now over. Personally, I find it important to share this, even if it’s just adding to the redundancy of the resources online. Well, I hope that you have found this a little helpful, and if you want me to edit something in here, add more stuff or maybe fix a mistake, please send message to paranoidsbible.tumblr.com Anyhow, have a good one and enjoy your freshly-rooted phone!

Lessons from losing a week of photos to memory card failure

Summary: One of the photographer’s greatest fears is to lose a significant chunk of images from a big trip or event. In this long-form article, find out how a memory card failure caused a week of photographs to disappear, what I did to try to recover them via software, then physical data services, and the valuable lessons, counter to common knowledge, to be learned about memory cards, dual card slots, and backups to prevent such a nightmare scenario from happening to you.

Landscape expeditions can be taxing in the long days of summer, even more so if you are also doing night photography. After flying to Seattle, I arrived at the coast of Olympic National Park around 11 PM – many view Treasured Lands as a culmination of my work in the national parks, but I am far from being done with them! Seeking stars, I woke up before 2 AM for the short window between moonset and astronomical twilight. However, the marine layer had rolled in while I was hiking to the beach, and I shivered until past sunrise time without even seeing a sliver of sky. The next day, since I had to drive from Heart of the Hills Campground and hike 45 minutes to Hurricane Hill, I rose before 1 AM.

On the last day, temperatures in the inland plains of Hanford Reach rose above 100F. When I came home from the week-long trip, I went straight to bed. The next morning, I reached for my cameras, took the memory card out, and inserted into the card reader. This resulted in the dreaded:

Attempting to read the card with software

I reacted with mere annoyance at the computer, and tried to read the card from the built-in memory card slot of a laptop. The same message appeared. Growing worried, I inserted the card into a standalone backup device, and it said “Memory card not found”. Surely I would be able to see the files in the camera, since the last time it had been turned on, less than a day before, everything was normal and I was able to scroll through some images? Nope, like the computer, the camera said “Unable to use memory card. Format?”

The PhotoRescue software installed on my computer had been successful at rescuing files from a corrupted card in the past, however, it did not uncover a single file this time. Hoping for better luck with Lexar’s own Image Rescue software that came with the card, without the activation code handy, I contacted Lexar’s customer support. They were quick in providing me a download, but it did not help:

Note that the computer sees 8.2 GB, but it was a 64 GB card. Lexar support suggested several other apps, including Ontrack® EasyRecovery which has a “technician” version with a $500/year licensing cost. As those apps include a trial mode that allow you to attempt to discover files, and require you to pay the fee only to actually recover them, I took each of them for a spin without success. There are a lot of recovery programs around, but if the error is hardware rather than software, you can try all the programs in the world, and they won’t do you any good.

Dealing with physical data recoveries services

It was time to contact a physical data recovery company. All those companies have a similar mode of operation. You send them your media with pre-paid overnight shipping at their cost, they diagnose it and provide an estimate. If you approve the estimate, they attempt to recover files and charge you if the recovery is successful. Seems fair, right? The problem was that the quote from the Lexar-recommended company was quite a bit higher than I expected:

After a bit of shopping, I found another company which provided me a lower quote. I sent them the card via Fedex overnight and got the following diagnosis:

Despite numerous attempts to identify the source of the problem, we were unsuccessful in reaching a solution. At this stage it is clear that this is an extremely complex case that will require extensive research, time & use of in-house donor parts. Your media will be passed to our Research and Development department; They will be able to research & execute techniques such as safe removal, reballing and replacement of the core processor and other components containing device specific information and repairs to fractures in the tracks of the logic board.

The work we would attempt is a highly skilled process that is not infallible. The chance of a successful recovery once these processes are completed is approximately 74%. At this point most Data Recovery services would send the media back to you as they don’t have the ability to do such complex work, let alone any sort of R&D department. Our R&D department is one of the best in the world, and they are responsible for creating new techniques and ways of recovering data that allow us to sustain an overall 92% recovery rate. Currently, we have two options for you:

Option 1. You allow our R&D department to use the lab time, parts & cleanroom facilities needed to gain access to your data. This is a standard process that will be completed within 15-20 business days. To go ahead with Option 1 an upfront payment of $800.00 is required, and this covers everything the R&D department will need to provide you with feedback: all lab time, parts required from our library, and cleanroom usage. If we are unable to gain access to any of your data that initial fee is not refundable.

Option 2. We return your media to you via either our courier or standard option, and you incur no recovery costs as we were unable to recover your data.

Although the fee wasn’t too bad, I wasn’t going to pay upfront without a recovery guarantee, especially after my friend Tommy, a technology entrepreneur and all-around geek opined “These are extremely difficult and risky techniques. I’m skeptical that they have such capability and even if they do, I doubt that the success rate is 74%. I guess more like 25% or less”. I declined, received my media back a few weeks later via regular mail, and sent it to yet another data recovery company:

Would you have proceeded with the recovery at this price?

Although you don’t often read that in reviews, my main complaint with the Sony A7R2 cameras is sensor dust resulting from the mirrorless design and an ineffective sensor dust cleaning system – it mechanically shakes the sensor using the image stabilization actuators. To cope, I work with two camera bodies in order to minimize lens changes. The excellent 24-105 FE (review) stays on the primary camera which is used for most of the photographs, while I reach for the secondary camera when I need more specialized lenses. On that trip, I had failed to do drive backups and the damaged memory card was in the primary camera, which meant that it contained the majority of a week’s worth of work, and probably the best photographs. However, I retained usable images from the second camera, a few of which illustrate this post.

I decided against proceeding with the attempted recovery, saving me the potential disappointment of failure or costs. It is not that the pictures aren’t worth the amount asked. Rather, including all expenses, the trip cost me only a fraction of that amount. This math didn’t account for my time, but no matter how tiring the effort felt, that time was spent on a process that I largely enjoy. Losing the pictures did not rob me of the experiences I had nor of the scouting I did, and rather than looking back by investing in the recovery, I chose to look forward by saving the money for a repeat trip – and a new camera.

The larger conclusion here is that attempts to read a card with recovery software may not always work, physical recovery services are expensive, and also not guaranteed to work. Even after three decades in photography, the incident reinforced several lessons for me.

Memory cards can fail

The disaster drew home the point that memory cards do fail catastrophically. Both data companies found serious physical damage, but that was a card that had been moderately used for a year without any single glitch, so neither “dead on arrival” nor past any reasonable life expectancy – which by the way nowadays is longer than technological obsolescence. It had never been subjected to any form of abuse before as it spent most of its life in a single camera, was formatted after each download, and prior to failure went straight from the camera to a card reader. There were certainly no warnings nor reasonable explanations.

I have been using digital cameras since the first days of full-frame in the early 2000s (remember the $8,000 Canon 1Ds series?) without any card failure, while during that time, I have had to replace a half-dozen failed hard drives. This made me overconfident in flash technology.

If you browse the internet, you will see that I was far from being alone. Quite a few other professional photographers (some with scores of workshop clients) state that they have never experienced any card failure and that when it happened, they were always able to rescue images with recovery software. Clearly, my experience has been different. The fact that you’ve been lucky doesn’t mean that your luck won’t run out at some point, as it did for me – and others. As we will see next, a quick perusal of customer reviews shows that memory card failure is not that rare.

Cards are not equally reliable

The card that failed is a Lexar Professional 1000x 64GB SDXC UHS-II/U3, which is amongst Lexar’s top line of cards, and deemed “professional” by the manufacturer. I used to believe that any memory card from a reputable brand would be reliable. If in addition, you bought it from a reputable vendor, chances that you’d get a counterfeit of questionable reliability would also be low. The preferred vendors are specialist stores such as B&H, but Amazon is fine, as long as you don’t buy from their third-party merchants. Sandisk and Lexar are two of the most well-known brands, and I’ve used exclusively their cards, depending on the best deal I could find at the moment.

Because of that belief, I didn’t pay much attention to customer reviews, adopting the attitude that nothing is 100% foolproof and unlucky folks can have a bad experience with any product. Besides, a quick glance at the ratings show that almost all cards are rated between 4-stars and 4.5-stars, so they must be good products, right?

It would have done me more good to read the Amazon customer reviews before buying the card, but after the card failure, I looked them up. One of the first 1-star reviews I read described the exact same experience I had:

I literally had just reviewed the pics on my Nikon D610 camera and inserted the card into my card reader and got a message that it was not formatted (which it was – I format every card when it’s new). I put the card back into my camera – and same Format error.

I literally had just reviewed the pics on my Nikon D610 camera and inserted the card into my card reader and got a message that it was not formatted (which it was – I format every card when it’s new). I put the card back into my camera – and same Format error.

Although I didn’t read all the 300 1-star reviews, the ones that I sampled overwhelmingly bemoaned card failure. Since this was becoming quite relevant, I looked at the 1-star review tally: 15%. That’s almost 1 out of 6 reviews, odds similar to the Russian Roulette. If someone killed themselves playing the game, I don’t think you’d attribute his death to “just bad luck”. Of course, this is not a scientific observation because several factors affect review-writing, but you get the idea. On the other hand, it is instructive to compare the percentage of 1-star reviews for a few other UHS-II cards:

If we assume that 1-star reviews are exactly the type you’d leave if the card totally failed, from that small sample, we can see that some cards are four times more likely to fail than others. This data also sugggests that there is a problem with those UHS-II Lexar cards. On the other hand, the Lexar UHS-I card that I have used for several years gets a convincingly low 3% of 1-star reviews. The lesson here is that not all cards are equal, even amongst those from a top brand. And if they can have such a high failure rate, think about cards from less reputable or conterfeit brands! By the way, looking at those numbers also indicate that failure rate with SD cards is far higher than CF cards.

Pay attention to negative customer reviews

Some negative customer reviews are frivolous because they are rooted in user error, or because they concern themselves with delivery rather than the product’s quality or performance. However, negative reviews are generally more significant than positive reviews.

