Getting Organized in the New Year

I know a lot of folks who have made resolutions to get organized this year and one of the things they're taking a good look at is the amount of email on their phones.  Some have hundreds or even thousands of messages sitting there eating up storage and making finding anything a real chore.

So, if you're in the same boat, using an iPhone, and want to dump all those messages I'll show you how to delete them all in one process without having to click on each one to select them.

(Pssst - this tip will let you bulk delete OR bulk move messages around in iOS 10)

1. If there are any messages in the folder that you want to keep, move them to another folder.
2. Once you're sure that only unwanted emails are left, tap  "Edit" in the upper-right corner. Once in edit mode, select one email by tapping the circle to the left of it.
3. Tap and hold the "Move" button located at the bottom of your screen, but don't let go just yet. tap the circle to the left of the email that you chose in the previous step to deselect it, now you can take your finger off the "Move" button. This selects all of the emails in the folder at once.
4. Tap "Trash" on the next screen to move all of the emails to the Trash folder.
5. To completely delete the messages, open the Trash folder, tap "Edit", and tap "Delete All".

That's all there is to it and the clutter is gone, Gone, GONE.

Continue reading →

iOS 11's Annoying I Issue

Some folks are having a problem when they type an 'I' on their iPhone or iPad.  they,re getting an A with a question mark symbol [?] next to it.  This is a problem in iOS11 that oddly only affects some users.

Apple has released update 11.1.1 that is supposed to fix the problem.  If you haven't updated yet or need to hold off updating, there is a work-around.  Go to:

Settings
     General
          Keyboard 
               Text Replacement 
Hit the + to add a new entry then type an uppercase “I” in the Phrase field and a lowercase "i" in the Shortcut field.

That should fix you right up.

Continue reading →

Is Alexa Spying on Me?

Well, here we are a good ways past Christmas.  Chances are most everyone you know found some kind of tech toy under their trees.  A lot of folks got one of Amazon's Echo, Tap, or Dot devices.  These all run on Amazon's Alexa app to do their stuff.

I got a question the other day from a friend who got an Echo; Is Alexa spying on me?

The question was spurred in part by a brief flurry of postings online after Arkansas police dropped a subpoena on Amazon for information from Alexa about a murder.  There was an Echo in the house where a murder happened and the authorities want to know what Alexa heard.

Now to get to the original question -
For the Echo and Dot, Alexa is always listening for the 'Wake Word' (the Tap has a button that you must push to wake it up unless you've set it to hands-free mode). While waiting for the wake word Alexa is not paying attention to anything else that it hears.  Once it hears the wake word (Alexa, Amazon, Echo, or Computer; or sometimes something that sounds reasonably close) it starts paying attention.

Alexa records what it hears after you wake it up and uploads the recording to Amazon's servers.  According to Amazon this is to "improve your experience and our services".  This is all well and good, but there are occasions that Alexa is recording when I haven't used the wake word.  That's because it hears my dog's name as the wake word every so often.  So it will record things like 'come here' and will answer with things like "I would if I could, but I may need a helping hand."

You can manage and delete the recordings online in the Alexa app at https://www.amazon.com/mycd.

So, basically, Alexa is not spying on you but it can overhear things it doesn't need to know.

Continue reading →

Excel Files From Web Won't Open

I had an interesting issue creep up a bit ago with Excel files that were created by a web application not opening in Excel.

I had a ColdFusion app that would generate reports on the fly for users.  We were using CFHEADER and CFCONTENT to deliver table formatted data as XLSX files.  It had been working fine right up until it didn't.  We hadn't made any changes to the code and checked and confirmed that there were no changes/patches to the system since the last known good report was generated.

As it turns out, in mid-July Microsoft upgraded the security in Excel concerning how it handled HTML files with XLS or XLSX extensions from untrusted locations. Previously, Excel would warn you about the file having a type mismatch and would let you accept opening the file.  From the update, Excel would no longer allow the file to be opened and offered no explanation or error message.

There are a couple of workarounds to open the files:
The first is on a file by file basis -

• Once you have the file, Right-Click on it to get the context menu and select ‘Properties’
• On the ‘General’ tab, click ‘Unblock’ and then ‘OK’
• Open the file as usual. You’ll get this message - 'The file format and extension of filename don't match. The file could be corrupted or unsafe. Unless you trust its source don't open it. Do you want to open it anyway?'
• Click ‘Yes’
• The file will open

Another workaround is to change the Trusted Locations settings in Excel

• Open File > Options > Trust Center > Trust Center Settings > Protected View
• Clear the check-marks from  "Enable Protected View for file originating from the Internet" and “Enable Protected View for files located in potentially unsafe locations”.
• Files pulled from the Internet will open.

If you've been building spreadsheets in ColdFusion with CFCONTENT and CFHEADER, it's time to start using CFSPREADSHEET and the associated functions.

Continue reading →

Apple Mobile Devices - Patch 'em Up NOW

Apple has issued an "important security update", iOS 9.3.5, to neutralize a new piece of malware that can remotely jailbreak iPhones allowing an attacker full access to your device to read texts and email, record calls, track your location and activate your phone's camera and microphone.

The update patches the three previously unknown zero-day vulnerabilities that together are referred to as "Trident".

To check if you're at risk look at Settings > General > About > Version   If you're on version 9.3.5 then you're OK.  If you're on a different version you should update now.  You can pull the update through Settings > General > Software Update then just follow the instructions to download and install it.

For those interested we'll go into the details a little:
The three exploited vulnerabilities are:

• CVE-2016-4655, Memory Corruption in Webkit 
• CVE-2016-4656, Information leak in Kernel 
• CVE-2016-4657, Kernel Memory corruption leads to Jailbreak.

The issue was found by cyber security firms Lookout and Citizen Lab, who were tipped off to unusual text messages received by an iPhone user in the United Arab Emirates.
Lookout and Citizen Lab worked with Apple on the patch before releasing information on the vulnerability.
The Trident vulnerabilities are exploited in a spyware package called Pegasus which is widely available throughout the world

Continue reading →

Windows God Mode

Just the other day I was helping a friend set up their computer after doing a full reinstall of the OS.

Now configuring a system can get to be a bit tedious with all of the clicking necessary to get to all of the settings and tools.  So to make things a little easier, I clued him into Windows' God Mode.

God mode puts all of the the things you can customize together in one place on your Windows machine, and it is available from Windows Vista through Windows 10.

Getting to God Mode is easy; just create a folder anywhere you like and name it God Mode.{ED7BA470-8E54-465E-825C-99712043E01C}

Actually, you can name it anything you like before the dot.  the important part is what comes after the dot.  Don't change that part.

Once you rename the folder, open it up and you'll find a wealth of tweaks and tools.

Give it a look if you're of the mind.  If you find it convenient, enjoy.  If it's not for you, just delete the folder and it's gone.

Continue reading →

GHOST Buffer Overflow Vulnerability

A critical vulnerability that impacts a majority of Linux servers has been identified.  This vulnerability, named "GHOST", affects the GNU C library (glibc) that is used by Linux applications to interface with the Linux operating system via a series of function calls. The “buffer overflow” vulnerability in a pair of glibc’s functions can allow a remote attacker to exploit this flaw to execute arbitrary code on the system.  

Details of the discovery in this posting on Openwall and, Red Hat provides a detailed description of the vulnerability and updates to resolve the issue.

Continue reading →