Russian Hackers Have One Billion of Our Passwords
Yours? The broadcast news accounts have been sufficiently breathless to cause panic. There are 3 billion Internet users and 1 billion passwords have been stolen, so that must mean 1/3 of all Internet users are at risk. Actually, it doesn't; but that doesn't mean you should relax. In two words: DON'T PANIC. The story has been a bit (well) overblown.
Here's why 1/3 of Internet users aren't necessarily at risk: There are 3 billion users. Each user will have credentials for a variety of online stores, banks, and services. According to LastPass, I have 398 sets of credentials stored. Probably that's a few more than most people, but let's say the average person has just 50 sets of credentials. So 3 million times 50 is 150 million. The hackers have 1 million passwords. That's 1 in 150 and not 1 in 3.
But, as I said, don't be complacent.
If you haven't yet changed your critical passwords (those for any service that has anything to do with your money, identity, or medical records), now would be a very good time to do so. And make sure that you don't use the same set of credentials for more than one of the critical sites.
Next week's program will be all about identity theft, so we'll look at the entire topic in more depth then.
Hold Security in Milwaukee was responsible for finding evidence of the break-in, but so far has provided very little information about companies whose sites were attacked. Many of those sites are apparently still vulnerable. According to the story in the Times, which quoted the founder of Hold Security, Alex Holden, "Hackers did not just target US companies, they targeted any website they could get, ranging from Fortune 500 companies to very small websites."
What Holden and the Times seem careful not to say is that those who have all these passwords didn't obtain them from large operations, but by accumulating stolen credentials that have been stolen by what appear to be little more than "script kiddies", people who buy off-the-shelf malware and attack individual users.
Holden also has been less than forthcoming about any specific sites that might have been attacked and he is now offering (for $150) to tell you whether your credentials are among the 1 billion records.
So, What Now?
Well, even though this seems to be far less frightening that some might like to have us believe, it's a good idea to change passwords at least occasionally. Passwords for non-critical sites (greeting cards and newspapers, for example) need not be changed because they have little or no value to thieves, but any account that deals with financial or medical records should be changed now.
If you haven't yet signed up for a password manager such as LastPass (free or $15 per year), do so. LastPass securely stores all of your user names and passwords in an encrypted file, locally and on LastPass servers. Be certain to create an extraordinarily strong password for LastPass. It's the only password you'll need to remember and you'll be able to allow LastPass to create secure passwords such as "HK4f3gGQ3cWyZtb#uESHL=sQ9eN@N7" for use with critical services.
My LastPass password is in a format like this: Bang@666Hippopotamus and I can remember it (or even write down a hint, "Sound at Tishman Animal"). That translates this way:
- Sound: Bang
- At: @
- Tishman: 666 is the address of the Tishman Building on 5th Avenue
- Animal: Hippopotamus is my favorite animal
Needless to say, that is not my password, "bang" would not be the sound I would choose (if I used a sound in my password, which I don't), 666 is the actual address of the Tishman Building (but I don't use that in any of my passwords, either), and hippopotamus is not my favorite animal.
For more information about keeping your identity safe, check next week's program on identity theft.
Creating High-Design, Compliant Sites with Ease
The phone has become a device for looking at websites. People who own smart phones may not use those phones for all their browsing, but most of them undoubtedly use the phone to view some websites and those of us who have websites need to begin thinking about how those sites appear on smaller screens. Responsive sites examine the hardware they're being displayed on and then modify the code they return to the browser for the best possible result. "Easy" and "fast" are two terms that haven't been used to describe the process of creating responsive sites in the past. Xara may change that.
Most commercial website development tools cheat a bit when it comes to creating a responsive site. Instead of using what are called media query statements that call various cascading style-sheet files, they create a copy of the site and place it in a subdirectory (often the directory is named "m" -- not after 007's old boss but standing for "mobile"). Although this technique works, it doesn't create a truly responsive site.
Xara's new Website Designer 10 does and in a way that just about anyone can use it. Everything is published to the same folder along with CSS Media Query statements ensure that visitors see the right components. As a result, the user of a tablet who opens your site with the screen in portrait mode, but who turns it to landscape mode, will see the site re-configure itself for the wider screen.