If you think that one shouldn’t focus on the negative while the vast majority of reviews are positive, consider that on Amazon, the average rating for a product is 4.4 (out of 5) as found here by analyzing 7 million reviews. Even a product with an average 4.0 rating (4-star) is below average. The large majority of products are rated above 4.0, so the difference between a great product and a subpar product is less than 1 (star) on average. On the other hand, we’ve just seen that the number of 1-star reviews for different cards varies by a factor of four.

Consider dual card slot for backup

If your camera has dual memory slots, the most obvious and foolproof way to prevent data loss from memory card failure is to set the camera to write to two cards simultaneously so that it creates a back up in real time. Now that memory card have become very affordable, you can buy two sets of cards with enough capacity to last you for your whole trip so you don’t have to reuse any card, and you always keep two datasets.

Dual memory card slots are standard in high-end DSLRs cameras, and after omitting them in their first two generations of mirrorless cameras, Sony has started providing them in the A9 and A7 mk3 series (a good example of listening to customers, since there were complaints about the single-slots in previous cameras, many of them from Canon and Nikon users), with the caveat that the second slot is UHS-I, so using simultaneous writing will negate the benefits of the faster UHS-II main slot. I was thinking of skipping the A7R3 generation and wait for the inevitable A7R4, but the incident prompted me to upgrade.

Recently announced full-frame mirrorless cameras from Canon and Nikon have been greeted with an inordinate number of Internet comments about their single memory card slot. We saw many claims that no professional would use cameras with a single memory slot.

But the fact is that some professional photographers refuse to use the second slot for back up even when their camera has one, and for specific reasons. To start with, when I was shooting the Canon 1Ds series, I did not set up the cameras to simultaneous write, possibly because the size of the memory cards available back then made it mandatory to perform daily backups. More recently, Lloyd Chambers uses his dual-slot Nikon as single slot SD cameras because he is annoyed by the camera defaulting to the wrong card – this reminds me of Ted Orland’s aphorism “Owning more than one lens assures that you will always have the wrong lens on the camera for any given picture” – while Thom Hogan uses his dual slot Nikon as a single slot XQD camera because the SD slot slows down the camera. Colby Brown thinks that “there is no point in making two copies of your SD cards” and accordinglysets his Sony A7R3 to auto switch as he estimates he has a higher chance of missing a shot because of a full card than a SD card failure – what I used to do with the 1Ds.

I wonder if those statements about the rarity of card failures do a disservice to less experienced folks, because what isn’t clearly disclosed is that, although those photographers apparently don’t fear card failure, they also have extensive backup strategies using hard drives.

Have a solid backup strategy

If there is one thing that I wish others learn from my misfortune, it is that a solid backup plan is necessary. You want multiple copies of your data in multiple places. There are quite a few ways to go about it.

Several brands now offer ruggedized portable drives. SSDs, which have fallen in price, are much less prone to damage than HDDs. Using drives for backups, you can do a daily (or even more frequent) backup, and have more than two copies of your data.

On the other hand, compared to the in-camera dual slots backups, drive backups are not in real-time, so you could possibly lose a day of data. More importantly, you need to remember and take the time to perform the backups – when maybe you’d just rather go to sleep. During that ill-fated trip, I carried a portable drive, yet due to a combination of fatigue, loaded schedule and complacency, I did not use it. Another reason was that my portable drive had experienced a glitch during the previous trip, forcing me to skip backups, which in turn broke my habit of making them regularly. This brings up the point that with drive-based backups, you have to carry more gear, which could also fail. Even if you carry several USB external drives, you still depend on your laptop for your ability to make drive backups.

With in-camera dual-slot backups, given the availability of huge capacity cards, you could shoot most trips on a single pair of cards, but if something catastrophic happened to your camera, you’d lose everything. Alternatively, you could use smaller cards, and once a pair of card is filled-up (or another threshold in capacity or time is reached), each of them can be stored at an independent location to minimize the risk of loss due to theft. While the second approach increases the chances of a problem because you have more cards to manage, it minimizes the adverse effects of problems.

For now, I have settled on an approach which I think provides me the most redundancy with the least effort: use the second slot of the A7R3 for real-time backup with a medium-sized card, plus do a daily backup on a single self-contained portable hard drive. My choice is the e HyperDrive ColorSpace UDMA3 that I fit with a SSD drive. I generally prefer such a device to a laptop because they are considerably smaller and much faster to deploy for backup.

Eventually, my data loss was caused by my own neglect. I let my guard down and did only a few trips without backing up, and see what happened. This is just my experience and one data point, but I hope it’s been useful to you to read about it. What is your backup strategy? Did you experience a catastrophic memory card failure that you’d like to share?

About the Author

QT Luong is known for being the first to photograph all America’s 60 National Parks — in large format. Ken Burns and Dayton Duncan featured him in The National Parks: America’s Best Idea. His photographs are extensively published and have been the subject of large-format books including Treasured Lands (winner of 6 national book awards), many newspaper and magazine feature articles, solo gallery and museum exhibits across the U.S.

You can see more of QT Luong’s work on his website, Facebook page, Instagram; and follow him on Twitter. Also, check out his book Treasured Lands: A Photographic Odyssey through America’s National Parks. This article was also published here and shred with permission.

Source: https://bloghyped.com/lessons-from-losing-a-week-of-photos-to-memory-card-failure/

Top 3 (Unconventional) Ways to Boost Engagement

New Post has been published on https://popularchips.com/dailies/top-3-unconventional-ways-to-boost-engagement/

Top 3 (Unconventional) Ways to Boost Engagement

If you have a public Instagram account that you wish to promote, getting onto Instagram’s Explore page is one of the many ways to increase your engagement and your follower count. While Instagram’s full algorithm is certainly more complex, your posts’ levels of engagement play a part in whether you are featured.

What is Engagement?

Engagement refers to the number of likes, views (only applicable to videos) and comments received on each post. In influencer marketing, engagement is an important metric in deciding how popular an account is and therefore correlates strongly with how much an influencer is paid. While follower count is also important, since it means that the influencer’s post is likely to reach a larger audience, a higher engagement suggests that the posts made by a particular influencer are more relevant to their audience. Marketing attempts are hence more likely to have a positive impact on their target audience.

Top 3 Unconventional Ways to Boost Engagement

This generation’s digital natives have definitely mastered the various methods of increasing engagement on their public instagram accounts. Here are the 5 of the methods they frequently employ.

I. Making Interaction a Challenge

Typically, users “like” a post if they enjoy the content and comment if there is something interesting about the photograph or video. However, this would not leave individuals with many likes or comments, and certainly not enough for them to appear on Instagram’s Explore page. In order to increase the number of likes, views and comments on a post, some users have taken to making interaction a challenge.

Transform “Liking” into a Game One of these methods involves getting Instagrammers to double-tap on a post with a part of their body that is not their fingers. On the one hand, users get the pleasure of attempting a challenge, since double-tapping on a small screen with any part of one’s body other than one’s fingers is actually quite a difficult task. On the other hand, once the action is complete, users have “liked” the post, and therefore increased engagement levels on said post.

BET You Can’t Double Tap with your Tongue! #instagram #Game

A post shared by DjProstyle Prostyle Power1051 (@prostyle) on Mar 7, 2012 at 1:06pm PST

Billed as a #game, user @prostyle encourages users to double-tap on the photograph with their tongue.

Double Tap in 0.6 Seconds! ❤️ – Follow @humorshub for more❗️

A post shared by Memes 🎃 (@humorshub) on Oct 29, 2017 at 5:48pm PDT

@humorshub asking Instagrammers to double-tap in 0.6 seconds.

Liking a post, which is meant to signify interest in the content of the post, has now been made into a game. The game itself is meaningless insofar as the rules of the game are not and cannot be policed–there is no way for anyone to know if the user has actually succeeded in liking the post with their tongue, or whether they managed to double-tap in 0.6 seconds–but users participate anyway, in part because of the challenge the game presents.

Comment (insert word) letter by letter without being interrupted

I WILL BET ALL OF YOU 5$ THAT YOU CANT COMPLETE THIS!😳 1: Open your eyes (don’t blink) – 2:👇Follow👇 @goodsonscene quickly – 3: Comment “done” letter by letter – 4: Blink 3 Times 97% CANT DO THIS!😱

A post shared by Try to follow with your nose👆🏼 (@memefinest) on Oct 29, 2017 at 4:58pm PDT

In this post, user @memefinest asks Instagrammers to comment with the word “done” letter by letter. Unlike the double-tapping challenges mentioned above, this challenge can actually be policed–there is the chance that an Instagrammer attempting this could be interrupted at any point of time by another Instagrammer, thus causing the individual to fail in their attempt. Naturally, the longer the word, the more difficult the challenge is. Other variations also include asking users to comment with their top 5 most frequently used emojis without being interrupted.

In this case, the Instagrammer who owns the account gets a four-fold increase in the number of comments. The longer the word, the more the number of comments in the post. While this may seem like an obvious ploy to gain comments quickly, a quick look at the comments section of this post suggests that at least some of the users who have seen the post do indeed try to do as suggested.

In addition, @memefinest uses a meme that transforms the post into a challenge in more than one way, by inspiring those who see the post to complete not just one but a few tasks within a limited period of time. Furthermore, this challenge is preceded by a bet (“BET… $5 THAT YOU CANT COMPLETE THIS”) and concludes with the user providing a statistic (“97% CANT DO THIS”), thus encouraging other Instagrammers to prove them wrong.

II. Offering (Unredeemable) Rewards or Punishments

Similar to the concept of chain mails of the 1990s and early 2000s, some Instagram users gain “likes” by offering intangibles such as “luck”, “love” and “wealth” to those who double-tap their posts. This plays on users’ desires to obtain favors, particularly individuals who have something they deem important going on in their lives and hope to gain that extra boost.

👑😍 #doubletap #dt @verzuhdoesgfx

A post shared by #stayActive (@localrobbie) on Oct 29, 2017 at 7:54pm PDT

On the flip side, others claim that users will be visited by demons or other supernatural entities if they do not like, comment or follow the poster within a certain amount of time. While this is unlikely to work for adults aside from those who are particularly superstitious, it is likely to have an effect on teenagers, who would rather play it safe than sorry.

