Thursday, April 21, 2016

Messaging Apps, the Next Big Thing, or a Fragmented Mess?

Messaging is becoming the "next big thing" in mobile apps, apparently.  If you believe that here's any longevity in sending short messages, you're deluded, but that said it definitely is an important service that everyone can or does use.  So why is it all so horribly broken?  The fractured and fragmented messaging market is split between so many different apps right now, and I don't think anyone has worked out how to make money directly from a service that just lets you send text and pictures to your friends. But it gets you users, and like Twitter you can gain a following and work the rest out later.  One thing has been horribly lost in the rush to jump on the messaging bandwagon though, and that's the highest of most lauded form of usability - interoperability.


You see, we have a global messaging platform already, it can send text, pictures, rich or plain text content and has virtually no limit on how much you can send.  It's called email!  Despite the lofty figures claimed by the main messaging platforms none of them will ever have the success or user base of the original and the best.  So what sets email apart? Well it's a standard isn't it?  And like email, SMS, and the phone system, if messaging apps want to be successful they need to talk to one another rather than expect that everyone is in their little walled garden.

When you look back at the history if internet messaging clients, it really makes you wonder what the hell happened here.  Back in the 00's, we had an abundance of what we then called Instant Messaging clients.  We used them on our PC's, and they were quite popular.  The likes of ICQ, Jabber, MSN Messenger and even Skype prevailed.  Then in the late 00's the mobile device revolution hit, and the old PC based messaging clients died off.  I'm not saying the rise of mobile was the cause of their decline, but you would've thought it to be the biggest opportunity these platforms had seen in their entire existence.  It wasn't, and we continued to pay per-message fees for 140 character, featureless SMS, or downright extortionary prices for MMS. 
Then Apple tried to introduce iMessage, which failed.  Not because it was bad or the market wasn't there, simply because Apple failed to understand that a messaging platform you can only use to talk to 14% of people is about 14% as useful as an SMS and twice as annoying!
Then we mustn't forget BBM (Blackberry Messenger), many may not be aware of this service, but in a number of countries it was a runaway hit, without a doubt keeping Blackberry alive longer than many predicted.  In 2014 the service had over 150 million registered users with 85 million monthly active users.  That's approaching the usage stats of Snapchat in 2015, which is pretty impressive for a service based on a single mobile platform.
But Blackberry lost it's market share and BBM lost it's advantage, giving way to WhatsApp and Facebook, but also to childish, gimmicky apps like Snapchat Viber and to a lesser extent, Line, which must rub a bit of salt into the wound.

So after having more than enough opportunity to develop a messaging platform for the world to use, cue the rise of Facebook, the "new money" of messaging.  According to the internet (so it must be right), the top two messaging apps in the world are WhatsApp and Facebook Messenger with 1.9 billion active users between them.  In case you weren't aware, Facebook acquired WhatsApp n 2014, making them the messaging leader, a billion users ahead of third place QQ Instant Messenger, produced by the Chinese entertainment company Tencent.  To these two Facebook properties, there is virtually no competition, even less so if you live outside of Asia. 

So what we have there is a proprietary de facto standard for instant mobile messaging.  Actually, two of them.  Owned by the same company.  How did we let it get to this absurd situation where we have two main players who don't talk to each other but are both Facebook?  
To make the situation worse there's a geographic divide along messaging app lines, and an age-based divide.  If you're in mainland Asia you probably use QQ IM, KakaoTalk or WeChat, in Japan you probably use Line, in India Nimbuzz is very popular, while in Europe and the Americas Facebook and WhatsApp are divided along national borders.  "Millennials" are contributing to the rise of the new platforms like WhatsApp and Snapchat more so than their elders, who prefer Facebook, but surprisingly the youngsters are also still using Skype.

Meanwhile the global, ubiquitous messaging platform that started life as we know it in the 80's has anecdotally fallen out of favour with the younger generation, but still continues to grow, hitting 2.6 billion users, with an expected 3 billion by the end of the decade.  But you can't (easily) send stickers or mangled versions of your own face on email so why would we care that it's the world's most popular messaging platform?