Related to responsive sites are what Xara refers to as "Supersites". These are ideal for a site that contains only a few pages that are all about the same size. The entire site exists as a single page that can scroll vertically or horizontally, making it ideal for touch-enabled devices. As implemented by Xara, a Supersite navigates instantly between pages because everything is already loaded. You can also use any of a variety of page animations that have been built with HTML5 and CSS3, so the effects will work with any modern browser.
The program also makes it easy to use more than just the standard dozen or so (boring) Web-safe typefaces. It includes the appropriate links to typefaces provided by Google. Sourcing the webfonts from Google will generally cause them to load faster than if you serve them from your own website. Because you don't have to convert text to graphics, search engines can see and index all of your text and anyone who wants to copy and paste text from the site can do so.
Xara includes a nice selection of plug-ins and widgets, so you might think that the program would take hours to download when you want to install it. Not so! Just the bare bones are included. All of the templates, plug-ins, widgets, graphics, and such will be downloaded on demand when you need them. After all, there's no point in downloading 100 or more templates and their associated code if you plan to use just 3 of them.
Widgets make it easy to add information from Google Maps, Picasa photo albums and slide shows, and YouTube videos, but there are also widgets that will help you create forms and content needed for e-commerce sites. A few of these are included in the Classic version, but many more come with the Premium version. More about the differences and the costs in a bit.
Apple's Retina display is the first of what are called Hi-DPI displays. These high-resolution screens work better if the site designer creates special versions of all graphics. Usually, this is not quick, easy, or simple -- but Xara handles the task automatically if you select a checkbox that tells the program to create the Hi-DPI images. It also creates the appropriate code and names the images properly so that devices that can use the high-res images will get them.
A Test Run with Xara Web Designer
When reviewing earlier versions of Xara Web Designer, I've created phony websites. My favorite was KatzenPurple, a site for purple cats. This time around, I had time to examine the features or to create some text and pictures for a phony site. I could do one or the other, not both; so this review will use one of the sample responsive site templates with only minimal modifications.
Scrolling through the list of templates, I looked for ones marked with "(R)", meaning that it's a responsive site. Double-clicking the name of the template provides thumbnail previews.
Once I had selected the template, right-clicking and selecting Download All made the template available.
Next, right-clicking the website thumbnail and selecting Open provided a starting point for the standard site and the mobile site. There are thumbnails for the starter site, individual pages, add-on pages, widgets, graphics, and icons.
My first surprise came when I changed a line of text on the main page. It's not uncommon for applications that create multiple instances of a site for the various browser sizes to require that modifications be made on each instance.
But when I switched to the mobile site, the text had also been changed there. In some cases, you may need to reformat the text -- for example, if I wanted the text that's now on two lines to be on a single line -- but the text itself is present.
Now Let's Do Some Exploring
This is the main page that I started with. Two photos and some text. This is the standard-width view, what you would expect to see on a desktop or notebook computer, and possibly on a large tablet.
Adding a line drawing of a cat seemed like a good idea (in my dreams!) but you'll note that the cat graphic obscures some of the text.
I remembered from an earlier version of Xara Web Designer that there's a "repel" setting that forces any text that's on any layer below the image to be repelled.
I turned that on and now the text has moved away from the graphic.
And if I rotate the line drawing of the cat, the text responds by wrapping to fit the way the image is now positioned.
When I opened the mobile version of the site, I wasn't too surprised to find that the cat wasn't there. I had to drag it out from the gallery, position it, turn on the repel function, and rotate it.
This isn't surprising because I added the cat to the existing full-size page and I didn't expect it to be replicated on the mobile page.
Then I decided that this site might have some visitors who have really wide screens (1200 pixels or more). So I created a third variant for wide screens.
When I opened the wide variant, everything from the standard site (including the cat) had been added to the new variant.
This time I cropped the image in the upper right so that it would have a wider aspect ratio and then scaled it up so that it would fit the available space.
I also tried rotating the text box at the right. You may think that the text has been converted to a graphic, but open the site and try selecting it. You'll find that you can and this means the text is still text.