Last image in a slideshow series on @hoodcumedy’s Instagram account

In the same way that forwarding (or not forwarding) a chain mail is unlikely to have any real effects on one’s life, following (or not following) the instructions on these posts is unlikely to affect users in any tangible manner. Yet, what such posts do is to play on users’ fears and desires in order to get them to interact with a post, and these strategies are successful in the same way that chain mails of the past were.

III. Separate Instructions Using Slideshow Format

Instagram introduced its slideshow format in February 2017 and what better way to use them than to provide different instructions for users on each of the slideshow images. All of the methods mentioned above can be combined under one slideshow, so that a user who is not motivated to double-tap on an image with their elbow can double-tap it within 3 seconds for their crush to notice them or follow the user for good luck.

🍆🍆😂😂Classic Ted Cruz 😂😂🍆🍆 👑 Follow me @quality_memes4u👑 —————-_————— My backup: @quality_memes4schmuel And my partners:. @plainbanter @goatmemes215 @rememeberd @the_memes_are_spicyy ———————————————– My official profile picture maker- @ozzmill14 —————————————- #memes #funnymemes #meme #memesdaily #smile #haha #happy #funny #lol #instafunny #fun #funnypics #funnyposts #friends #follow4follow #like4like #instagram #youtubertag #sarcastic #people #troll #trendy #trending #throwback #likeforlike #follows #comedy #jokes #thememesarespicy And use my tag ➡➡➡#qualmemes4u

A post shared by Follows you (@quality_memes4u) on Oct 19, 2017 at 1:32pm PDT

In the example above, while the first two images are memes, the penultimate image asks users to comment with an emoji nine times in a row without being interrupted and the final image leads users to post a comment.

None of these methods are exhaustive and teenagers are always coming up with new ways to boost their follower, like and comment counts. While we do not recommend using any of these methods, it is always helpful to take note of what solutions are available if you have a small public account that you wish to publicize.

Unpacking my summer’s readings

So I’ve finally gotten to munch through a hefty chunk of my reading list this summer break, which to this day is still outpacing my ability to keep up. Nevertheless, I’m pretty happy to report that the couple books I did manage to finish were full of gems and precious little nuggets of insight. The list goes as follows (in chronological order of completion, more or less)

The Accidental Universe by Alan Lightman

Antifragile by Nassim Nicholas Taleb

Behave by Robert Sapolsky

Homo Deus by Yuval Noah Harari

Barking up the Wrong Tree by Eric Barker

Give and Take by Adam Grant

Anti-Intellectualism in American Life by Richard Hofstadter

Thinking Fast and Slow by Daniel Kahneman

3, 2, 1… Unpack!

1.

The Accidental Universe

by Alan Lightman

“In our constant search for meaning in this baffling and temporary existence, trapped as we are within our three pounds of neurons, it is sometimes hard to tell what is real. We often invent what isn’t there. Or ignore what is. We try to impose order, both in our minds and in our conceptions of external reality. We try to connect. We try to find truth. We dream and we hope. And underneath all of these strivings, we are haunted by the suspicion that what we see and understand of the world is only a tiny piece of the whole.”

— Alan Lightman

I’ve got to say, Lightman has a way with his words. In this essay, he weaves together descriptions about our vast and chaotic universe that just ooze with inspiring, tear-jerking beauty. His one segment about humankind’s yearning for permanence in this universe, that is notoriously unkind to that very notion, is so poignantly crafted that it’s worth a couple rereads. As a physicist, Lightman took his sweet time describing the universe at the enormous, cosmic level. At parts, he reached levels of abstraction where you were being fire-hosed with talk about thermodynamic laws, God(s), probability, miracles, and all other things that straddle divinity and science. This was great food for thought, for sure, but all this universe talk seemed to me like a bad recipe for nihilism. Human existence, in the grand scheme of things, really is woefully insignificant, especially if you’re zoomed out all the way in god-land like that. So I guess this book wasn’t the best at making me feel as though my mundane struggles, wants, and life ambitions had any real meaning or importance (which do, I protest!). Did this book fill me with wonder and intellectual bliss? Yep! Did this book kindle the fire in me to grease up my elbows and roll up my sleeves and make a difference in this world of humans? Sadly, no.

2.

Antifragile

by Nassim Nicholas Taleb

“Somehow, it is only when you don’t care about your reputation that you tend to have a good one.”

— Nassim Nicholas Taleb

Hohoho what a refreshing read this was! How should I describe this book… a bold treatise that exposes everything wrong with the world’s approach to risk and randomness through the lens of an anti-intellectual scholar? Taleb has no tolerance for bullshit, is irreverently skeptical, and is ruthlessly blunt about his dislike for pretentious armchair intellectuals and “fragilista” professionals. What impresses me the most about AntiFragile is that it is one of those few reads that actually have a real influence on my actions and thought processes. His arguments about randomness and risk (maximize optionality, gauge fragility instead of trying to predict the future, embrace variability over fragile stability, etc.) have pretty concrete applications if you really internalize what he says. No other book motivates me as much as this one to explore my opportunities widely and boldly. He never explicitly says this in the book, but the sentiment I really took away was: Carpe Diem! (Oh, and also a little bit of ‘Fuck You’)

This is not to say that I instantly agreed with everything he said. In fact, I admit that I found quite a few of his concepts to be difficult pills to swallow, at first. For instance, he argues that we can tame the randomness in our lives by having optionality, as it can help us bound our losses and unbound our gains. Basically, you’ll always have the upper hand if you diversify your options, enter situations while maintaining multiple exit strategies and backup plans, and generally refuse all eggs-in-one-basket commitments (because that’s what fragile suckers do). I admit, my initial reaction to this was of mild disgust. Here’s a snippet from a sour journal entry I wrote, which I quote: “Taleb wrote an entire book about how not to be a sucker. Instead, he teaches you how to be something else: an asshole!” In slightly less emotional terms, what I meant here was that this flighty strategy would work great for self-preservation, but seems damagingly reckless to the big things in life that do inevitably require vulnerability and self-sacrifice, like close relationships. I think Taleb provides fantastic practical advice for how to withstand and thrive from turbulent challenges, but he would be missing the mark if he pushes self-preservation as the highest priority for living a good life. These insights, that have served him well as a former trader on Wall Street, just might not produce the same smashing successes when applied everywhere in life, I reckon. So while he has certainly demonstrated the wide applicability of his ideas, I yearn a bit for a more conscientious exploration of its limits.

3.

Behave

by Robert Sapolsky

“You don’t have to choose between being scientific, and being compassionate.”

— Robert Sapolsky

Ok this book takes the cake as my #1 favorite book of this summer. It also deserves another superlative: #1 Most philosophically provocative book.

Here were my first thoughts:

Robert Sapolsky?! The Sapolsky guy who did that brilliant talk at Stanford that inspired my starry-eyed self from middle school? YEA OH YEA IT’S HIM

Oh dear. Very big book.

If you were to go to Mars and could take only one social science book with you on your journey, bring this behemoth. A book with the ambitious goal of exploring all the best and worst parts of humanity, Sapolsky has meticulously combed through and weaved together a comprehensive quilt of all the landmark studies and events that have shaped science’s understanding of human nature to date. He patches together the motivations and meanings of our actions by blending ideas from a spectrum of disciplines including evolutionary biology, biochemistry, genetics, neuroscience, psychology, sociology, philosophy, game theory, law, and economics . Something I admire a lot about this book is the amount of nuance and humility Sapolsky has when explaining human behavior. No matter what arrogant “experts” confidently assert about their fields, one can’t adequately account for all the subtleties of human nature by relying on any singular model. I guess that sounds like common sense, but I think the inquisitive softness that I have come to appreciate in Sapolsky’s writing isn’t something very common at all.

That being said, I do have to say this book had a slow start for me. Sapolsky probably intended for his narrative to be as accessible to the general public as possible, so he took his liberties in the early chapters to explain the fundamental biology and neurochemistry concepts underlying his book. Not to say that this stuff isn’t interesting, but it was a little dry. Anyone who has taken a formal psychology class before or is a seasoned reader of social science books probably isn’t a stranger to many of the famous experiments he discusses in detail. Not to worry, though. The pace eventually picks up, landing its best kernels of wisdom and greatness toward the end. And seriously… it is worth the journey. I finished chapters 15-17 feeling like a champion, having experienced feelings towards humanity that swept across my whole spectrum of emotions (a book can do that?). I’ll do you the courtesy of not spoiling any of it ;)

So why do I find this book to be the “most philosophically provocative?” ‘Behave’ obviously invites a lot of introspection about human nature, but I think the doozy in this book lies in the recurring dialogue about free will vs. determinism. I know — bear with me — this debate has probably been beaten to death within academic circles for a century. But Sapolsky brought a new sense of urgency to the question by noting the relentless advancements of scientific and technological discovery we’ve been seeing in recent years. Sapolsky himself sits in the deterministic camp of ideology (gasp!), and goes into pretty grave detail about what this implies. If what he says is true, that humankind is already headed in the direction of realizing there is no free will, our current legal system and humanistic societal mores will be needing some serious revisions. But hey — the hopeful future he paints, where we will have shed our primitive beliefs in “evil” agents and learn to harmonize science with compassion sounds pretty swell to me. *shrugs*

(Bonus quote, because I loved this book so much)

“Solving those nuts and bolts issues may be a way of ending the war, But peace is not the mere absence of war; making true peace requires acknowledging and respecting the sacred values of them. /…/ In rational choice models of decision making, something as intangible as an apology could not stand in the way of peace, yet they do. Because in recognizing the enemy’s sacred symbols, you are de facto recognizing their humanity, their capacity for pride, unity, and connection to their past, and most of all, their capacity for experiencing pain.”

— Robert Sapolsky, Chapter 15

4.

Homo Deus

by Yuval Noah Harari

“This is the primary commandment humanism has given us: create meaning for a meaningless world. Accordingly, the central religious revolution of modernity was not losing faith in God, but rather gaining faith in humanity.”

