The Stories Your Cars Can Tell

We got two cars in the same week in the past month. One was a brand-new Honda CR-V, and the other 2010 Corvette, and both have Bluetooth technology. The Bluetooth was able to tell me more about both cars than anyone might think of. And therein lies a cautionary tale for you, which can apply to any car with Bluetooth that you may drive.

We’ve noted before that Bluetooth settings in car systems can linger for the life of the vehicle, and we’ve cautioned you to make sure you erase all your settings before you turn in a car. Otherwise, somebody can get your phonebook, text messages and anything else that may have come from your phone to the Bluetooth. We saw two examples with our new cars.

The first one was with our new CR-V, which we got because the lease on our Acura was up and because we wanted to try a car with a hybrid system. Apparently, hybrid CR-Vs are not ubiquitous, and our car dealer had to do a swap. We got a “brand spanking new” car with 170 miles on it, which is really not a problem. But whoever drove the car put their own phone into the Bluetooth settings into the car and never erased them. The driver’s cell phone info was still in the car when I got it.

This time, it was not a problem. I have no interest or need for that data, and I simply erased it all by going back to the factory settings. I set my old car back to the factory settings before I turned it in, and as far as I’m concerned, there’s no way that car will compromise my security. I didn’t want to take the chance of being as lucky as the former owners of my new (for me) Corvette.

I bought the car through Carvana, and they delivered it on a flatbed truck – just like in the TV ads. Yes, it’s my midlife crisis car; I’ve always wanted a sports car, and I am enjoying it. But it is a car from another technology and digital technology era, and there was a Bluetooth issue that I didn’t realize until I tried to call home.

When I told the car to call home, it called a number that was not my home. It called a number in Warrenton, VA. When the people there answered the call, I asked them if they once had a 2010 blue Corvette that they sold to Carvana? They said yes, so I identified myself as the new owner.

Before you start thinking otherwise, we had a very nice call. Although I had learned a lot about the car from the Carfax report, they told me how much they had loved the car, how they kept it garaged and how much they hated to sell it because they just couldn’t keep it anymore. We talked about caring for the car and if we ever drive near Warrenton to make sure we stop by for a visit.

They also said they thought they had erased everything in the Bluetooth history, and they were relieved that nothing they left in the car will ever come back to haunt them. But none of us can ever be that lucky. If you’re turning in a car in which you used Bluetooth, you need to wipe the history clean – especially with a rental car.

Why is that important? Here’s just one example. If you called ahead to get a hotel room and need to give your credit card info over the phone, the phone number for the reservation center is there. It’s really easy for whoever gets that phone number to call the same reservation center and make up a story about wanting to confirm a charge on a specific credit card – and entice the call center person to read back the entire number.

If you’re not sure how to get a Bluetooth system back to its factory setting, call us – 973-433-6676 – to walk you through the process. Or, if you have time or are in a different time zone with a huge difference in time, send us an email, and we’ll respond back either with the directions for your car’s system or general steps that are likely to get the job done. You don’t want your car telling stories about you behind your back.

‘Authentically’ Constant Contact

It seems like two of today’s e-marketing dilemmas are getting through spam filters and making it easy for people to respond directly back to you. Constant Contact, which we and several clients use, has always excelled at solving the first problem – and now they’ve solved the second one.

For those with older Constant Contact accounts, there was no way to send a message through your own domain name. Even though, for example, you knew you were getting the email with this newsletter from Sterling Rose, the domain that sent it was from Constant Contact. Because of that, you couldn’t reply directly, and we were among the many Constant Contact users who felt that clients and customers who felt we were losing some contact.

Now, you can use an email authentication key to build your reputation as a safe sender and keep your emails out of the spam folder. The key verifies your outbound email to an internet service provider (ISP) that the message actually came from your organization, or that it was sent on your behalf from an authorized third-party, like Constant Contact. It receives basic authentication, but whether you have your own domain or are using an email address from a free webmail provider, like Gmail or Yahoo, you can choose to add an extra layer of authentication to improve your email deliverability.

Authentication standards were originally developed to reduce spoofing, phishing and spamming schemes involving well-known brands. But as we all have learned, brands big and small are now targets and should be employing some level of authentication to protect themselves. The less your emails can be confused as spam, the more likely an ISP will route your emails into your contacts’ inboxes.