The lesson here is a simple one.  You have App A, which wont talk to App B and App C that's only used in Country A and can't talk to App A in Country B.  Technology companies and their vested interests have created a mess of instant messaging that we'll never find a way out of.  A mess that could've been avoided if we'd just come up with a messaging standard, like we did for email to begin with.  What's so much worse, is that said standard exists and has done for over a decade.  I previously mentioned the Jabber IM protocol, which became XMPP, an open standard for internet messaging that anyone can use.  If today's popular messaging apps used this, or something like it, we'd all be able to talk to one-another as simply as... I dunno, sending an email!



Thursday, February 11, 2016

Digital Natives and The Google Conundrum



Marc Prensky isn't a stupid man.  You don't get degrees from Yale and Harvard otherwise.  Prensky coined the term "Digital Natives" to describe young people born into a world of technology but educated by "Digital Immigrants" who were born pre-internet.  He goes on to describe the divide between natives and immigrants and paints a picture of tech savvy youngsters and out-of-touch adults.  Sounds plausible to most, and despite the fact that the whole concept has been superseded, the language of "Digital Natives" has taken hold.  The problems is, Prensky was wrong.

cropped-technology_evolution2

It's never been better illustrated than in the recent work I've been doing with some 15 and 16 year-old's.  One girl summed up how non-native modern youth are perfectly when she was overheard to say "... how do you get to Google".  Although I don't expect wonders from modern students, I did expect better than this.  I would've just put it down to that student being an exception (maybe she was Amish), but the real shock came when I began to talk to my colleagues about it.  Teacher or non-teacher alike, no-one was surprised to hear this.  Many even traded stories with me of similar "non native" behaviour they'd observed.  Of course you have your good examples too, some youngsters are highly capable, but so are some adults.  It seems like these kids are as much at sea with technology as the generations that came before them.  In fact, in my time working with technology in schools I think I've seen an obvious decline in technological savvy.  The best example is that the wanton hacker is gone.  A thing of the past.  The student who kept the network administrator up at night wondering what system he might break into is something I haven't seen or heard of in a decade, minimum.

So what's happening?  How can you be be a "native" in your environment but not understand how to climb a tree to get food, or know which animals are dangerous?
I think the blame lies with technology itself.  It's too ubiquitous, and it's too easy to use.  There's no challenge in using technology if you have it in your pocket all the time fully connected and just waiting there to alert you to when something happens.  You're such a passive part of the exchange that you never have to think about it, so why would you learn anything about it?  Moreover, if it's always highly reliable, you never have to work out a problem to get it going again.  Unlike the generations who grew up with computers in the 70's and 80's, modern youth has gadgets that just work.  Previous generations often had to troubleshoot their own problems.  Ever had to scan a floppy disk to recover something?  Ever had to set an IRQ for a sound-card so you can hear something in your favourite game?  Or a more recent example - how much spam did you used to get compared to actual email?

Now, I don't mean this to be an "in my day I had to walk 10 miles through the snow with a broken leg to get home from school, then my Dad would horse-whip me for being late" story.  It's good that technology is better, it's great that it's cheap and accessible, and I most definitely do not want all that spam back.  But don't drink the "Digital Natives" Kool-Aid, it encourages laziness and does everyone a disservice.  Students need guidance with technology.  Don't take their capability with technology for granted, help them build it.  Use your experience with frustrating half-baked ancient technology to create a native today!

Wednesday, October 14, 2015

Did Facebook just save me from being Pwned?


An interesting thing happened recently.  I'm a member of a website called Patreon.  If you haven't heard of Patreon, it allows you to support content creators with their projects by donating money to them.  I use Patreon to contribute to the Daily Tech News Show podcast.  Obviously this means Patreon have my details stored in their databases, including some personal details and my payment method.
Patreon recently had a security breach that involved user details being posted online, mine included.  When I got notification* that my details had been posted to the internet, I was somewhat concerned.  The website claimed that their passwords were stored with non-reversible encryption, which was reassuring, but all the same they recommended that everyone change their passwords.  Given that my financial information was safe with Paypal, my main concern was my password, and I didn't want to take any chances with it.  What if I'd used that password somewhere else?  What if someone was able to use it through Patreon to send money to themselves?

R00T
The recent security breach at Patreon has lead me to like using my Facebook account for things outside Facebook just a little bit more.

