Let’s start with the bad news: while other video services let you record your favorite programs on your digital video recorder (DVR) Comcast’s new Xfinity X1 system doesn’t have that capability. Yet. Well, to be more accurate, Comcast has announced what they call the Xfinity X1 with Cloud Technology that’s available in a limited area, and with that system all your recordings actually exist “in the cloud” which means that you will have access to those recordings anywhere rather than just on your home TV.
But… it’s not yet available to most customers. Here’s more info on X1 DVR with Cloud Technology to get you interested, including how to request it for your own coverage area.
There’s lots to like about the X1 system from Xfinity even without the remote access, however, and it does give you some ability to interact with your DVR remotely. The easiest way to get started is to go to the Xfinity.TV listings page, which looks like this:
In this case, I’ve specified HD Only and Sports. Look closely at the top tabs:
“Watch Online” is useful, but it’s not your DVR content (unless you have X1 DVR with Cloud Technology, of course) so we’ll skip it. “Watch on TV” is the program listing that hopefully you’re already using (as it makes it tons easier to work with the TV remote now that there are so darn many channels) and “Saved” is the option you want to access your DVR.
Click on “Saved” and after a few moments, it shows everything you currently have on your DVR:
You can sort by title, channel, viewing status and date & time, as shown. You can also see which shows we watch at AskDaveTaylor HQ: Bates Motel, Game of Thrones, Turn, and Believe (among others).
Click on a program and you’ll see a bit more about the episode recorded, program or movie:
From this point you can delete recordings if you need to free up space (note on the previous screen my DVR is 69% full, for example) but, as of yet, you can’t click “watch now”, though you can easily have it start up on your TV, which could be a bit weird if someone’s at home at the time!
Wondering how to add new programs? Back on the TV listing, just find something you want to record and click on it. Here’s a good soccer match:
A click on “Record” and…
That’s it. Click “Record Program” (or click on “More Options” if you want to fine tune the configuration) and you’re good to go.
Now about that cloud technology…
My theory is that Facebook designs the user interface for people who are members of a dozen or so relatively low-traffic groups and that once you join a single busy group, it does exactly what you say, overtaking everything else in your Notifications and your news stream. Make it two or three high activity groups — as I’m in — and it’s crazy, almost as if that’s all you have happening on Facebook.
Still, I don’t want to quit those groups because they’re popular. Otherwise it’s kind of a Groucho Marx sort of logic, where you only want to be in groups where there’s not much going on.
So what’s to do? Well, the easiest thing is to simply change the setting so that you’re only getting notifications of activity from Facebook if your friends post in the group, rather than for every single post regardless of who it’s from.
There are two places you can make that change, the easiest being directly from your newsfeed. On the left side, you’ll have a list of your groups with recent activity, kinda like this:
You can see that “Stay At Home Dad…” has 10 new entries, “Dad Bloggers” has 17, “Pollinate Media Group” has 9 and the “Kickstarter Board Games” group has, well, none. Still, let’s use that one as our proverbial guinea pig anyway.
To adjust the notifications, move your cursor to the left of the group name until the tiny pencil icon appears, then click on it. Here are your choices:
Choose “Edit Settings” and a big window appears:
As you can see, mine is set to “All Posts”. That’s a bit much in some groups, so click on it to see the options:
Changing it to “Friends’ Posts” definitely slows down the notifications unless you have a group where everyone is a friend, in which case you’re going to see lots of notifications unless you choose “Off”.
If your group isn’t showing up on the newsfeed, you can also access this setting from the group itself:
That should help tame things. Otherwise you’re on your own, and good luck!
We also have a Dell Venue 8 Pro here in the office and you’re right, it’s a sweet little Windows 8 tablet with a lot going for it (and one design flaw, a generic MicroUSB connector that makes it all too easy to insert the plug upside down and damage the unit. How do we know? We’re on our third unit). It runs a standard version of Windows 8.1 as far as I can tell, though obviously there are additional features that support the screen size and orientation sensors.
More importantly, all Windows tablets are touch-enabled, and Windows 8 is about 100x better with a touch screen than with a mouse or touchpad. Suddenly the entire Windows 8 “Metro” user interface makes sense and is pretty darn intuitive. Is it a solid alternative to an Apple iPad? Definitely, as I’ve written about before.