If you have your own domain and are hosting your website through an online web hosting platform, you have three authentication options:

  • DKIM Self-Publish for Authentication – DKIM, which stands for Domain Key Identified Mail, is the highest level of authentication offered by Constant Contact and is the only way for a domain to be aligned with DMARC, which is a policy recognized in the email world. Constant Contact generates the public/private key pair and provides you with the public key while they sign all of your email with the private key.
  • Enable Constant Contact Authentication – If you’re not ready to do authentication with your own domain but want to separate yourself from their shared pool of customers, you can enable Constant Contact authentication to add ccsend.com as a sub-domain to your existing email address. They take care of the authentication records for you, and you can still customize the sender header information that displays when your recipients open your email.
  • Do Nothing – All email sent through Constant Contact receives some form of authentication and you don’t have to do anything extra to receive this service. You get basic authentication to make sure your emails get delivered to your contacts’ inbox, but your online domain reputation is shared in a pool with all other Constant Contact customers.

If you send email from multiple locations, such as Constant Contact, Google apps, and a CRM tool, each location signs with a different private DKIM key. You will have multiple public keys on your DNS to correspond to the private keys. DKIM keys are differentiated by the selector. Constant Contact uses numbers for the selector, but Google, for example, uses letters for the selector instead.

It’s a good idea to test your authentication out before you send out an email campaign because it may take anywhere from a couple of hours to a couple of days for the newly published authentication records to propagate through the internet. Once you have a successful test send, you can start sending emails that help build your reputation.

We can help you with your email communications through Constant Contact by walking you through the setup process or doing the work for you, and we can provide the tests needed to verity the setup is good. Call us – 973-433-6676 – or email us to answer your questions or set up an appointment to start your authentication process.

‘Hello’ to a Better Camera Angle

The next big update for Windows 10, coming to your computer next month or in May, will feature the ability to switch between two webcams. For many that will be toggling a built-in laptop camera and a second camera mounted on a separate monitor. It will help you make better eye contact during meetings. But remember, not all devices are created equal.

The “most equal” device for Windows Hello is the Microsoft Surface, which I use regularly along with another computer and multiple monitors. Its built-in camera is high resolution, but like with all built-in cameras, you get locked into a single direction and camera angle. If I’m video conferencing with a client through my Surface and need to look at data on another monitor, we lose eye contact. We all know eye contact is critical for effective personal communication. It’s why we are more aware of it now that the pandemic has forced us to work from remote locations.

By placing a second camera on the monitor I use for the extra data I need, I’m able to make better eye contact with the others on the video conference.  With Windows Hello, the biometrics make it possible to use facial recognition to essentially “toggle” the camera I’m looking into directly. It can all be configured in the settings for my Surface and a Hello-compatible external camera. It’s all done through the Device Manager settings in Windows.

The key is to make sure your external camera is compatible with Hello. It gives you a plug-n-play setup, and once it’s configured, you can use its facial recognition to sign onto other devices connected through Hello. It’s faster and avoids the need to enter multiple passwords. The benefit of that, too, is that you can use a single, secure routine for logging in on everything. (Remember, one of the benefits of new technology we always push is eliminating the need for passwords.)

If you don’t have a computer or device that works with Windows Hello, you can still use multiple cameras or an external camera with Zoom, Microsoft Teams or other platforms. Most external webcams can be mounted on a monitor – or even a large flatscreen TV – and connected to your computer. A USB connection is most common, and we recommend using the fastest USB connection available. If you have Bluetooth capability in the device you’re using for your video conference, that will give you more flexibility in placing your camera. Either way, you also have the option to mount your webcam on a tripod, with Bluetooth most likely extending your range.

External webcams with Hello and Bluetooth compatibility are readily available for anywhere from $30 to $70. You should look for 1080p resolution because it will work much better for anyone who’s watching on a large TV. Just think of what you like to view when you’re watching a show or streaming content on a large TV. You can even go to 4K resolution, but for most of us, 1080p does very well.