So I got along to the Patreon login page which presented me with two options - Patreon login, or Facebook login.  It was then that I remembered I'd used my Facebook account to login.  What did that mean?  Did it mean I was safe, or that my Facebook account was vulnerable?  So after a quick look around the web I came across this notice from Patreon's CEO, Jack Conte, and in particular the last paragraph which stated:

"If you signed up through Facebook, you do not have a Patreon password and no action is necessary"


That was great for me, I didn't have to do anything, my password was safe because it was with Facebook, not Patreon.  More importantly though it highlighted one thing.  I create passwords at a lot of sites for a lot of things, we all do.  I have no idea how some of them store my password and my personal details, or how much they care about security.  Certainly, some have even been caught storing passwords in clear text (including some that really should've known better)!
What I can be fairly confident of though, is that Facebook, the site storing the passwords of a billion users is going to have better hardened security than <insert random internet startup here> does.  This time, Facebook has kept my password safe from being published to the internet, and I dare say it's likely to do so again, as would logging in with a Google or Microsoft account if that were an option (note to Patreon - that should really be an option).

This has caused a bit of an about-face for me on this federated login thing (logging in with your social accounts).  I used to think it was a play for Facebook and Google etc. to net yet more of your personal data.  Frankly, it probably is, but I'm much happier to let them know I use "Dave's Cheese Shop" website now.  Trading basic and useless personal details like that for better security in an age where website security breaches are a regular occurrence seems like a good way to pay for some peace of mind.

* On a side note, you might be wondering how I got notification of my details being posted to the internet.  No Patreon didn't tell me.  They did tell me about the security breach, but they didn't tell me when the details of that breach turned up online.  That particular honour goes to the aptly named Have I been pwned? website.  Into which you can enter your email address to see if it's been part of a website security breach where the data has been posted to the internet, and sign up for notification of that exact occurrence in the future.  I signed up earlier in the year, and they told me about the Patreon breach almost immediately after it happened.  So with that in mind it might be worth checking your own email addresses using this site, you never know!

Thursday, September 17, 2015

Why You Should Get Windows 10

If you've been offered it by the Microsoft "Get Windows" application you should very seriously consider getting signing up and letting Windows do the upgrade to the newly released version 10, and here's why.

Take is from someone who's been testing Win 10 since the public beta program started last October.  What you're being offered is possibly the best Windows release ever, if not that it's certainly the best Windows for the price.  Which is $0.

Think of this upgrade like you do your mobile phone, where you just let upgrades happen as a matter of course.  Microsoft want you to do the same with Windows, and here's 10 reasons why I think you should:


screen-shot-2015-07-24-at-10-24-17-am
The "Get Windows 10" app, offering you ~$150 worth of software for free.


Reason #1 - It's Free

Never a good reason in itself, being free is certainly compelling, but sometimes you get what you pay for.  But this is one of the rare cases where the thing that's being offered to you at no cost is actually pretty good.  I was very surprised to note that many people didn't understand that Windows 10 is free to anyone running legal copies of Windows 7, 8 or 8.1 for 12 months starting from its release in July 2015.  After that you'll have to pay for it, so it's worth taking note of the other reasons below to help understand why free Windows is a good thing.


Reason #2 - It's Faster

I loved hearing Gable Aul (Corporate Vice President - Engineering Systems at Microsoft) talk about this when he was speaking on the Windows Weekly podcast, where he said that the development teams working on Windows will sit in meetings and argue about how to reduce a 100ms delay somewhere in Windows.  His argument was (to paraphrase) that if they can save even .1 of a second that puts something like a thousand days worth of time back into the world, when you account for the billion or so Windows devices out there.  That attitude is obvious in Windows 10, with faster load times and snappier responses in most areas.  It's particularly noticeable going from Windows 7 to 10, as 7 was quite slow even compared to Windows 8.

Reason #3 - The Upgrade is Easy

Most people are finding the upgrade process goes smoothly for them, and although in some cases it can take a while, it's amazing that Microsoft are able to run an automated upgrade process from 3 different OSes (Windows 7, 8 and 8.1) to Windows 10 on the myriad of different hardware platforms out there, and maintain a largely consistent experience.  Sure, if you're a technical person, or know someone who is, starting fresh with a clean installation is better, but the upgrades I've done have been very straightforward, so why not give it a try?  Just open that little Windows icon in the system tray and get going.  If you're running Windows 8.x you wont want to go back, that much is for sure.