— Yuval Noah Harari, Chapter 9

Ok, I admit: After Sapolsky’s grand finish in “Behave”, diving straight into a second let’s-walk-you-through-all-of-human-history book without a proper palette cleanser wasn’t the most tasteful choice. But let’s leave that behind us, shall we? What “Homo Deus” has in common with “Behave” was an iffy beginning, though for a different reason. Harari starts the book off by painting some crazy speculations about humanity’s future and excitedly exploring the moral quandaries that come along with them: we unlock immortality, “hack” away society’s current afflictions, and/or upgrade ourselves to be living gods (hence the dramatic title). To be honest, all of that optimistic sci-fi talk started to annoy me, and I came close to abandoning the book; if there was anything I learned from Nassim Taleb, it was to protect my eyes from the cancerous garbage spewed by haughty experts who think they can predict the future. Thankfully, Harari was aware of this, as he was quick to qualify himself, before he began his thorough survey of man’s historical timeline, starting from square one. That was where the real fun began.

What stood out to me about this book was not its recounting of specific historical events in detail, but rather its insightful high-level analyses of human progress. I LOVE it. Somehow, Harari was able to capture the zeitgeist (pardon the fancy word) of every great human era, into one flowing narrative.

Here’s one example so you know what I mean. Harari remarks at one point that “modernity is a deal,” in which we have traded meaning for power. Long ago, when humans were pretty powerless against nature and celestial deities were the go-to answer for all the big questions about the universe, people didn’t struggle with existential crises. But in the modern age, where science and technology equip people with more power to direct their lives than ever before, meaninglessness and existential unease strikes like the plague. Cool, right? “Homo Deus” is FULL of insights like this. It’s incredible.

5.

Barking up the Wrong Tree

by Eric Barker

“We often confuse fate and destiny for meaning the same thing. But UCLA professor Howard Suber clarifies the distinction: fate is that thing we cannot avoid; it comes for us despite how we try to run from it. Destiny, on the other hand, is that thing we must chase — what we must bring to fruition. It’s what we strive toward and make true. When bad things happen, the idea of fate makes us feel better. Whereas /…/ success doesn’t come from shrugging off the bad as unchangeable and saying things are already meant to be. It’s the result of chasing the good and writing our own future. Less fate, more destiny.” — Eric Barker

Of all the books listed, this one was definitely the breeziest and perhaps the most enjoyable book to read. It is a fast and lightweight read, with an addicting quality to it that reminds me of online blogs (like Medium!). Addicting, you might ask? Yeah — the chapter titles are written like Buzzfeed article headings ( I mean this endearingly) , just beckoning for you to continue. For example, here’s one: “Do Nice Guys Finish Last?” … Need I say more?

I don’t have much else to say about this book besides how easily digestible and pleasurable it is to read. But don’t get the wrong idea — It’s full of hearty insights, and I love how Barker can explore some very deeply philosophical questions in plain speak, without dishing out empty, glib answers. It’s an espresso shot of no-frills discourse and practical wisdom about our common misconceptions about success. Who doesn’t like to ponder about how to live a successful and meaningful life? What is success, anyway? Bring it with you on your next plane ride or listen to its audiobook version during some thoughtful walks. 10/10 would recommend.

6.

Give and Take

by Adam Grant

“Givers don’t burn out when they devote too much time and energy to giving. They burn out when they’re working with people in need but are unable to help effectively.”

— Adam Grant

Nice guys don’t finish last. There, I said it. Adam Grant says so too. And then he wrote an entire book about it.

This book has the lively cadence that reminds me a lot of Malcom Gladwell’s books. Solid, real-world examples and anecdotes make Grant’s book lucid and persuasive. Reading ‘Give and Take’ gave me the fuzzies at parts, because who doesn’t want to feel that all is right with the world, where happy endings occur to people who give generously? But, of course, anyone who hasn’t been living blissfully under a rock their whole lives knows that this isn’t always the case. The kicker in this book is not that he praises saintly and self-sacrificing behavior (which, he does admit, can turn people into burnt-out doormats), but the way he distinguishes selfless and “other-ish” giving. Effectively, he discusses what styles of giving are actually sustainable and win-win in the long run, while giving practical advice about how not to be a burnt-out doormat. Valuable stuff to read, especially if you self-identify as a giver and want to feel validated. Grant reminds us that we (impersonal ‘we’) can help others and help ourselves too, if the cards are played right. I think I give this book a 7.5/10… solid book with clear arguments, but nothing about it made me leap out of my chair.

7.

Anti-Intellectualism in American Life

by Richard Hofstadter

“ The professional man lives off ideas, not for them. He’s a mental technician”

— Richard Hofstadter

I’ve got to say that this book was most unlike the others I’ve read. If you’re a U.S. history buff, you’d really enjoy this book, which deep-dives into the ebbing and flowing tides of American anti-intellectualism since its origins in the Great Awakening of the 1700’s, all the way to the present day.

( Heads up: This next bit is more of a rant than a book review.) The most mind-blowing thing I learned was really how deeply ingrained anti-intellectualism is in American culture. Peering into the darker parts of the U.S.’s recent history (remember McCarthyism?), the book highlights that intellectuals in this country have long been stamped with disparaging stigmas of being untrustworthy, morally decadent, effeminate, and, get this, un-American. Maybe it’s because I was raised in a different culture, but those sentiments just seemed bizarre to me as I was reading about them, and it took me a long time to understand. Personally, I’ve always revered the well-educated for their critical reasoning skills and genteel dignity, and could never wrap my head around why respectable Americans would routinely seem to be captivated, instead, by crass populist figures. How did “hardworking and charming Christian with simple and practical-minded values” become popularly known as the traits of the “quintessential” American man? This book walked me through the ins and outs of anti-intellectualism, which has become so integral in this country’s narrative. Here’s a thought: have you wondered why the U.S. isn’t known for having beautiful relics or extravagant monuments of classical art and culture, like many Western European countries are? Maybe it’s because the U.S. was built by founders who wanted nothing to do with all that . The first settlers had fled from such countries, and have abandoned centuries of history and tradition and culture, to live a simpler and more pious life. From this, you could probably imagine how anti-intellectualism begins to fit into the picture of American history. These roots run deep.

As much as I don’t want to bring up the 2016 election and subsequent events, this book, though it was published in 1963, is pretty darn relevant to all the craziness that we’re facing today ( is it a little disturbing that things haven’t changed that much in a half-century?) Last year’s presidential election was insane; it tore open old scars, and revealed an ideological rift between Americans that at times is so hostile that it seems impossible to get both sides to understand each other. I won’t say that this book magically made me “understand” all of the unrest between the left and right, or convinced me that anti-intellectualism is a great thing (still disagree…). But it definitely got me thinking about how swampy and complex this makes American history.

All that being said, Anti-Intellectualism in American Life was a fascinating but pretty challenging read. I’m no U.S. History enthusiast, and I certainly won’t be able to remember all the names, dates, and events that were mentioned, but it was enough to get me thinking about America’s past, the evolution of its values, and the perspectives of the “American people” of whom people like to refer.

8.

Thinking Fast and Slow

by Daniel Kahneman

“ Experts who acknowledge the full extent of their ignorance may expect to be replaced by more confident competitors, who are better able to gain the trust of clients. An unbiased appreciation of uncertainty is a cornerstone of rationality — but it is not what people and organizations want. Extreme uncertainty is paralyzing under dangerous circumstances, and the admission that one is merely guessing is especially unacceptable when the stakes are high. Acting on pretended knowledge is often the preferred solution.”

— Daniel Kahneman, Chapter 24

When shopping on Amazon for this book, I’ve honestly read nothing but praise. Kahneman and Tversky’s work have had an earth-shattering influence in the social sciences and economics for the past few decades, and it goes without saying that this book is a staple for anyone remotely interested in behavioral economics. All I can really think of to say is to read this book carefully, and have a pen on hand to annotate. This book is DENSE with counterintuitive insights about human psychology, which will make any reader start to think twice about the reliability (or unreliability, rather) of his/her judgment. Very cool, all the way through.

…

Unpacking: Done

So, there’s that: my compendium of book commentaries of the summer. I am ALWAYS looking for more thought provoking things to read, so please (x3) feel welcome to send me book/article/blog recommendations. Thoughtful discussions always appreciated :)

Android Smartphone Security: Today and Tomorrow

New Post has been published on https://realitycrazy.com/smartphone-security-today-and-tomorrow/

Android Smartphone Security: Today and Tomorrow

With the smartphone industry growing larger every day, there is a growing concern for the security of data on said mobile devices. The power of these devices is always increasing, as is the amount of software that can be installed on them. With the advent of these different types of software, including financial software and personal identification software, the need for more security is a must. Most of these types of devices come with some type of security built-in, but is this really enough for today’s world?

For most people nowadays, their whole life is on their smartphone. It includes a plethora of personal information and data, such as:

personal/work documents, notes, pictures, and emails that can contain sensitive information

full access to Wi-Fi networks that you connect to at work or at home

calendar appointments and contacts

access to various sites/information through apps, such as social networking apps, bill paying apps, movie apps, shopping apps, and etcetera

With all this information on our smartphones, it makes it a goldmine for potential thieves. The risk of your phone being lost, stolen, or even being rummaged through by your IT guy is only the half of the security problem with them. Smartphones can also leak other kinds of data through sniffing of your internet traffic when connected to open Wi-Fi networks. Your passwords to unencrypted websites and services, such as Facebook, Twitter, Web-based e-mail sites, POP3 e-mail services, etcetera could be easily be sniffed by someone else on the network. There is also the issue of viruses, malware, SMS/MMS exploits, and Bluetooth exploits; these exploits can manipulate your phone settings and prevent you from using certain features, send information to or call contacts in your phone, steal and/or destroy personal information on your phone, or render your phone completely unusable.