Which gets us back to the update question. Probably your system’s set up to automatically download and install important updates like the latest Windows 8.1 patch, but let’s go through the steps anyway.
To start, your home screen, with the Charms bar shown after a swipe from right to left on the right edge:
You’ll want to tap on “Settings”, the last entry on the Charms bar.
Now you’ll see the shortcuts to the most common system settings. Tap on “Change PC Settings”, and you’ll be looking at a huge range of options:
It’s the last entry that you want: Update and recovery.
Tap on “Update and recovery” and while you can probably take it from here, let’s do these final few steps:
Obviously, “Windows Update” is what we want. Tap on “Check now” to see if there are any updates.
In this instance, there are, so you’ll see what’s available:
The system update sometimes doesn’t automatically select all the important updates, so it’s important to tap on the checkbox adjacent to Select all important updates near the top. You’ll see the size of the update increase dramatically!
Ready to go? Tap on “Install”, and…
In fact, a lot of time can pass. This update for me took about 20min to download. A good reason to have the unit plugged in during updates.
Eventually, the update finished downloading and it was time to apply the update:
Tap on “Restart now” and once it’s done restarting — it might do so more than once — you’re updated and good to go. Enjoy!
This particular bug affects any server with the openSSL libraries in place, which in practice, is a very large numbers of servers – some estimates are that as many as 2/3rd of servers were vulnerable to this security flaw!
So what exactly is the bug? For the technically minded, you can get the technical explanation at Heartbleed.com – for the regular user, this means the security layer of the internet was able to be compromised. Sounds serious? Yes, it is pretty serious.
This flaw has been demonstrated to leak memory from client to server and from server to client, ie, data in the memory of the server, or the client, could be read, potentially by either party, over a connection supposedly secured by openSSL encryption. This means that secret keys used to encrypt the connection could have been leaked, as could almost anything else in memory of the server at the time of exploit. Did you get that? Anything in memory – including usernames + passwords could be leaked from a server with this vulnerability. ANYTHING.
Worse perhaps than the memory leak itself, is the fact that someone exploiting this bug leaves no trace, and there is no way to know what portion of memory could have been leaked.
Why is this bug so critical? The flawed libraries used on many servers as implemented in openSSL, span releases for the last 2 years – it is difficult to put any accurate count on the number of affected servers, but as CNN put it – “The Heartbleed security flaw affects most of the internet”.
So how should you keep yourself safe from this bug?
You need to determine if your servers (or the servers you use) are currently affected – you can use this website to check your server:
Enter the server name or IP address, followed by an SSL secured port (443 for https protocol, 995 for SSL-POP and 465 for Secure SMTP)
If your server(s) comes back as vulnerable – STOP USING THEM – do not login, do not collect email, do not use the SSL portion of the website until it is patch. The server’s openSSL libraries need to be upgraded as quickly as possible. Now that the vulnerability is public, there are bound to be malicious actors who are scanning for servers with this weakness. openSSL libraries 1.0.1 up to release 1.0.1g are potentially affected by this – but to complicate things, CentOS released a patched 1.0.1e – and servers running 1.0.1e could be safe of vulnerable (if you’re the server admin you can check using the release date of the library).
Assuming that your provider’s servers are not vulnerable does not mean that they did not patch them yesterday. Find out if the servers were patched yesterday – if they were, we recommend that every password (including database passwords) be changed. Use new, strong passwords – do not revert back to old passwords.
Furthermore, every SSL certificate issued prior to patching should be re-issued as well – not just SSL certificates deployed on servers which had the vulnerability – but EVERY certificate, because the CLIENT requesting access could have had the flaw.
Getting your SSL certificates re-issued generally means creating a new Certificate Request + Private Key – contact your SSL vendor for instructions on how to do this – and be aware, that some vendors will charge for certificate re-issues.
Server admins and IT consultants need to take this flaw seriously – patching your flaw and forgetting about it are no guarantee of safety – change certificates and username+password – and change them all NOW.
Guest writer Greg Hewitt-Long runs the security IT consultancy Computer Security Solutions llc.
The post What’s the Real Story with The Heartbleed Security Hole? appeared first on Ask Dave Taylor.
This post brought to you by Fellowes, Inc. . All opinions are 100% mine.