If you don’t have Windows Hello, you can still connect an external camera – even with Bluetooth if your computer or device supports it. You’ll need to go into your Zoom settings and select the camera you want to use. Most people use the built-in camera as their default device. (It’s the same with their microphone and speakers.) However, you have several options with both an external camera and your built-in camera. These include setting the video ratio and – if your camera supports more adjustments – the ability to set a closer (zoom) or wider viewing angle.

Again, not all devices are created equal, so you’ll need to live with the technology you have or upgrade.

We can help you determine what hardware will provide the videoconferencing capabilities you want and help you configure your hardware to maximize its capabilities. Call us – 973-433-6676 – or email us to discuss your needs, your current technology and your budget. They’re all factors in making your system as “equal” as you want it to be.

Why Ford’s Manufacturing Problem is Yours, Too

Ford Motor Company has made a big fuss about the semiconductor shortage. They simply can’t get enough semiconductors to make enough vehicles to meet the demand. Well, they’re not the only ones who can’t meet demand. Here’s how you’re being toppled as the dominoes fall.

This is related to the chip shortages we’ve been experiencing for the better part of the last two years. That caused a scarcity of computers at a time when companies were upgrading hardware to run Windows 10 and then when families scrambled to get computers for online schooling.

Now we have a shortage of semiconductors, which are used in all motor vehicles of all sizes as well as home appliances ranging from microwave ovens to refrigerators to washing machines. We’re also facing shortages of building materials because of all the remodeling and home renovations we’re doing during the pandemic. What that means for anyone doing a major project and upgrading technology is that you’re going to wait a long time to complete your projects, and they’re going to cost a lot more.

What’s happening is that we’re being caught by the law of supply and demand – the first rules you learned about in economics and probably haven’t given much thought to in a long time. Just like with Ford Motor Company, you’re now having to wait a longer time for things you need, and you’re paying more money for them. If you need technology for work or business, your productivity is suffering. If you felt like you were caught between a rock and a hard place before, they’ve tightened their grip

A client who relies on laptop computers for field service techs is caught in one of those untenable situations. The software that makes it all work is tied to Windows 7 – which is still usable but far from ideal. We can’t backload the software onto newer computers because we can’t backload Windows 7 onto them. They really need older, rugged Windows 10-compatible computers, but they’re not readily available – and there’s one more law: the law of diminishing returns.

At some point, it costs more to run old equipment than it does to buy new stuff. The biggest factors are that it becomes harder if not impossible to find parts or tweak the operating system or application software. At the same time, the units’ performance decreases to the point that it affects a company’s bottom line. Supply chain and manufacturing issues have turned these problems into much larger ones.

Another client, who has a Mac, got a PC back from an employee who left the company. The PC is newer, but because everything was stored just on the Mac, we needed to load everything into the cloud and then bring it back to the PC.

That incident reminded me of how our systems have evolved in my time as an IT professional. I used to carry big notebooks and CDs to install drivers and other types of system software as needed by clients. Then, we didn’t need the cases of CDs because we had thumb drives that plugged into a USB port. Today, it’s hard to find a computer that has a CD drive. The cloud is making them extinct.

The cloud is also more efficient. By being able to upload all manner of data and application software to a server, where it can be stored until it’s needed and then downloaded, we’ve dramatically cut the time it takes to do our work. No matter how much somebody might have saved by keeping old equipment and workflows in place, the time has come where the lack of productivity is costlier than the equipment. Shortages of equipment or higher prices make the problems costlier.

Everyone needs to take stock of their technology now, no matter how old or new it is. If you haven’t reached the point of diminishing returns, it may be closer than you think. Even if your technology is fairly new, you need to have a plan to phase in replacements in the most cost-effective manner. That means you need to shop continuously to budget for the most advantageous time to make your moves.

We can help. Call us – 973-433-6676 – or email us to set up a technology assessment and replacement program. You’ll maximize your cost-efficiency and avoid the catastrophic effects of the law of supply and demand.

Satellite Internet Connectivity May Help Those on the Move

Starlink, the satellite-based internet service provider from Elon Musk is generating a lot of buzz. If you hate your current ISP, it’s a promising alternative. If you live in a rural area, it’s an even more promising alternative. And if the pandemic pushed you into a more mobile lifestyle, Starlink could up the ante.