Though the biggest concerns, for now, should be more focused on protecting your phone from theft or loss or sniffing over Wi-Fi, the issues of malicious software and hacking are becoming more and more prevalent every day. These issues could become more of a concern in the not so distant future due to the lack of integrated active security systems, such as firewalls, anti-virus programs, and anti-malware programs into our phones.

To set a bit of background for the importance of securing your mobile phone, Juniper Networks conducted a study of more than 6,000 smartphone and tablet users in 16 countries about mobile security threats. They found the following:

250% increase in the amount of mobile malware over the past year

a Fortune 15 company discovered that 1,250 of its 25,000 devices were infected with malware

44% of respondents to the survey use their devices for both business and personal use

80% admit to using their devices to access their work network without the employer’s knowledge or permission

one out of every twenty apps in the Android marketplace requests permissions that could allow the app to place a call without the user knowing

nine of ten mobile devices have little or no security protection

more than 60% of reported smartphone infections are spyware and 17% are text message trojans that can rack up fees that are charged to the device owner’s account

As clearly evidenced by Juniper’s findings, there is an inherent need for more mobile phone security. Fortunately, there are several options to help secure your phone that is built-in to the operating system and several third-party programs as well. Even the most basic of security measures can help you protect your personal information. To begin, we will start with some of the simpler defense mechanisms.

While this first one may seem pretty obvious and straightforward, do not lose your phone! If you are in a public place, do not sit it down or put it in your pocket or an open bag, where it can be easily grabbed. This is actually the most common way that phones get lost or stolen.

You should also set your phone to lock or timeout after a certain period of time (recommend thirty seconds or less), especially if you happen to leave your phone out on your desk at work or in other public areas. All major smartphones come with this functionality built-in. You will want to make sure that you choose something that is not easy for anyone to guess, but easy for you to remember. It should not be something as simple as your address, name, phone number, etcetera. Here is how to easily set timeout settings and passwords on your phone:

Android:

Beginning with Android 2.2 (Froyo), users have the ability to set a pattern lock, PIN code, or password on their device. Users of earlier versions of Android can only set a pattern lock. How to set the screen timeout and locks mentioned above can vary depending on the manufacturer of the phone you have. The option is generally found by pressing the Menu button from the home screen, going to Settings, Location & Security, and Set up screen lock. From there, you should be able to easily setup the different types of screen locks. (Word of caution: Make sure that you have your Gmail account linked to your phone so that you will be able to gain access to your phone in the event that you forget your password. I highly recommend this if you set up a pattern lock, as it can be very easy to forget your pattern). You may also want to be careful with setting a pattern lock, as unlocking your phone this way leaves the oily residue on the screen that can remain even if you wipe it. A study conducted by researchers at the University of Pennsylvania on the Google Nexus One and HTC, G1 showed that taking photos of the phone’s screen with a standard camera and doing simple manipulations of the images within photo-editing software revealed the pattern more than 90% of the time.

BlackBerry:

Press the BlackBerry button, go to Options and Password. From there, select Enable Password. Set the number of password attempts to what you consider a suitable amount (recommend four minutes). After the specified amount of attempts has been exceeded, it will completely lock you out of your phone for the time interval specified in the Security Timeout field. You can also set it to where it will lock upon placing your BlackBerry in a holster. This will only work with a magnetized holster. To set the screen timeout, go back to the Options screen and select Screen/Keyboard. From there, select the specified timeout period by Backlight Timeout.

iPhone:

Beginning with iOS 4, Apple introduced the ability to setup a password in addition to the standard 4-digit PIN code. To set a passcode, go to Settings, General, and Passcode Lock. From there, set the password or PIN code that you would like, as well as adjust the screen timeout through the Auto-Lock option. You may also select the Erase Data option to erase all data on the phone after 10 failed passcode attempts.

While password protecting your phone can greatly decrease the risk of your information being stolen, it is always good to take even more precautions. There are several different types of security suites out there from different vendors, as well as built-in software that can perform a “remote wipe” on your phone in the event that it is lost or stolen. Remote wipe means that you can completely remove all of your data from the phone, including e-mails, texts, documents, contacts, etcetera over the internet. For those corporate users who have a Microsoft Exchange e-mail account, this can easily be accomplished without any third-party software. You can either do it yourself through the Options panel in Outlook Web Access or have someone in the IT department initiate the wipe. For those who are personal users, or for those that do not have an Exchange account, there are several other options from third-party vendors.

Android/BlackBerry:

There are several different third-party applications that allow for you to remotely wipe your device, as well as provide several other security features. The most popular application out now is the Lookout Mobile Security suite. It not only allows you to remotely wipe your device, but also incorporates additional features that allow you to track your device via GPS, back up your contacts over the internet, and scan for viruses. The features mentioned above (minus remote wipe) are available through their free version of the program. The premium version of the program incorporates all of the above features, plus backup support for call history and pictures, remote locking, and includes a privacy advisor. The privacy advisor gives you insight into which apps can access private data on your phone, as well as scan every app that you download to see what data it accesses. The premium version is $2.99/month or $30/year. Some competitors to Lookout Mobile Security also offer protection from web threats by scanning apps before they are installed, scanning links for phishing URLs and other malware, and blocking unwanted calls and text messages. AVG Anti-Virus, McAfee WaveSecure, and Webroot Mobile Security are some of the other big name competitors.

iPhone:

The iPhone does not have quite as many options as other platforms. The only option available is to track your phone using MobileMe. If your iPhone has iOS 4.2 or higher, you can simply download the Find My Phone app from the App Store and enable it online through MobileMe. If you lose your phone, you can log in to the MobileMe website and track your phone. If you have an older version of iOS, you will need to have a paid MobileMe account, which costs $99/year.

As far as anti-virus protection on the iPhone, there are none currently available on the consumer level. Apple relies strictly on the App Store’s stringent review process to keep out any malicious software. While this sounds good in theory, it is not foolproof. With so many apps going through the approval process, there are bound to be some malicious ones that get through. The only other sort of protection available for the iPhone is Trend Smart Surfing, which blocks access to web pages with malicious content and helps circumvent phishing attacks.

However, Juniper Networks is currently working on the Juno Pulse Mobile Security suite that includes anti-virus, firewall, anti-spam, and remote monitoring/control services. It also remotely backs up and restores data and can locate lost devices. Juno Pulse is currently available to enterprise customers only, but they are looking to move into the consumer market.

Some other general security measures that you can take to protect yourself are to make sure that when installing third-party apps, you pay attention to the privileges that you are granting to them. Some of these privileges can include access to your GPS location, access to your contacts, access to your text messages, and other personal data. With BlackBerry App World and the Apple App Store, most of these problems are handled at the application store level before they are released to the masses. However, the Android Marketplace is a bit different, as Google does not screen all apps that come with it. It gives the end user more freedom, where the app asks you for specific permissions when installing and updating them. In short, it is best to use common sense and pay attention to what you are installing before you install it read the reviews and make sure that it has a good number of users beforehand. Also, make sure that you only download apps from trusted sources. It is no different than the precautions you should use when installing programs on your computer.

Other aspects of securing your device that you should pay attention to are that when logging into a website, ensure that the connection is encrypted using SSL or HTTPS. You should also use secured Wi-Fi hotspots that will encrypt your traffic from others that utilize the hotspot. If you are unable to do this, you should opt into using the cellular data connection instead, as it is typically encrypted by the network provider. You could also use VPN to secure all your internet traffic, as there are several free providers out there, including Hotspot Shield or WiTopia.

Device encryption is also a must for any mobile users, as it will secure your personal information and data from being recovered by a hacker or any other advanced user. Entire device encryption is currently supported on BlackBerry, iPhone, and Android 3.0 tablets.

BlackBerry:

Most of the newer BlackBerry devices support encryption on the entire device and on removable storage (microSD cards)-this will protect your pictures, documents, and other files in case you lose your BlackBerry or have someone take your card out when you are not looking. When encrypting your device, you may want to leave your contacts unencrypted, as encrypting them will cause caller names to not display when your phone is locked. To setup encryption on the device and/or removable storage, press the BlackBerry button, go to Options, Security, andEncryption. From there you will able to specify what you would like to be encrypted.

iPhone:

Encryption on the iPhone is automatically turned on when you set a passcode on your device. However, it is only available on the iPhone 3GS and later it is unavailable on earlier iPhone models. To ensure that encryption is enabled, verify that Data protection is enabled is displayed in the Passcode Lock screen in the Settings.

Android:

Unfortunately, Android does not currently support any device-level encryption for smartphones. If you would like to encrypt your emails, calendar, and contact info from your company’s Exchange account, you may do so using a third-party Exchange client called Touchdown. However, device-level encryption is currently available as part of Android 3.0 (Honeycomb), which is targeted for tablet devices. It should make its way onto their smartphone operating systems sometime in the near future.

After taking a look at some of these common smartphone security issues, you should have some sort of idea on how to best protect yourself from loss or theft of your device and loss of any personal information from your device. With smartphones becoming more and more popular, more security issues will be sure to arise and Android smartphone manufacturers will continue to adapt their operating systems to best combat these issues. At some point, these mobile security suites may even be integrated into the operating system or pre-installed by your network provider.

Eddie Burkett

Smartphone Security: Today and Tomorrow

New Post has been published on https://myupdatesystems.com/smartphone-security-today-and-tomorrow/

Smartphone Security: Today and Tomorrow

With the smartphone industry growing larger every day, there is a growing concern for the security of data on said mobile devices. The power of these devices is always increasing, as is the amount of software that can be installed on them. With the advent of these different types of software, including financial software and personal identification software, the need for more security is a must. Most of these types of devices come with some type of security built-in, but is this really enough for today’s world?