You’re right that the media definitely focuses on personal identity theft with various companies offering credit monitoring services and the like, but it’s absolutely true that businesses large and small are also vulnerable to identity theft. It’s just at a different scale.
Here’s how the California Secretary of State describes it:Business identity theft happens when criminals pose as owners, officers or employees of a business to illegally get cash, credit, and loans, leaving the victimized business with the debts. Identity thieves can steal a business’ identity by gaining access to the business’ bank accounts and credit cards or by stealing sensitive company information, such as the tax identification number (TIN) and the owners’ personal information. The thieves then open up lines of credit or get business loans based on the business’ identity and creditworthiness. Typically, thieves cash out quickly and go unnoticed until the bills and collection notices arrive at the door of the victimized business, leaving behind debts, damaged credit and a destroyed reputation
It’s entirely possible this is what happened with the company your evaluating, and it’s the result of some sloppiness on their part but survivable. There should definitely be a polie record of investigations and resolution, if nothing else, but really, this sort of thing should have all sorts of paper trail to show that it’s not the boss skimming the till or rerouting revenue. A forensic accountant might help get to the bottom of this too.HOW DO YOU AVOID BUSINESS IDENTITY THEFT?
The best ways to avoid any sort of identity theft are also the best ways to create a security work environment and avoid industrial espionage and IP theft too, monitoring, protecting and destroying. Wait, that sounds like a Michael Bay movie, doesn’t it?
More seriously, though, every business should have a business credit profile monitor in place. Dun & Bradstreet is a good place to start: they’ll email you quarterly updates and notify you of any changes to your credit data with CreditSignal. Easy enough, and it’s free.
Then there’s all that sensitive data on your systems. To protect that, make sure your team only connects to the office via secure SSL or a Virtual Private Network (VPN) system. Plenty of options whether your Mac, PC or even Linux. And remember mobile devices need to be secured too: those smartphones can be too smart sometimes.
The third important piece is document security, and that’s where sponsor Fellowes comes into play. With the business-ready Fellowes AutoMax shredders, you can dump in up to 500 pages at a time, knowing it’ll be completely cross-shredded and safe to throw in the alley dumpster. Two key features that make it a win? Surefeed Technology, so it really will go through the stack of paper and shred each document, and SmartLock, to ensure that once those confidential documents are placed in the shredder, no-one’s going to filch those important financials.
If you’re thinking that those $99 CostCo shredders can do the trick, you might well be putting your business at risk. Check out the AutoMax line and remember that if shredding’s a hassle, people won’t do it and you then end up putting your business documents at risk. So a more expensive shredder that works and is reliable and secure is well worth the additional investment.
And a fourth recommendation to avoid business identity theft? Acquire business insurance that includes coverage against loss due to identity theft, fraud, espionage, etc.
Disclaimer: This post was sponsored by Fellowes, but they’re part of the solution, no question. And yes, we take security very seriously here at AskDaveTaylor too.
The post Foil Business Identity Theft with an Industrial Shredder from Fellows appeared first on Ask Dave Taylor.
I certainly agree that the benefit of having a really large business network outweighs the occasional hassle with someone who sees a connection as an invitation to spam you or hit you up with so-called business opportunities that offer them a lot greater benefit than it offers you (if it’s legit at all). Still, that’s the price we pay in the social media age, and given that the alternative is having a tiny circle that does you very little online, I think it’s a reasonable trade-off.
But every so often…
In fact, just this morning a gal I’d connected with a week or two ago, “Janet”, revealed why she’d asked to connect with me: so she could shill a business opportunity by inviting me to watch a “get rich through our program” video and then hopefully sign up for the program, generating a nice referral fee for her.
Not so much.
Here’s how it went down, starting with her email:
Sorry, Janet, but since I don’t even know, you, I’m not going to go to a “paysme.com” sort of site and watch a video. I could be jumping to incorrect conclusions but it sure looks like some sort of scam, doesn’t it?
I have a one-strike-you’re-out policy, so I’m going to unfriend Janet on LinkedIn. Before I do so, however, I’ll mark this message as spam by using the “More” menu:
Now I’ll click on her name in the message so that I’m looking at her profile page. The top looks like this:
Nice photograph, but sorry, I don’t need more spam, Janet. So it’s time to say sayonara…
The easy way to do that is by clicking on the tiny black triangle adjacent to “Endorse”. A menu appears:
There’s the option. “Remove connection”.