See my test site here. The test site doesn't contain much additional text and, except for links to the various built-in pages, don't expect the links to work. What will happen, though, is that the site will respond properly if you change the width of the browser window.
More Pluses and a Few Minuses
Several slide show widgets are included without extra cost, but they have fairly significant limitations. One you'll see on the "About" page of the sample site is an accordion slide show. The show plays automatically or the user can click one of the vertical tabs to view a specific image. All that is good.
The presentation is limited to 5 images. That's not unexpected with an accordion presentation, so no problem there.
But the text at the bottom of the instruction panel for the slide show widget says that it can't be resized. That is a problem.
When I tried to implement the widget on the phone-size page, it was too wide.
And the result on a narrow screen is that you can't see the left or right edge.
Now, realistically, many designers would probably skip the slide show entirely on a phone and select one of the images to display or show them all in a vertical line. This isn't a deal breaker, but it would be nice to have a way to resize the widgets.
Another oddity, one that I reported to Xara, is that some images in the template have a mouse-over effect that suggests clicking would do something. The image you see here shows the mouse hovering beside the image (full color) and then over the image (washed out). If this signaled that something would really happen when the user clicks the image, it would be OK, but clicking does nothing.
Whatever effect has been applied could be turned off, of course, so this is also not a deal breaker, but it could be a frustrating puzzle for a new user.
Extras Included with Premium Version
As usual, Xara Web Designer 10 is available in two versions, the basic program ("Classic") at $90 and Premium version at $300. If you own a previous version, you would expect a lower price for upgrades and that's what you'll find in the Xara store.
If you're considering Xara Web Designer and you do any amount of website design, Premium is well worth the extra cost. Here's a list of what's included in Premium but not in the Classic version: Responsive Web design feature, single page supersites, animation (flash and gif), presentations, extra widgets including slide shows, e-commerce and charts, embedded fonts, animated page and layer transitions, site maps, FTP explorer, extra templates, graphical bullets and numbers, direct support for Google fonts, freehand and brush tool, additional options in the text tool (find and replace), additional options in the fill tool (some fill shapes and profiles), additional options in the transparency tool (some transparency shapes and profiles), additional options in the shadow tool (profiles), bevel tool, molding tool, feathering tool, 3D extrude tool, red eye photo tool, panorama photo tool, line gallery, combine shapes, advanced paste, color naming and some color models, printing, screen capture, some additional import and export formats, support for retina screens, enhanced free Web hosting offer, Google analytics, 64 bit windows support, and 12 months free domain hosting.
The hosting package is interesting. It includes one year of site hosting for no additional charge, up to 2 GB of server space, domain name registration, and up to 5 e-mail accounts.
I've known designer Gary Priester since sometime in the 1990s. He works for Xara and has written a worthwhile introduction to this version. See Gary's article here.
Lots of features in an easy-to-use website designer
Despite a few minor problems, Xara Web Designer
10 is an impressive application that puts a lot of power in the hands of people who are more comfortable working with words and pictures than with somewhat arcane HTML5, CSS3, and Javascript code. The Classic version is fine for basic sites, but if you really want to get fancy, you'll want the Premium version.
Additional details are available on the Xara website.
Using Lightroom with 40-Year-Old Pictures
Photographers, whether amateur or professional, have heard about all the advantages of Adobe Lightroom. About a week ago, Adobe released a new version of Lightroom (5.6) and the corresponding new version of Camera Raw. The primary additions this time around provided support for several new cameras, so there's not a lot of news. At the time, I was using Lightroom to work on some pictures from the 1970s and then my wife asked me to scan some pictures from the 1940s. So I used Lightroom for those, too.
Lightroom doesn't have a scanning option, so the first thing you need to do with older images is have them scanned. Starting with the original negative or slide is the best option, and I was able to do that with my pictures from the 70s. The older pictures existed only as paper prints.
I started by scanning the images with VueScan, which is one of the most versatile scanning applications available. In fact, I have two textbook size books that explain how to get the most out of VueScan. In part, this is because the user interface is busy and can be confusing. Still, if you want to get the most out of any scanner, this is the application that will do it. VueScan is compatible with over 2500 different scanners and has versions for 32-bit and 64-bit systems -- Windows, OSX, and Linux.