For most people nowadays, their whole life is on their smartphone. It includes a plethora of personal information and data, such as:

personal/work documents, notes, pictures, and emails that can contain sensitive information

full access to Wi-Fi networks that you connect to at work or at home

calendar appointments and contacts

access to various sites/information through apps, such as social networking apps, bill paying apps, movie apps, shopping apps, and etcetera

With all this information on our smartphones, it makes it a goldmine for potential thieves. The risk of your phone being lost, stolen, or even being rummaged through by your IT guy is only the half of the security problem with them. Smartphones can also leak other kinds of data through sniffing of your internet traffic when connected to open Wi-Fi networks. Your passwords to unencrypted websites and services, such as Facebook, Twitter, web-based e-mail sites, POP3 e-mail services, etcetera could be easily be sniffed by someone else on the network. There is also the issue of viruses, malware, SMS/MMS exploits, and Bluetooth exploits; these exploits can manipulate your phone settings and prevent you from using certain features, send information to or call contacts in your phone, steal and/or destroy personal information on your phone, or render your phone completely unusable.

Though the biggest concerns, for now, should be more focused on protecting your phone from theft or loss or sniffing over Wi-Fi, the issues of malicious software and hacking are becoming more and more prevalent every day. These issues could become more of a concern in the not so distant future due to the lack of integrated active security systems, such as firewalls, anti-virus programs, and anti-malware programs into our phones.

To set a bit of background for the importance of securing your mobile phone, Juniper Networks conducted a study of more than 6,000 smartphone and tablet users in 16 countries about mobile security threats. They found the following:

250% increase in the amount of mobile malware over the past year

a Fortune 15 company discovered that 1,250 of its 25,000 devices were infected with malware

44% of respondents to the survey use their devices for both business and personal use

80% admit to using their devices to access their work network without the employer’s knowledge or permission

one out of every twenty apps in the Android marketplace requests permissions that could allow the app to place a call without the user knowing

nine of ten mobile devices have little or no security protection

more than 60% of reported smartphone infections are spyware and 17% are text message trojans that can rack up fees that are charged to the device owner’s account

As clearly evidenced by Juniper’s findings, there is an inherent need for more mobile phone security. Fortunately, there are several options to help secure your phone that is built-in to the operating system and several third-party programs as well. Even the most basic of security measures can help you protect your personal information. To begin, we will start with some of the simpler defense mechanisms.

While this first one may seem pretty obvious and straightforward, do not lose your phone! If you are in a public place, do not sit it down or put it in your pocket or an open bag, where it can be easily grabbed. This is actually the most common way that phones get lost or stolen.

You should also set your phone to lock or timeout after a certain period of time (recommend thirty seconds or less), especially if you happen to leave your phone out on your desk at work or in other public areas. All major smartphones come with this functionality built-in. You will want to make sure that you choose something that is not easy for anyone to guess, but easy for you to remember. It should not be something as simple as your address, name, phone number, etcetera. Here is how to easily set timeout settings and passwords on your phone:

Android:

Beginning with Android 2.2 (Froyo), users have the ability to set a pattern lock, PIN code, or password on their device. Users of earlier versions of Android can only set a pattern lock. How to set the screen timeout and locks mentioned above can vary depending on the manufacturer of the phone you have. The option is generally found by pressing the Menu button from the home screen, going to Settings, Location & security, and Set up screen lock. From there, you should be able to easily setup the different types of screen locks. (Word of caution: Make sure that you have your Gmail account linked to your phone so that you will be able to gain access to your phone in the event that you forget your password. I highly recommend this if you set up a pattern lock, as it can be very easy to forget your pattern). You may also want to be careful with setting a pattern lock, as unlocking your phone this way leaves the oily residue on the screen that can remain even if you wipe it. A study conducted by researchers at the University of Pennsylvania on the Google Nexus One and HTC G1 showed that taking photos of the phone’s screen with a standard camera and doing simple manipulations of the images within photo-editing software revealed the pattern more than 90% of the time.

BlackBerry:

Press the BlackBerry button, go to Options andPassword. From there, select Enable Password. Set the number of password attempts to what you consider a suitable amount (recommend four minutes). After the specified amount of attempts has been exceeded, it will completely lock you out of your phone for the time interval specified in the Security Timeout field. You can also set it to where it will lock upon placing your BlackBerry in a holster. This will only work with a magnetized holster. To set the screen timeout, go back to the Options screen and select Screen/Keyboard. From there, select the specified timeout period by Backlight Timeout.

iPhone:

Beginning with iOS 4, Apple introduced the ability to setup a password in addition to the standard 4-digit PIN code. To set a passcode, go to Settings, General, and Passcode Lock. From there, set the password or PIN code that you would like, as well as adjust the screen timeout through the Auto-Lock option. You may also select the Erase Data option to erase all data on the phone after 10 failed passcode attempts.

While password protecting your phone can greatly decrease the risk of your information being stolen, it is always good to take even more precautions. There are several different types of security suites out there from different vendors, as well as built-in software that can perform a “remote wipe” on your phone in the event that it is lost or stolen. Remote wipe means that you can completely remove all of your data from the phone, including e-mails, texts, documents, contacts, etcetera over the internet. For those corporate users who have a Microsoft Exchange e-mail account, this can easily be accomplished without any third-party software. You can either do it yourself through the Options panel in Outlook Web Access or have someone in the IT department initiate the wipe. For those who are personal users, or for those that do not have an Exchange account, there are several other options from third-party vendors.

Android/BlackBerry:

There are several different third-party applications that allow for you to remotely wipe your device, as well as provide several other security features. The most popular application out now is the Lookout Mobile Security suite. It not only allows you to remotely wipe your device, but also incorporates additional features that allow you to track your device via GPS, back up your contacts over the internet, and scan for viruses. The features mentioned above (minus remote wipe) are available through their free version of the program. The premium version of the program incorporates all of the above features, plus backup support for call history and pictures, remote locking, and includes a privacy advisor. The privacy advisor gives you insight into which apps can access private data on your phone, as well as scan every app that you download to see what data it accesses. The premium version is $2.99/month or $30/year. Some competitors to Lookout Mobile Security also offer protection from web threats by scanning apps before they are installed, scanning links for phishing URLs and other malware, and blocking unwanted calls and text messages. AVG Anti-Virus, McAfee WaveSecure, and Webroot Mobile Security are some of the other big name competitors.

iPhone:

The iPhone does not have quite as many options as other platforms. The only option available is to track your phone using MobileMe. If your iPhone has iOS 4.2 or higher, you can simply download the Find My Phone app from the App Store and enable it online through MobileMe. If you lose your phone, you can log in to the MobileMe website and track your phone. If you have an older version of iOS, you will need to have a paid MobileMe account, which costs $99/year.

As far as anti-virus protection on the iPhone, there are none currently available on the consumer level. Apple relies strictly on the App Store’s stringent review process to keep out any malicious software. While this sounds good in theory, it is not foolproof. With so many apps going through the approval process, there are bound to be some malicious ones that get through. The only other sort of protection available for the iPhone is Trend Smart Surfing, which blocks access to web pages with malicious content and helps circumvent phishing attacks.

However, Juniper Networks is currently working on the Juno Pulse Mobile Security suite that includes anti-virus, firewall, anti-spam, and remote monitoring/control services. It also remotely backs up and restores data and can locate lost devices. Juno Pulse is currently available to enterprise customers only, but they are looking to move into the consumer market.

Some other general security measures that you can take to protect yourself are to make sure that when installing third-party apps, you pay attention to the privileges that you are granting to them. Some of these privileges can include access to your GPS location, access to your contacts, access to your text messages, and other personal data. With BlackBerry App World and the Apple App Store, most of these problems are handled at the application store level before they are released to the masses. However, the Android Marketplace is a bit different, as Google does not screen all apps that come with it. It gives the end user more freedom, where the app asks you for specific permissions when installing and updating them. In short, it is best to use common sense and pay attention to what you are installing before you install it read the reviews and make sure that it has a good number of users beforehand. Also, make sure that you only download apps from trusted sources. It is no different than the precautions you should use when installing programs on your computer.

Other aspects of securing your device that you should pay attention to are that when logging into a website, ensure that the connection is encrypted using SSL or HTTPS. You should also use secured Wi-Fi hotspots that will encrypt your traffic from others that utilize the hotspot. If you are unable to do this, you should opt into using the cellular data connection instead, as it is typically encrypted by the network provider. You could also use VPN to secure all your internet traffic, as there are several free providers out there, including Hotspot Shield or WiTopia.

Device encryption is also a must for any mobile users, as it will secure your personal information and data from being recovered by a hacker or any other advanced user. Entire device encryption is currently supported on BlackBerry, iPhone, and Android 3.0 tablets.

BlackBerry:

Most of the newer BlackBerry devices support encryption on the entire device and on removable storage (microSD cards)-this will protect your pictures, documents, and other files in case you lose your BlackBerry or have someone take your card out when you are not looking. When encrypting your device, you may want to leave your contacts unencrypted, as encrypting them will cause caller names to not display when your phone is locked. To setup encryption on the device and/or removable storage, press the BlackBerry button, go to Options, Security, andEncryption. From there you will able to specify what you would like to be encrypted.

iPhone:

Encryption on the iPhone is automatically turned on when you set a passcode on your device. However, it is only available on the iPhone 3GS and later it is unavailable on earlier iPhone models. To ensure that encryption is enabled, verify that Data protection is enabled is displayed in the Passcode Lock screen in the Settings.

Android:

Unfortunately, Android does not currently support any device-level encryption for smartphones. If you would like to encrypt your emails, calendar, and contact info from your company’s Exchange account, you may do so using a third-party Exchange client called Touchdown. However, device-level encryption is currently available as part of Android 3.0 (Honeycomb), which is targeted for tablet devices. It should make its way onto their smartphone operating systems sometime in the near future.

After taking a look at some of these common smartphone security issues, you should have some sort of idea on how to best protect yourself from loss or theft of your device and loss of any personal information from your device. With smartphones becoming more and more popular, more security issues will be sure to arise and smartphone operating system manufacturers will continue to adapt their operating systems to best combat these issues. At some point, these mobile security suites may even be integrated into the operating system or pre-installed by your network provider.

New Post has been published on Vin Zite

New Post has been published on https://vinzite.com/smartphone-security-today-and-tomorrow/

Smartphone Security: Today and Tomorrow

With the smartphone industry growing larger every day, there is a growing concern for the security of data on said mobile devices. The power of these devices is always increasing, as is the amount of software that can be installed on them. With the advent of these different types of software, including financial software and personal identification software, the need for more security is a must. Most of these types of devices come with some type of security built-in, but is this really enough for today’s world?

