TechByter Worldwide

Speak softly and carry a large microphone

 

05 Nov 2017

Programming and Scheduling Note

This program was prepared and recorded far earlier in the week than usual because I had an appointment with an eye surgeon on Tuesday to repair a detached retina in one eye. The surgery should sideline me for most of the week, so I prepared the program early. If anything big happened in technology this week, it won't be here. Everything should be approaching what I refer to as "normal" in time for next week's program.

So let's get on with it ....

Snagit's New Features Should WOW Users

Snagit is the screen capture application from TechSmith. It's been around for 30 years and, with the exception of a few stumbles in recent versions, it has always been the best way to capture a picture of what's on the screen. For that reason, it's popular with educators, documentation specialists, and software developers. The latest version adds several features that allow users to modify captured images in surprising ways.

Press ESC to close.So let's say that I'm thinking about changing the look of the TechByter website, but I want to see what it might look like before I spend a lot of time writing code to accomplish the changes.

Maybe it would be better to place the Facebook, Twitter, and LinkedIn images on the right side of the screen instead of the left. In the past, cutting the icons from one location and pasting them into another location, would leave blank spaces where they were.

Press ESC to close.Now it's possible to select individual images and to tell Snagit to fill in the blank space the way Adobe's Content Aware Fill does.

Adobe is considerably ahead of TechSmith when it comes to Content Aware Fill, but Snagit isn't an image editor. Selecting the beta option for best quality may be sufficient. If not, you'll need to copy and paste parts of the background to fill the holes manually.

Press ESC to close.I moved the icons and note that I changed their order by moving each icon individually. The AutoFill option worked well for this.

Now let's say that I also want to move the title text from its location on the left to a new location on the right.

Press ESC to close.In this case, AutoFill wasn't quite up to the task, so I copied and pasted parts of the textured background to cover the location where the text had been.

Look closely and you'll see where I pasted sections of the background.

Admittedly, this isn't perfect, but it certainly good enough if you're just storyboarding some changes. Now I've moved the social media icons and the page title to the right side of the page.

Press ESC to close.Then I think that moving the listening guy up to the top of the page might be a good idea. This turned out to be another case where AutoFill was far short of what was needed to blank the area where the graphic was, but copying and pasting some areas of the background was once again sufficient.

What if I'd like to change the headline text? This is where Snagit performs some real magic. Bear in mind that a screen capture is just pixels. There's no concept of text in the captured image, but I can select the text, right click, and choose Edit Text.

Snagit removes the pixels that represent the text and creates a text box.

Press ESC to close.The text on the site is in a special typeface that loads when the page loads, so it isn't available to Snagit. For that reason, I needed to select a different typeface.

Once I did that, I was able to modify the text and, even though it's not shown in my preferred typeface, it's sufficient to illustrate what the change would look like.

RELAX! I'm not planning to implement any of these changes in 2018 because they just don't make sense. But being able to test changes like these with just a few minutes of image manipulation in Snagit saves several hours of coding time that would be needed to create these changes using CSS3 and HTML5.

Related to the ability to edit text is the ability to extract (or, as TechSmith puts it, "grab") text. So Snagit now includes an OCR process that seems to work well. This depends on the size of the type (larger is better) and the typeface used (normal faces are better). This could be a time saver if you need to obtain all of the text from a document that can be displayed on the screen, but for which the text isn't otherwise available. The OCR will make an occasional error, but in some quick test using an image of a page from the TechByter website, the error rate seems to be well under 0.1% -- so perhaps 1 error every 1000 characters. Assuming an average word length of 5 characters, that would be 1 error per 200 words. In fact, several of my tests contained more than 1000 characters and Snagit's OCR made no errors.

I mentioned earlier that some recent Snagit updates had stumbled a bit. Previously, attempting to capture a high-resolution screen or the contents of 2 screens could cause Snagit for freeze for up to half a minute. That problem has been resolved with the latest version. Additionally, as I mentioned in last week's Spare Parts section, Snagit's video capture has been improved to capture desktop video at a higher frame rate. The result will be smoother and more professional looking videos, but using a higher frame rate will result in larger files. In most cases, the larger file sizes won't be a hindrance.

5 Cats  Snagit once again proves to be the leader in screen capture software

Anyone who needs to capture images from computer screens should at least take a look at Snagit from Tech Smith. Incremental improvements ensure that the application keeps up with technology and the new features introduced in the 2018 version can save users a significant amount of time and effort.
Additional details are available on the Tech Smith website.