Reason #4 - Virtual Desktops

Do you know anyone who uses Linux?  No?  Well of course you don't, you're normal!  But if you did they'd tell you that Linux has had this for years.  But that's okay, the Commodore Amiga had this in 1985, so they can get off their high-horse anyway.  Virtual desktops are like having multiple screens, but on the one screen, it reduces the clutter on your main screen allowing you to easily flip between these screens, or desktops.  Imagine having Word and Excel open on one desktop, then pressing Windows Key + ► and the whole screen slides to the right to reveal another desktop where you have your web browser and it's various tabs open.  This is a brilliant productivity tool, and the only problem with it is that it's taken so long!

Also, Microsoft have built in a new task switching interface, accessible from the task bar that you can use to easily move applications from one virtual desktop to another.  It's very slick and easy to use, certainly much more friendly than any implementation I've seen on Linux.

Reason #5 - The Start Menu is Back

Oh, calm down, it was never that brilliant anyway!  That said the Start Screen in Windows 8.x was half-baked, and many (including me at times) found it very annoying.  The problem is, that the live tiles on the start screen were an improvement over plain static icons like you'd seen in Windows 7 or MacOS.  So Microsoft have reinvented the Start Menu to be a mix between the Start Menu and the Start Screen.  Rest assured, you still click in the bottom-left and see all your programs like you used to.  The main differences are that the icons are capable of showing extra information, and the start menu can become a start screen if you're using a Windows tablet.

Reason #6 - Edge

You can invoke a visible shudder from people just by saying the words "Internet Explorer" to them.  That mangled and sluggish web browser is easily the worst you could use on Windows, and it's the default!  What's more it's regularly targeted by malware.  A lot of people just use it because it's there, making their web browsing experience horrible, and potentially exposing them to malicious software.  The solution was for Microsoft to get rid of it in Windows 10, replacing it with a new browser called Microsoft Edge.  Edge still bears some parts in common with Internet Explorer, but they ripped out all the problematic code, basically stripping it bare and starting almost from scratch.  It's standards compliant, so that means websites are more likely to display correctly, and it's fast.  Sure, it doesn't support extensions yet, they're coming soon.  But give me Edge over Internet Explorer any day.  Once they've added a bit more polish to Edge, it should be a genuine competitor for Chrome and Firefox, with the former becoming increasingly problematic in recent times.

Reason #7 - Action Center

Notifications, just like on your mobile phone.  All contained in the one place to make them manageable and understandable.
When they originally released this feature to the preview program long before Windows 10 was released, it wasn't my favourite feature.  It was clunky and unpredictable, what's more I didn't care for the interface design.  But sometime before Windows 10 went to the public they redesigned it, and now I do quite like it.  As software makers begin to use it more you should see alerts and notifications end up in the Action Center, rather than bugging you so much with popup Windows while you're trying to work, or filling up the system tray with icons.


Reason #8 - Continuum

Continuum is the name for the feature Windows 8 should've had right from the start.  But of course, Windows 8 would've needed a Start Menu option for desktops and laptops for that to work, and it didn't.

In a nutshell, Continuum manages the way 2-in-1 devices like the Microsoft Surface or the Lenovo Yoga work when you change them from a laptop to a tablet.  It expands the start menu to a full-screen touch-friendly experience when in tablet mode, and back to the traditional start menu when in laptop mode.  It will also do the same for "modern" apps, like the Mail app.  This way, you don't have to try and work in a tablet interface on your laptop, or a desktop interface on your tablet.  Having the best of both worlds pushes us closer to that ideal of having one device that does it all.