For most people nowadays, their whole life is on their smartphone. It includes a plethora of personal information and data, such as:

personal/work documents, notes, pictures, and emails that can contain sensitive information

full access to Wi-Fi networks that you connect to at work or at home

calendar appointments and contacts

access to various sites/information through apps, such as social networking apps, bill paying apps, movie apps, shopping apps, and etcetera

With all this information on our smartphones, it makes it a goldmine for potential thieves. The risk of your phone being lost, stolen, or even being rummaged through by your IT guy is only the half of the security problem with them. Smartphones can also leak other kinds of data through sniffing of your internet traffic when connected to open Wi-Fi networks. Your passwords to unencrypted websites and services, such as Facebook, Twitter, web-based e-mail sites, POP3 e-mail services, etcetera could be easily be sniffed by someone else on the network. There is also the issue of viruses, malware, SMS/MMS exploits, and Bluetooth exploits; these exploits can manipulate your phone settings and prevent you from using certain features, send information to or call contacts in your phone, steal and/or destroy personal information on your phone, or render your phone completely unusable.

Though the biggest concerns, for now, should be more focused on protecting your phone from theft or loss or sniffing over Wi-Fi, the issues of malicious software and hacking are becoming more and more prevalent every day. These issues could become more of a concern in the not so distant future due to the lack of integrated active security systems, such as firewalls, anti-virus programs, and anti-malware programs into our phones.

To set a bit of background for the importance of securing your mobile phone, Juniper Networks conducted a study of more than 6,000 smartphone and tablet users in 16 countries about mobile security threats. They found the following:

250% increase in the amount of mobile malware over the past year

a Fortune 15 company discovered that 1,250 of its 25,000 devices were infected with malware

44% of respondents to the survey use their devices for both business and personal use

80% admit to using their devices to access their work network without the employer’s knowledge or permission

one out of every twenty apps in the Android marketplace requests permissions that could allow the app to place a call without the user knowing

nine of ten mobile devices have little or no security protection

more than 60% of reported smartphone infections are spyware and 17% are text message trojans that can rack up fees that are charged to the device owner’s account

As clearly evidenced by Juniper’s findings, there is an inherent need for more mobile phone security. Fortunately, there are several options to help secure your phone that is built-in to the operating system and several third-party programs as well. Even the most basic of security measures can help you protect your personal information. To begin, we will start with some of the simpler defense mechanisms.

While this first one may seem pretty obvious and straightforward, do not lose your phone! If you are in a public place, do not sit it down or put it in your pocket or an open bag, where it can be easily grabbed. This is actually the most common way that phones get lost or stolen.

You should also set your phone to lock or timeout after a certain period of time (recommend thirty seconds or less), especially if you happen to leave your phone out on your desk at work or in other public areas. All major smartphones come with this functionality built-in. You will want to make sure that you choose something that is not easy for anyone to guess, but easy for you to remember. It should not be something as simple as your address, name, phone number, etcetera. Here is how to easily set timeout settings and passwords on your phone:

Android:

Beginning with Android 2.2 (Froyo), users have the ability to set a pattern lock, PIN code, or password on their device. Users of earlier versions of Android can only set a pattern lock. How to set the screen timeout and locks mentioned above can vary depending on the manufacturer of the phone you have. The option is generally found by pressing the Menu button from the home screen, going to Settings, Location & security, and Set up screen lock. From there, you should be able to easily setup the different types of screen locks. (Word of caution: Make sure that you have your Gmail account linked to your phone so that you will be able to gain access to your phone in the event that you forget your password. I highly recommend this if you set up a pattern lock, as it can be very easy to forget your pattern). You may also want to be careful with setting a pattern lock, as unlocking your phone this way leaves the oily residue on the screen that can remain even if you wipe it. A study conducted by researchers at the University of Pennsylvania on the Google Nexus One and HTC G1 showed that taking photos of the phone’s screen with a standard camera and doing simple manipulations of the images within photo-editing software revealed the pattern more than 90% of the time.

BlackBerry:

Press the BlackBerry button, go to Options andPassword. From there, select Enable Password. Set the number of password attempts to what you consider a suitable amount (recommend four minutes). After the specified amount of attempts has been exceeded, it will completely lock you out of your phone for the time interval specified in the Security Timeout field. You can also set it to where it will lock upon placing your BlackBerry in a holster. This will only work with a magnetized holster. To set the screen timeout, go back to the Options screen and select Screen/Keyboard. From there, select the specified timeout period by Backlight Timeout.

iPhone:

Beginning with iOS 4, Apple introduced the ability to setup a password in addition to the standard 4-digit PIN code. To set a passcode, go to Settings, General, and Passcode Lock. From there, set the password or PIN code that you would like, as well as adjust the screen timeout through the Auto-Lock option. You may also select the Erase Data option to erase all data on the phone after 10 failed passcode attempts.

While password protecting your phone can greatly decrease the risk of your information being stolen, it is always good to take even more precautions. There are several different types of security suites out there from different vendors, as well as built-in software that can perform a “remote wipe” on your phone in the event that it is lost or stolen. Remote wipe means that you can completely remove all of your data from the phone, including e-mails, texts, documents, contacts, etcetera over the internet. For those corporate users who have a Microsoft Exchange e-mail account, this can easily be accomplished without any third-party software. You can either do it yourself through the Options panel in Outlook Web Access or have someone in the IT department initiate the wipe. For those who are personal users, or for those that do not have an Exchange account, there are several other options from third-party vendors.

Android/BlackBerry:

There are several different third-party applications that allow for you to remotely wipe your device, as well as provide several other security features. The most popular application out now is the Lookout Mobile Security suite. It not only allows you to remotely wipe your device, but also incorporates additional features that allow you to track your device via GPS, back up your contacts over the internet, and scan for viruses. The features mentioned above (minus remote wipe) are available through their free version of the program. The premium version of the program incorporates all of the above features, plus backup support for call history and pictures, remote locking, and includes a privacy advisor. The privacy advisor gives you insight into which apps can access private data on your phone, as well as scan every app that you download to see what data it accesses. The premium version is $2.99/month or $30/year. Some competitors to Lookout Mobile Security also offer protection from web threats by scanning apps before they are installed, scanning links for phishing URLs and other malware, and blocking unwanted calls and text messages. AVG Anti-Virus, McAfee WaveSecure, and Webroot Mobile Security are some of the other big name competitors.

iPhone:

The iPhone does not have quite as many options as other platforms. The only option available is to track your phone using MobileMe. If your iPhone has iOS 4.2 or higher, you can simply download the Find My Phone app from the App Store and enable it online through MobileMe. If you lose your phone, you can log in to the MobileMe website and track your phone. If you have an older version of iOS, you will need to have a paid MobileMe account, which costs $99/year.

As far as anti-virus protection on the iPhone, there are none currently available on the consumer level. Apple relies strictly on the App Store’s stringent review process to keep out any malicious software. While this sounds good in theory, it is not foolproof. With so many apps going through the approval process, there are bound to be some malicious ones that get through. The only other sort of protection available for the iPhone is Trend Smart Surfing, which blocks access to web pages with malicious content and helps circumvent phishing attacks.

However, Juniper Networks is currently working on the Juno Pulse Mobile Security suite that includes anti-virus, firewall, anti-spam, and remote monitoring/control services. It also remotely backs up and restores data and can locate lost devices. Juno Pulse is currently available to enterprise customers only, but they are looking to move into the consumer market.

Some other general security measures that you can take to protect yourself are to make sure that when installing third-party apps, you pay attention to the privileges that you are granting to them. Some of these privileges can include access to your GPS location, access to your contacts, access to your text messages, and other personal data. With BlackBerry App World and the Apple App Store, most of these problems are handled at the application store level before they are released to the masses. However, the Android Marketplace is a bit different, as Google does not screen all apps that come with it. It gives the end user more freedom, where the app asks you for specific permissions when installing and updating them. In short, it is best to use common sense and pay attention to what you are installing before you install it read the reviews and make sure that it has a good number of users beforehand. Also, make sure that you only download apps from trusted sources. It is no different than the precautions you should use when installing programs on your computer.

Other aspects of securing your device that you should pay attention to are that when logging into a website, ensure that the connection is encrypted using SSL or HTTPS. You should also use secured Wi-Fi hotspots that will encrypt your traffic from others that utilize the hotspot. If you are unable to do this, you should opt into using the cellular data connection instead, as it is typically encrypted by the network provider. You could also use VPN to secure all your internet traffic, as there are several free providers out there, including Hotspot Shield or WiTopia.

Device encryption is also a must for any mobile users, as it will secure your personal information and data from being recovered by a hacker or any other advanced user. Entire device encryption is currently supported on BlackBerry, iPhone, and Android 3.0 tablets.

BlackBerry:

Most of the newer BlackBerry devices support encryption on the entire device and on removable storage (microSD cards)-this will protect your pictures, documents, and other files in case you lose your BlackBerry or have someone take your card out when you are not looking. When encrypting your device, you may want to leave your contacts unencrypted, as encrypting them will cause caller names to not display when your phone is locked. To setup encryption on the device and/or removable storage, press the BlackBerry button, go to Options, Security, andEncryption. From there you will able to specify what you would like to be encrypted.

iPhone:

Encryption on the iPhone is automatically turned on when you set a passcode on your device. However, it is only available on the iPhone 3GS and later it is unavailable on earlier iPhone models. To ensure that encryption is enabled, verify that Data protection is enabled is displayed in the Passcode Lock screen in the Settings.

Android:

Unfortunately, Android does not currently support any device-level encryption for smartphones. If you would like to encrypt your emails, calendar, and contact info from your company’s Exchange account, you may do so using a third-party Exchange client called Touchdown. However, device-level encryption is currently available as part of Android 3.0 (Honeycomb), which is targeted for tablet devices. It should make its way onto their smartphone operating systems sometime in the near future.