Yup, it’s come to that.
Choose “Remove connection” and LinkedIn confirms that’s what you want to do:
I do. Sorry, Janet. A single click on “Remove” and the deed is done.
Hope that helps you out!
When I first set foot on the shores of Lake Tanganyika in 1960 to study chimpanzee behavior, I carried with me notebooks, pencils and a pair of second-hand binoculars. I was, at the time, a young woman with no scientific training, but had a strong passion for learning about animals in Africa. In later years I founded the Jane Goodall Institute, dedicated to preserving the habitat of chimpanzees and other animals worldwide.
The author connects with a member of the Kasakela chimpanzee community in Gombe. Photo courtesy of JGI.
Today, the mapping technology available to all of us is completely changing the potential for animal and environmental research. My trip in 1960 would have looked quite different today. You have much more power at your fingertips, and you don't even have to leave your home. Tools like Google Earth let you visit the shores of Lake Tanganyika with just a few keystrokes. And in Gombe, local villagers are using Android smartphones and tablets, in conjunction with Google Maps Engine and Earth Engine, to monitor changes in the forest habitat that affect chimpanzee populations. Technology makes it so easy for people to find and share information and to understand the world around them. And once we understand, we can start to foster positive change.
The Jane Goodall Institute engages local communities from Tanzania, Uganda and across Africa to collect data on forests, wildlife and human activities using Google Android handheld devices. Photo courtesy of JGI/Lilian Pintea.
That’s one of the reasons we started the Roots & Shoots program to connect young people with the knowledge and tools they need to solve problems in their communities. The projects undertaken by these young people help them learn important science, technology, engineering and math (STEM) skills while developing real leadership capabilities. Today, Roots & Shoots is launching a new community mapping tutorial for young people to help them use digital mapping technology to identify and address needs in their community. If you’re an educator, we offer online professional development to help you fit our youth leadership model into your classroom and curriculum. You can sign up for the Roots & Shoots MOOC to learn more.
Roots & Shoots groups from Uganda, Tanzania, and Republic of Congo share their projects. There are more than 8,000 Roots & Shoots groups in 136 countries. Photos courtesy of JGI.
Today, on my 80th birthday, my wish is for young people around the world to think about the ways you can use technology to learn more about the wonderful world we share. Then, to take action, and inspire others to do the same. You have the power to do so much more than I did in 1960, to spark change I could only imagine back then. And you can do it no matter where in the world you are.
Posted by Dr. Jane Goodall
Now with Auto Awesome Photobombs, you too can get a celebrity photobomb—no red carpet required. We’re starting with surprise appearances by +David Hasselhoff, everyone’s favorite crime-fighting rockstar lifeguard.
Watch your step! The Hoff joins these adventurous hikers at Machu PicchuThe Hoff rides the waves in Big Sur
The Hoff enjoys a breezy afternoon by the San Francisco Bay
Upload a new self-portrait, or a group photo with friends, and leave some room for The Hoff. He might just make your photo a little more #Hoffsome.
Posted by Erik Murphy-Chutorian, Staff Software Engineer and Avid Photobomber
Today, we’re updating our Transparency Report for the ninth time. This updated Report details the number of government requests we received for user information in criminal investigations during the second half of 2013. Government requests for user information in criminal cases have increased by about 120 percent since we first began publishing these numbers in 2009. Though our number of users has grown throughout the time period, we’re also seeing more and more governments start to exercise their authority to make requests.
We consistently push back against overly broad requests for your personal information, but it’s also important for laws to explicitly protect you from government overreach. That’s why we’re working alongside eight other companies to push for surveillance reform, including more transparency. We’ve all been sharing best practices about how to report the requests we receive, and as a result our Transparency Report now includes governments that made less than 30 requests during a six-month reporting period, in addition to those that made 30+ requests.
Also, people have been asking about how we respond to search warrants in the U.S., so we’ve created an entertaining video to explain in plain language how this process works. We apply the same rigorous standards presented in this video to every request we receive, regardless of type.
You deserve to know when and how governments request user information online, and we’ll keep fighting to make sure that’s the case.
Posted by Richard Salgado, Legal Director, Law Enforcement and Information Security