Satellite internet and phone service has been around for a long time, but it’s expensive and not nearly as fast as what you can get from your current ISP in an urban area. Viasat, one current provider, offers the fastest satellite internet speeds – up to 100 Mbps – and the most generous data allowances – up to 300 GB/mo. That runs up to $150/month. If you exceed your cap, the speeds drop. They have an unlimited plan that is $200 per month after an introductory period. HughesNet, the other big player has plans from $60 to $150 per month for 10 to 50 GB/mo. but with speeds up to 25 Mbps.

This is where Starlink enters. They’re hoping to take advantage of your hatred for your ISP (they claim 51 percent of Americans would sign up for their beta program once it’s available), and at first glance, it has an attraction. According to their figures, the average internet connection speed is 57.2 Mbps for $65/mo., an average of $1.13/Mbps. They claim you’ll be able to connect to Starlink at 103.1 Mbps for $99/mo., an average of $0.96/Mbps.

For terrestrial use, Starlink’s target is cities from 45 degrees north latitude (Lake Champlain, Minneapolis/St. Paul and Salem, OR to name a few) to 53 degrees (Calgary and Winnipeg in Canada). That’s way north of where most of you are likely to be. At 40 degrees, you might get some coverage in Newark and New York City. Starlink has already launched 1,000 satellites, but with a plan to have 42,000 in orbit, they have a long way to go. The FCC has approved 12,000 satellites.

But Starlink is not alone. Amazon has plans for Project Kuiper. While it hasn’t gotten off the ground yet, it is pitting Musk against Jeff Bezos. As two of the world’s richest individuals, they’ll be playing us as they square off, but at some point, we might win. Don’t hold your breath waiting for that to happen. Amazon has approval for 3,200 satellites so far and hopes to have half of them launched by 2026.

In the meantime, Starlink is not cheap, either even though it may prove to be a bargain. You’ll need to pay $499 for a dish to use it. For most of us who are landlocked in urban America, we can generally do better with our current ISPs given all the demands we make on our bandwidth with working at home, schoolwork for our children and all those streaming devices we use.

But with the right equipment, Starlink will work in cars – and RVs. That jumps it to the head of the line for us. Before travel was restricted, we drove up and down the East Coast quite often. And anyone who’s run the length of I-95 knows that cell service decreases dramatically once you hit the South Carolina state line. It doesn’t get any better until you hit Florence.

If you have an RV and travel off the beaten path, getting internet service is always a concern. After all, we’re not willing to give up all the streaming capability we have at home, especially if we might still do work from the road. You’ll need to keep your Starlink dish in the car or RV with you.

You can go to Starlink’s website now to order your dish and download the iPhone or Android app for installation. Wherever you hope to use it, you will need a clear line of sight from the dish to the satellite(s).

We can help you decide if Starlink is for you and help you configure your system when it’s available. Just call us -973-433-6676 – or email us for an appointment.

COVID Vax Posts Help ID Thieves

You lock your doors. Security cameras ring your house. And then you post pictures of your vaccination cards on Facebook after you get your injection. We regard our vaccinations as an achievement and an encouragement for others to get their shots. Identity thieves are not gonna miss their shot at mining your data.

Let’s be real. The information on most vaccination cards is minimal: your name and your date of birth. Both pieces of information are likely known to many people and organizations who interact with you, and it’s all readily available on public information websites. We won’t get into how many of you don’t make your year of birth available on Facebook for “privacy” reasons. But you do appreciate birthday greetings.

That said, let’s get back to the vaccination cards. I fall into two groups: 1c for my age and 1b for health reasons. If an ID thief is looking for some way to carry out medical fraud, my info is right there. Looking at my age and 1b status, the thief has the makings of a target. The name and date of birth on an official document validates who you are.

The thief can find my home address. Again, it’s public information, but when it’s added to my “dossier,” it’s another piece of a puzzle. I know I have added more clues about me when I shared some of my hospital visits. By and of themselves, each piece is small, but a thief may have enough to start looking at things just to let me know that they know me.

Then comes the phishing email disguised as an offer about some kind of insurance. If I bite by clicking on a link or opening an attachment, the thief can plant some malware to get a lot more information by mining my data. They might even get into my medical records and have enough info to file a false claim for treatment I never had. They might also lock me out of my records by changing all my login credentials and using HIPPA regulations. In short, I can wind up on the hook to pay for treatment I never had, and I can’t get info about the bill.