After taking a look at some of these common smartphone security issues, you should have some sort of idea on how to best protect yourself from loss or theft of your device and loss of any personal information from your device. With smartphones becoming more and more popular, more security issues will be sure to arise and smartphone operating system manufacturers will continue to adapt their operating systems to best combat these issues. At some point, these mobile security suites may even be integrated into the operating system or pre-installed by your network provider.

Android Security, Today

New Post has been published on https://netmaddy.com/android-security-today/

Android Security, Today

With the smartphone industry growing larger every day, there is a growing concern for the security of data on said mobile devices. The power of these devices is always increasing, as is the amount of software that can be installed on them. With the advent of these different types of software, including financial software and personal identification software, the need for more security is a must. Most of these types of devices come with some type of security built-in, but is this really enough for today’s world?

For most people nowadays, their whole life is on their smartphone. It includes a plethora of personal information and data, such as:

personal/work documents, notes, pictures, and emails that can contain sensitive information

full access to Wi-Fi networks that you connect to at work or at home

calendar appointments and contacts

access to various sites/information through apps, such as social networking apps, bill paying apps, movie apps, shopping apps, and etcetera

With all this information on our smartphones, it makes it a goldmine for potential thieves. The risk of your phone being lost, stolen, or even being rummaged through by your IT guy is only the half of the security problem with them. Smartphones can also leak other kinds of data through sniffing of your internet traffic when connected to open Wi-Fi networks. Your passwords to unencrypted websites and services, such as Facebook, Twitter, web-based e-mail sites, POP3 e-mail services, etcetera could be easily be sniffed by someone else on the network. There is also the issue of viruses, malware, SMS/MMS exploits, and Bluetooth exploits; these exploits can manipulate your phone settings and prevent you from using certain features, send information to or call contacts in your phone, steal and/or destroy personal information on your phone, or render your phone completely unusable.

Though the biggest concerns, for now, should be more focused on protecting your phone from theft or loss or sniffing over Wi-Fi, the issues of malicious software and hacking are becoming more and more prevalent every day. These issues could become more of a concern in the not so distant future due to the lack of integrated active security systems, such as firewalls, anti-virus programs, and anti-malware programs into our phones.

To set a bit of background for the importance of securing your mobile phone, Juniper Networks conducted a study of more than 6,000 smartphone and tablet users in 16 countries about mobile security threats. They found the following:

250% increase in the amount of mobile malware over the past year

a Fortune 15 company discovered that 1,250 of its 25,000 devices were infected with malware

44% of respondents to the survey use their devices for both business and personal use

80% admit to using their devices to access their work network without the employer’s knowledge or permission.

Today is the time to worry about Android security

One out of every twenty apps in the Android marketplace requests permissions that could allow the app to place a call without the user knowing

nine of ten mobile devices have little or no security protection

more than 60% of reported smartphone infections are spyware and 17% are text message trojans that can rack up fees that are charged to the device owner’s account

As clearly evidenced by Juniper’s findings, there is an inherent need for more mobile phone security. Fortunately, there are several options to help secure your phone that is built-in to the operating system and several third-party programs as well. Even the most basic of security measures can help you protect your personal information. To begin, we will start with some of the simpler defense mechanisms.

While this first one may seem pretty obvious and straightforward, do not lose your phone! If you are in a public place, do not sit it down or put it in your pocket or an open bag, where it can be easily grabbed. This is actually the most common way that phones get lost or stolen.

You should also set your phone to lock or timeout after a certain period of time (recommend thirty seconds or less), especially if you happen to leave your phone out on your desk at work or in other public areas. All major smartphones come with this functionality built-in. You will want to make sure that you choose something that is not easy for anyone to guess, but easy for you to remember. It should not be something as simple as your address, name, phone number, etcetera. Here is how to easily set timeout settings and passwords on your phone:

Android:

Beginning with Android 2.2 (Froyo), users have the ability to set a pattern lock, PIN code, or password on their device. Users of earlier versions of Android can only set a pattern lock. How to set the screen timeout and locks mentioned above can vary depending on the manufacturer of the phone you have. The option is generally found by pressing the Menu button from the home screen, going to Settings, Location & security, and Set up screen lock. From there, you should be able to easily setup the different types of screen locks. (Word of caution: Make sure that you have your Gmail account linked to your phone so that you will be able to gain access to your phone in the event that you forget your password. I highly recommend this if you set up a pattern lock, as it can be very easy to forget your pattern). You may also want to be careful with setting a pattern lock, as unlocking your phone this way leaves the oily residue on the screen that can remain even if you wipe it. A study conducted by researchers at the University of Pennsylvania on the Google Nexus One and HTC G1 showed that taking photos of the phone’s screen with a standard camera and doing simple manipulations of the images within photo-editing software revealed the pattern more than 90% of the time.

BlackBerry:

Press the BlackBerry button, go to Options andPassword. From there, select Enable Password. Set the number of password attempts to what you consider a suitable amount (recommend four minutes). After the specified amount of attempts has been exceeded, it will completely lock you out of your phone for the time interval specified in the Security Timeout field. You can also set it to where it will lock upon placing your BlackBerry in a holster. This will only work with a magnetized holster. To set the screen timeout, go back to the Options screen and select Screen/Keyboard. From there, select the specified timeout period by Backlight Timeout.

iPhone:

Beginning with iOS 4, Apple introduced the ability to setup a password in addition to the standard 4-digit PIN code. To set a passcode, go to Settings, General, and Passcode Lock. From there, set the password or PIN code that you would like, as well as adjust the screen timeout through the Auto-Lock option. You may also select the Erase Data option to erase all data on the phone after 10 failed passcode attempts.

While password protecting your phone can greatly decrease the risk of your information being stolen, it is always good to take even more precautions. There are several different types of security suites out there from different vendors, as well as built-in software that can perform a “remote wipe” on your phone in the event that it is lost or stolen. Remote wipe means that you can completely remove all of your data from the phone, including e-mails, texts, documents, contacts, etcetera over the internet. For those corporate users who have a Microsoft Exchange e-mail account, this can easily be accomplished without any third-party software. You can either do it yourself through the Options panel in Outlook Web Access or have someone in the IT department initiate the wipe. For those who are personal users, or for those that do not have an Exchange account, there are several other options from third-party vendors.

Android/BlackBerry:

There are several different third-party applications that allow for you to remotely wipe your device, as well as provide several other security features. The most popular application out now is the Lookout Mobile Security suite. It not only allows you to remotely wipe your device, but also incorporates additional features that allow you to track your device via GPS, back up your contacts over the internet, and scan for viruses. The features mentioned above (minus remote wipe) are available through their free version of the program. The premium version of the program incorporates all of the above features, plus backup support for call history and pictures, remote locking, and includes a privacy advisor. The privacy advisor gives you insight into which apps can access private data on your phone, as well as scan every app that you download to see what data it accesses. The premium version is $2.99/month or $30/year. Some competitors to Lookout Mobile Security also offer protection from web threats by scanning apps before they are installed, scanning links for phishing URLs and other malware, and blocking unwanted calls and text messages. AVG Anti-Virus, McAfee WaveSecure, and Webroot Mobile Security are some of the other big name competitors.

iPhone:

The iPhone does not have quite as many options as other platforms. The only option available is to track your phone using MobileMe. If your iPhone has iOS 4.2 or higher, you can simply download the Find My Phone app from the App Store and enable it online through MobileMe. If you lose your phone, you can log in through the MobileMe website and track your phone. If you have an older version of iOS, you will need to have a paid MobileMe account, which costs $99/year.

As far as anti-virus protection on the iPhone, there are none currently available on the consumer level. Apple relies strictly on the App Store’s stringent review process to keep out any malicious software. While this sounds good in theory, it is not foolproof. With so many apps going through the approval process, there are bound to be some malicious ones that get through. The only other sort of protection available for the iPhone is Trend Smart Surfing, which blocks access to web pages with malicious content and helps circumvent phishing attacks.

However, Juniper Networks is currently working on the Juno Pulse Mobile Security suite that includes anti-virus, firewall, anti-spam, and remote monitoring/control services. It also remotely backs up and restores data and can locate lost devices. Juno Pulse is currently available to enterprise customers only, but they are looking to move into the consumer market.

Some other general security measures that you can take to protect yourself are to make sure that when installing third-party apps, you pay attention to the privileges that you are granting to them. Some of these privileges can include access to your GPS location, access to your contacts, access to your text messages, and other personal data. With BlackBerry App World and the Apple App Store, most of these problems are handled at the application store level before they are released to the masses. However, the Android Marketplace is a bit different, as Google does not screen all apps that come with it. It gives the end user more freedom, where the app asks you for specific permissions when installing and updating them. In short, it is best to use common sense and pay attention to what you are installing before you install it read the reviews and make sure that it has a good number of users beforehand. Also, make sure that you only download apps from trusted sources. It is no different than the precautions you should use when installing programs on your computer.

Other aspects of securing your device that you should pay attention to are that when logging into a website, ensure that the connection is encrypted using SSL or HTTPS. You should also use secured Wi-Fi hotspots that will encrypt your traffic from others that utilize the hotspot. If you are unable to do this, you should opt into using the cellular data connection instead, as it is typically encrypted by the network provider. You could also use VPN to secure all your internet traffic, as there are several free providers out there, including Hotspot Shield or WiTopia.

Device encryption is also a must for any mobile users, as it will secure your personal information and data from being recovered by a hacker or any other advanced user. Entire device encryption is currently supported on BlackBerry, iPhone, and Android 3.0 tablets.

BlackBerry:

Most of the newer BlackBerry devices support encryption on the entire device and on removable storage (microSD cards)-this will protect your pictures, documents, and other files in case you lose your BlackBerry or have someone take your card out when you are not looking. When encrypting your device, you may want to leave your contacts unencrypted, as encrypting them will cause caller names to not display when your phone is locked. To setup encryption on the device and/or removable storage, press the BlackBerry button, go to Options, Security, andEncryption. From there you will able to specify what you would like to be encrypted.