On a side note, continuum also exists for Windows Phone, where you should be able to drop your phone into a special dock that turns it into a desktop or laptop computer.  If it works as advertised (and I ask you, when has anything from Microsoft not?), being able to store your life on your phone as most of us do, and have it work as your computer as well is a very compelling thought.  If it works. Which I'm sure it will! ;)

Reason #9 - The Future of Windows is Guided by Us

Part of the problem with Windows 8.x was the top-down approach taken by the team then lead by Steven Sinofsky which implied that they knew what we wanted better than we did. But they didn't, and we let them know. So the new Windows team created the Windows Insider Program and the means to provide feedback during the development of Windows 10, and into the future. Windows 10 is not the product of design-by-committee, or the result of one man's vision that turned out to be an hallucination. It's the result of their ideas, our ideas, and our feedback on those ideas. I'd much prefer this than the old Windows way (which was based on the Apple way). The value of seeking feedback like this is proven by how much better Windows 10 is than Windows 8.

Reason #10 - It's Not Windows 8

Last, but certainly not least, we can move on from Windows 8, the Windows we had to have, but didn't want. It's quite possible that Windows 8 was a necessary step toward a Windows that was relevant in the modern touch-centric world. It was an ugly step in a transition to the much more thoughtful Windows 10 we have today. It's possible that's the case, and it just sucked to have to go through that interim step. Whatever the case, I feel like the free upgrade to Windows 10 is something of an apology to us all for that ugly transitional phase.

Many people have Windows 8 computers out there that aren't up to the job. Without touchscreens and tablet functionality they're a bad experience running Windows 8 or 8.1. So now you can upgrade to Windows 10 and get back the control and features you need to use a traditional computer with a keyboard and mouse. Plus, if you have a tablet or convertible, Continuum gives you that "two sides of the same coin" freedom you didn't have before.

Caveats And Conclusions

There are always exceptions to prove the rule, and one of the biggest is if you own a Mac.  If you have a Mac, sure you could run Windows 10 on it, but the best operating system for you is MacOS.  Driver support for Windows on your Mac is provided by Apple, and they don't do a very good job of it, and I can't blame them, they make their own perfectly good operating system.  So if you run Windows on your Mac, don't expect the best performance, because Apple's drivers aren't up to it, particularly battery performance.
Another point to make here is if you run a computer in a business environment and use software made by a third-party company for your core business functions, be very careful.  Always check with the people who make your software to see if it's compatible with a new Windows version before upgrading.

I'm writing this article from one of my three Windows 10 computers, and I'm very happy with all of them.  There's a reason why Windows 10 has seen the best uptake of any Windows yet, and why it's seen more copies installed in two months than all Macs in existence. It's because it's very good, and one of the exceptional occasions where there is actually such a thing as a free lunch.

Saturday, May 16, 2015

Fake Invoice Scams, How do They Work?

A quite common scam in the United States has come to Australia this year, already fleecing some unwitting businesses for over half a million dollars.  The scam, listed here on the government's ScamWatch site involves businesses receiving very realistic looking fake invoices from scammers, usually stating a change of bank details and directing payment to a different bank account.  This highlights the importance of taking due care when paying invoices, and having appropriate verification processes in place.

"Scammers hack into vendor and/or supplier email accounts and obtain information such as customer lists, bank details and previous invoices"


The scam has been reported extensively, particularly in non-tech news media, but it was a little light on the detail for me, so I've done some further digging.  The reports I'd seen had referred to the scammers sending very realistic invoices to their targets by 'hacking' the email accounts of suppliers and vendors, others used words like 'intercepted email', but gave no further detail.  On asking the question of a few colleagues, some told me of first hand experience with a version of the scam, dubbed a BEC (Business Email Compromise) scam.  They'd seen the simplest implementation, which involved creating free email accounts to send the fake invoices, and matching the account name as closely as possible to the actual supplier account.  But that's pretty simple, and most businesses would be quite suspicious if email that was coming from accounts@davescatering.com started coming from accounts_davescatering@yahoo.com.  Admittedly, they might not pick it up if the real business was using a free email account in the first place, but although that happens, it doesn't seem to represent enough businesses for this scam to be so successful.

Then I stumbled across this page from the IC3 (Internet Crime Complaint Center), that sheds some more light on the situation.  It details three methods of attack, the first being very much the method described above.  The other two methods are far more serious and actually do involve email accounts being hacked.  In both these cases, accounts (or the PC's of account holders) are compromised and invoices issued from them.  In the cases where the hacked account is a senior company executive, no invoice is sent, rather a request for a funds transfer is made to other staff within the company (who presumably dutifully processes it because the request comes from their boss).