For the antique images, I followed this work-flow: Place one or more images on the scanner, scan at 600dpi, save as a TIFF, open the ganged scan in Photoshop, extract individual images, save the individual images as TIFFs, import the TIFFs into Lightroom, and process normally. I selected 600dpi because that would be adequate for the 3x5-inch images I had, and I scanned them as color images even though they were all monochrome images. While this increases the file size, it also gives more flexibility in later processing.
The images from the 1970s all started as slides and I had a scanning service convert them to JPG images. I would have preferred to have the images saved as TIFFs, but the cost was considerably higher and I decided that first-generation JPGs from the slides would be acceptable. I was able to import these directly into Lightroom.
Quick Changes Make a Difference
Sometimes it doesn't take much to significantly improve a photo. Here are a few examples.
This image had a green cast, but was otherwise and acceptable image of the entrance to an exhibition coal mine at Beckley, West Virginia.
Click any of the smaller images for a full-size view. Press Esc to dismiss the large image.
About 3 seconds later, the green cast was gone.
In this image from 1975, an overall green cast is apparent and the image would be much more interesting if it was cropped more tightly.
So another 3 seconds or so to fix the color and another few seconds to create the crop.
One of the most appealing features of Lightroom is that all changes are non-destructive and you can always return to the original image.
To obtain the "before" images for each of these pairs, I selected the modified image, made a virtual copy of it, and then reset the virtual copy to the picture's original state.
When we visited the National Radio Astronomy Observatory in southern West Virginia in 1975, the sky was dark and dramatic. Most of that drama was lost in the picture that I took.
Adding a graduated filter on the sky was another image modification that required just a few seconds to accomplish but the result is what I remember seeing that day instead of the washed-out sky that the film captured.
In some cases, more corrections are needed. Here the overall contrast is weak and objects that should be deep black are merely gray. The skyline in the distance could also be improved with a graduated filter and some additional contrast enhancement.
This image required a bit more time to fix that most of the ones you've seen so far, perhaps 30 to 40 seconds.
This is a photo from inside the exhibition coal mine at Beckley, West Virginia. You'll notice that I used an on-camera flash (this was nearly 40 years ago, we were in a dark area, and the film speed was probably ASA 100).
The flash makes the yellow rock duster too bright because it's closer to the camera than the miner and the overall image is too bright (it is in a mine, after all).
A graduated filter took care of the yellow rock duster and, by making it even darker than the rest of the room, I've accomplished two objectives: First, the light looks more natural (even though there are clear signs that an on-camera flash was used, it reduces the effect considerably) and second, the emphasis is back on the miner.
Memo to me 40 years ago: You should have waited for the miner to point to something on his right so that he would be facing into the image or panned to the right so that he would be pointing into the image. There are some things that even Lightroom can't fix.
Lightroom for Mac Users
Lightroom is available for Mac users, too. That's not new, but maybe it's a bit more important now that Apple has given up on Aperture. The Apple product never had the following Lightroom developed, in part because it was available only for Macs and in part because Lightroom is is much more capable application.
To help Mac owners make the conversion from Aperture to Lightroom, Adobe has prepared a guide that explains how to migrate images from one application to the other. You can download the PDF document from Adobe. If you're willing to spend $10 per month, you'll get both the latest Creative Cloud versions of Lightroom and Photoshop. If you prefer a perpetual license, Lightroom 5 is available that way for $150 (new license) or $80 (upgrades). Adobe says that it plans to continue selling Lightroom with a perpetual license even though all other applications have moved to the Creative Cloud program
That said, $10 per month is a pretty reasonable price for the latest CC versions of both Photoshop and Lightroom. Additional details are available here.
Short Circuits
How Rugged are Thumb Drives?
I've always considered thumb drives to be relatively fragile devices, but maybe it's time to rethink that. They're not good choices for long-term storage of important data if for no reason other than they're small and easy to lose. The wisdom of the Internet tells us that thumb drives' relative fragility make them a risk for anyone who relies on them for primary storage.