It’s one scenario about how big data can be mined – legally and illegally – from one small piece.

You can be vulnerable in other ways.

Let’s say you take a car trip somewhere, and you post a picture that includes your car and shows its license plate number. If your car is desirable, a thief can use your license plate number to trace your address – or maybe start observing you. When you leave the car somewhere, such as in a supermarket parking lot, it’s easy enough to get the VIN number through the windshield and then take steps to retitle your car before stealing it and selling it “legitimately.”

Big data makes these examples possible. There’s a lot more out there all the time, and hackers are more sophisticated. Better software tools allow more thieves to gather and analyze data to pinpoint a target and let them commit a larger number of small crimes that add up to decent money.

Our advice is simple: Don’t put any more of your data out there than is absolutely necessary. Be careful about what you photograph and post. Be careful about how you handle email and about the info you provide – even to legitimate businesses and organizations – by email or telephone. Even with those you know, question why they need certain information, such as your Social Security Number. Use common sense.

You can augment your common sense by keeping all your operating system and application software up to date; updates usually include security patches and bug fixes. Install, properly configure and update anti-virus and malware protection software. We can help you install and maintain software. Call us – 973-433-6676 – or email us to set up an appointment.

Oh, and one more thing: Get your COVID vaccination as soon as you can!

Unlocking Phones of Masked Users

Apple’s upcoming upgrade to iOS 14.5 will make it possible to use an Apple Watch to use facial recognition to unlock your iPhone while wearing your mask. iPhone users without the watch and Android users will still have to jump through hoops to unlock their phones while masked. A year into the pandemic, we have to ask: Why has this taken so long?

Biometrics have long played a role in being able to unlock a cell phone. The first systems used a fingerprint for touch ID, and it has been a bellwether. Many cell phone users still rely on it. Face ID came along next, and many cell phone users rely on it to unlock phones quickly and easily. It’s as good as unencumbered gets.

But with COVID-19 and mask wearing, Face ID doesn’t work. If you want to use the technology while complying with public health needs, Face ID is about as cumbersome as it gets. The less-than-ideal workaround is something like this:

  1. Go to the Face ID option in the settings.
  2. Register for an alternate appearance by going to Set Up Alternate Appearance (or the Reset Face ID).
  3. Take a mask and fold it in half. Assuming the nose as the center point, put it in front of your face. It is recommended that you cover only the tip of the nose with the mask.
  4. Start registering your face like you normally do with the Face ID.  When the system prompts with a message “Face Obstructed,” start removing the mask very slowly until the system says move your head slowly to complete the circle.
  5. Once the process is done successfully, you will get a message that the Face ID is set up.

If this doesn’t work the first time, you’ll need to retry it. You may need to try another trick, such as selecting an alternate appearance option if it’s available.

Apple contends you should use a numeric code to unlock your phone while wearing a mask. They also note that manipulating the Face ID software could compromise your phone’s security. Most likely, they’d prefer you get an Apple Watch if you don’t already have.  

Once your iPhone is running iOS 14.5 and your Apple Watch has WatchOS 7.4 installed, you can turn on Unlock with Apple Watch with a few taps. Open the Settings app on your iPhone and then select Face ID & Passcode. Next, scroll down until you find the section titled Unlock with Apple Watch. The name of your Apple Watch should be listed there. Next to it is a toggle to turn the feature on or off. Slide that switch to the On position and then back out of the Settings app. 

Whenever you’re wearing a mask, all you’ll need to do is hold your phone up as normal to unlock it with Face ID. You’ll feel a haptic tap on your wrist, letting you know your watch was used to unlock your phone. The alert on your watch will also include a button to lock your phone in case it was unlocked by someone else. It’s a security feature to ensure someone else doesn’t pick up your phone and unlock it while wearing a mask.

You can expect to see iOS 14.5 in April. As the release date gets closer, we’ll pass along whatever we find out about other security features. Once it’s available, we’ll be on hand to help you configure your watch, phone and iPad if need be. Call us – 973-433-6676 – or email us to find out what you’ll need to upgrade your iOS security.