So that confirms that the media reports about 'hacking' weren't the usual poor reporting (like the iCloud 'hacking' scandal).  I assume the reports of 'intercepted emails' were similarly reliable.  It's certainly plausible enough to assume that by using hacked accounts, compromised PC's or servers, hackers could have emails surreptitiously forwarded to another party, or be 'intercepted' from the server.

I was still curious about the method used to compromise these accounts though.  I had assumed they were the the result of some successful phishing expeditions - and some were - but further reading suggested at least some were genuine system compromises, particularly this from the article linked above - "Businesses and personnel using open source e-mail are most targeted".  What does that mean exactly?  Properly secured OSS email shouldn't be more vulnerable than any other system.  But that's where the trail I was following ended.  The internet doesn't seem to have any more information about this, and in particular what the role of Open Source systems would or could be.  Even the venerable Steve Gibson of GRC and Security Now didn't have any idea why OSS would matter in this case, telling me that he couldn't see why OSS would be implicated.


Untitled


So that just leaves my theories, and the theories I've seen in forums and in comments around the interwebs, which is that some poorly maintained servers running Open Source mail software were compromised, or simply used as an open relay.  Not exactly conclusive, but better than what I started with, and we certainly know of other cases where hackers have taken control of systems and used them to do their bidding.

One final note is that the lack of actual published information on this is a cause for concern.  I should be able to find out how these attacks have occurred and the mechanisms used.  How can we in the IT community protect ourselves and our users against criminal activity if we don't actually know how it's perpetrated?  If anyone has any more information on this, please post it in the comments, I'd appreciate it.

Monday, May 11, 2015

Google Says Google's Stats Show What Google Want Them to Show.


Last week at a digital advertising conference, Google announced that most searches are now coming from mobile devices.  Or at least they are in 10 regional markets, two of which are the US an Japan, the other 8 Google won't identify.  That rather weak headline was picked up by all the major tech news sites, and a number of non-tech outlets.  But it seems a little weak to me.  Google didn't disclose the figures, sources, methodologies for collection or even the other 8 markets they referred to, which are apparently 'key' markets, but that's very much open to interpretation.

Interestingly, it comes on the back of Google trying to force people to make their websites mobile ready, by changing the relevant search algorithms.

googleevil

So, what's going on here?  Well, my theory is that in short - Google's abusing it's search monopoly.  Trying to force people to make their sites mobile ready sounds really forward-thinking and just acknowledging the way of the world nowadays, and I don't disagree that more searching is happening on mobile.  But with Google being the only major player here, and them telling us what we have to do with our websites, then telling us they have statistics to back it up, just we can't see them.  Well, we've got no choice but to believe what they say, what are we going to do, ask Bing for a second opinion?  Design our sites for desktop and feel safe in the knowledge they'll still be listed at the top of Duck-Duck-Go searches?  We have no choice.

You're probably still wondering how this is abusing a monopoly?  As far as I'm aware it's illegal in a number of countries to use a monopoly position to influence other markets, and it just so happens that Google have virtually no presence in desktop and laptop PC's.  Chromebooks are a thing, but accounted for 1% of worldwide PC sales last year in Q2 (.95 million).  Meanwhile in the same period Android accounted for 250 million units shipped.
So, it's CLEARLY in Google's interest to ensure they push us toward the thinking that most web activity is on mobile platforms, then we design our websites for mobile, then we put more advertising on mobile, then Google make more money.  Because after all, Google sell advertising, that's what they do, and they need you on the platforms they control to make more money from it.  So in this case, Google are using search as a way to drive us further toward mobile and mobile advertising - two non-search markets.

Can we all say "anti-trust investigation"?  I hope not, that was so very painful last time around.

Sunday, May 10, 2015

Time for a Change

Well, this blog has gotten stale hasn't it? In the words of this 90's commercial for an alternative Cola nobody wanted, it's time for a change.  This blog was about technology in the education sector, but I'm broadening it to cover science and technology in the everything sector.  Why not?  It's time for a change and the change is me writing about what I'm interested in, so here goes!



UPDATE: - Come to think of it, how about a site redesign?  It's time for a new look as well.  Just a facelift (maybe some botox and collagen, nothing huge). Stay tuned!