So that's what my opinion had been, but certainly they're no more fragile that floppy disks of old (most of which still work if you can find a reader for them). But last weekend convinced me that maybe they're a little more rugged than I thought. I left a thumb drive in a pocket in a pair of pants. The pants went into the washer and then into the drier. After being submerged in water for nearly an hour and then spending 90 minutes in a hot drier, the thumb drive appeared. It was sitting at the bottom of the drier.
Not much hope for that one, I thought, but the computer immediately recognized it when I plugged it in and the files were present and readable.
The most fragile parts of a thumb drive are solder joints, which are internal. Bumping or twisting a drive may put needless pressure on the joints. Cracked solder joints will eventually cause the flash drive to fail.
A power surge could cause the flash drive to fail. Likewise, if the computer is attacked by a virus while a flash drive is connected, then the flash drive will also be subject to attack and may become damaged. These threats are worth considering, but they are no different than threats that affect any other storage device.
Thumb drives are still not the medium I'd want to use for backup or any other kind of long-term storage, though. But at least I know that they're quite a bit less fragile than I thought.
Microsoft Leaps into Court Against Samsung
Yes, this time it's Microsoft. Apple has sued Samsung. Samsung has sued Apple. Apparently Microsoft's attorneys felt that the other guys were having all the fun, so now Microsoft has filed suit against Samsung, claiming that the company has defaulted on a licensing deal the two signed in 2011.
Microsoft complains that Samsung is no longer making timely royalty payments and is refusing to pay interest on the past-due payments.
The agreement 3 years ago regulated how Samsung could use Microsoft's intellectual property in Android smart phones and tablets. In addition to suing Samsung, Microsoft has provided the reason that it feels Samsung is not keeping its part of the deal: The reason, says Microsoft, is not that Samsung considers Microsoft's acquisition of Samsung's smart phone competitor, Nokia, to be a breach of contract on Microsoft's part.
Microsoft's acquisition of Nokia was completed earlier this year and Microsoft has maintained that the deal did not constitute a breach of contract. According to Microsoft's Deputy General Counsel and Corporate Vice President, David Howard, in a post on a Microsoft blog, the real reason Samsung decided to stop making royalty payments because its sales of smart phones have quadrupled and that would increase the royalty payments: "Samsung predicted it would be successful," he wrote, "but no one imagined their Android smart phone sales would increase this much."
Can Anybody Stop Android's Rout of the Smart Phone Market
With sales of Apple and Microsoft phones falling and sales of BlackBerry devices all but non-existent, Android has now reached 85% market share in the smart phone market according to Strategy Analytics.
A total of just over 295 million smart phones were shipped in the previous quarter and Android's gains came at the expense of Iphones and Windows Phones: Android increased market share from slightly over 80% in the second quarter last year to just under 85% in this year's second quarter.
Apple's share dropped from more than 13% to less than 12% and Microsoft dropped from about 4% to less than 3%. BlackBerry took the largest tumble, though, from 2.4% to 0.6%. Other brands of smart phones stayed even at 0.2%.
Linda Sui, Strategy Analytics, said that global smart phone shipments grew 27% annually from 233 million units in Q2 2013 to 295 million in Q2 2014. But she noted that they estimate worldwide smart phone growth has halved during the past year, from 49% a year ago to 27% today. "Global smart phone growth in the current quarter is at its lowest level for five years and there are wide variations by region. For example, Africa and Asia are booming, while North America and Europe are maturing," Sui said.
Samsung kept its commanding OEM market share lead, at 25.2%, but that figure was significantly lower than last year during the same quarter. Apple had 11.9% share, Chinese giant Huawei had 6.8% and Lenovo, Xiaomi and LG rounded out the rest of the top list, all at around 5%.
Samsung continues to be the leader in sales and Neil Mawston, Executive Director at Strategy Analytics said and he doesn't hold out a lot of hope for Microsoft or Apple: "Rival OS vendors are going to have to do something revolutionary to overturn Android's huge lead in smart phone shipments," he said, and "Apple's push into the big-screen phablet market and Firefox's expansion into the ultra-low-cost smart phone market later this year are the only major threats to Android's continued growth at this stage."