If Passwords are History, What's Next?

Nobody likes passwords. Far too many people still share the same user name and password between accounts and crooks know that if they get your Facebook credentials, they might also have your bank credentials. Too many passwords are weak ("password" or "letmein") and are among the first dozen or so that a crook will try. And good passwords ("r6#O$KxrcblO@5eLo@Bx", for example) are just too hard to remember. And too many people can be tricked into giving their passwords away. Password managers help, but the days of the lowly password are numbered.

Many new Windows computers have built-in fingerprint readers or they can be retrofitted with an external reader. The Windows Hello function that works with cameras in some laptop and tablet computers uses facial recognition. A lot of companies, both established businesses and startups, are throwing a lot of money at projects intended to identify and develop the technology that will replace password. Current iterations of fingerprint readers and facial recognition software are generally considered to be weaker that a well crafted and carefully maintained password.

Two-factor authentication improves security, but slows the process of logging in. And, if you lose the smart phone that's used for two-factor authentication, restoring access to the account might take a long time.

Internet of Things devices make the situation even more complex because many of them are shipped with default credentials that are either difficult to change or impossible to change.

So something will replace passwords and we all hope that whatever that something is, it will be easier to use and more secure. But most people don't like change and some will still find ways to defeat the security mechanisms. While we're waiting for what's next, we should at least do everything we can to protect important credentials.

We have several classes of credentials. My user name and password for sites such as the New York Times and Washington Post are relatively short, but still meet the criteria for strength: Minimum of 8 characters, upper and lower case letters, a number, and a special character. Credentials for Facebook are a bit stronger because a crook who manages to log on as me could do some real harm. Then there are on-line merchants such as Amazon, where a long user name and an even longer password are reasonable precautions. And last, banks: Very long user names and passwords that are both long and complex. LastPass manages all of these for me. Oh ... and there is one additional item: I have an email account that has a long, complex, and unreadable address in addition to its long, complex, and unreadable password. I never send messages from this account and it is used only to receive messages from organizations such as banks.

Given a choice between safe and sorry, safe is almost always preferable.

Short Circuits

Check Google Chrome Browser for Updates

Chrome updates automatically, so you probably have the latest version, but now would be a good time to check. A high-severity buffer overflow vulnerability was discovered near the end of October. Checking would still be a good idea.

Type chrome://version/ in the address bar and if you see version 62.0.3202.75 or later, you're safe. If you see an earlier version, download and install an update.

The bug is related to an open-source JavaScript engine that dates back to Windows 7, to MacOS 10.5, and to Linux systems that use 32-bit Intel Architecture.

Google didn't release details about the bug, but did indicate that it's serious. Additional details will be released after a majority of users are updated. Reading between the lines, this is probably the kind of exploit that would allow crooks to run their code on your computer.

The bug was identified by researcher Yu Zhou, of Ant-Financial Light-Year Security Lab at the end of September and published reports say he received a $3000 bounty from Google's bug bounty program.

Six Identity Theft Ring Members Indicted

A federal grand jury has indicted 6 people on charges of identity theft and credit card and debit card fraud. Those indicted are from Virginia and Maryland. The indictments charge them with conspiring to commit bank and wire fraud, conspiring to traffic in contraband cigarettes, and aggravated identity theft. The bank and wire fraud charges carry a potential maximum sentence of 30 years in prison. Aggravated identity theft convictions come with 2-year prison terms.

According to the indictment, the identity theft ring purchased thousands of stolen credit card and debit card numbers, then encoded that information onto forged credit cards. The phony cards were used to purchase items that were then sold on the black market. For example, "cartons of cigarettes. They then resold over 10,000 of those cigarettes to black market resellers for $47 per carton."

The Department of Justice says "laptops recovered from the conspirators included files of thousands of credit card numbers, including 2000 numbers recovered from [one] laptop and over 10,000 numbers recovered from [another]."

Additional information is available on the Department of Justice website.

It's worth noting here that the 6 people indicted appear to be low-level dopes who didn't actually steal anyone's identify, but instead bought credentials that other crooks had stolen and then got caught trying to use them. The pattern is familiar: Law enforement often seems to concentrate on the small fish, who are easy to catch, but allows the organizers and bosses to get away.