Is Google double dipping? It is selling a premium priced phone, like Apple, but still wants our data:
Re Register points out:
All that changed in 2016 as Google adopted the Pixel brand instead and poured hundreds of millions of dollars into marketing. This entailed a significant price hike, what we called “the Mountain View equivalent of the Cupertino idiot tax”. It was an, um, interesting decision.
In its splash screens Apple says it believes “privacy is a fundamental human right”. But it can afford to: Apple merely sells overpriced hardware and doesn’t use your data for targeting advertisements as its main source of income. The Apple “tax” is the price you pay for privacy. With Pixel, Google wanted to keep Apple inflated margin and slurp up all your data, too?
It seemed a lot to ask, especially since the first 2016 Pixels were good without being standout attractive.
Using a Chromebook Offline is not as simple as turning WiFi off and expecting it to work. There are a few steps to guarantee a smooth transition to offline.
Google has made huge strides with the Chrome OS operating system, ensuring the Chromebooks can work effectively offline. Microsoft’s ill fated Scroogled campaign tried hard to make Chromebooks look like bricks when not connected to the Internet, and initially, that was true. Today, a Chromebook can work effectively offline.
“Using a Chromebook Offline is not as simple as turning WiFi off and expecting it to work”
I created this document a few minutes ago, while sitting in a bus far from WiFi.
I am listening to music played by the ChromeOS media player, and typing in a Google Document. I have successfully used Google Docs completely offline for a week to prove the reliability of Drive/Docs over a long period.
From startup to offline use are from six to ten steps, depending on what apps you use. Let’s have a look at six of them.
The first thing to remember is that a chromebook does not run background processes like Windows, or a mobile phone. Drive, Keep, Gmail Offline, and Google Books only run when they are opened in a tab. For example if you use Keep on your phone, tablet and Chromebook, you MUST open keep on your Chromebook for it to update with changes made on your phone.
“Drive, Keep, Gmail Offline, and Google Books only run when they are opened in a tab.”
I use Keep frequently as a note taker on my Android phone. The ability to capture a quick note as a voice recording is exceptional. But if I want to access those notes on my Chromebook I must open Keep while I am connected to the Internet, so the Keep tab can update. I does not happen unless the Keep tab is opened.
This applies to Drive, Gmail and any other app that shares or syncs data with other devices or cloud services. If you rely on these apps and are frequently away from a network, pin the tabs and keep them open all the time.
Lets step through the things you need to do to use a Chromebook offline. I assume you are logged in, and have an Internet connection. If I describe a service you do not need or want, go to the next item. This is based on my personal useage.
1. – Open Keep. You are done. Keep is a simple but powerful note taker, and it synchronizes automatically and continuously. If you have a lot of notes in keep it may take a minute to download everything. This is it for Keep! I suggest you pin the tab, or open it as a separate window so it stays up to date.
2. – Open Google Drive. Go to settings and select “Offline” and wait for it to sync up. This can take a while. If you only store Google docs, sheets, slides and drawings, you are done.
3. – Open the Files app. If you want to save non gDocs in drive, there is another step. You must open the Files app, find the files you want to save locally, and right-click each one and tick “Available offline”. Optionally, if there are a large number of files, copy them to a USB or SD card, and open them from there.
4. – Open Google Calendar. In settings, select “Offline” to enable offline access to the Calendar app. This will sync all current appointments. It will NOT allow you to add new entries in your calendar at this time. But usually, you will be offline because you are travelling, so your calendar should have the information you need in it beforehand.
5. – Open Gmail Offline. Go to settings and select offline. and decide how much e-mail you want to store. I delete everything not vital, so my mail store is small, I select the longest time available, one month.
As Gmail Offline syncs, it starts from the latest, and saves backwards, giving a running update on how much it has stored. You can read, delete, and create mail while offline, but, obviously, nothing is sent or updated on the web until you are back in range of WiFi.
The Gmail Offline app also saves starred messages. I am looking at a package dispatch notice sent to me four years ago, that I starred at the time. This app is not my favourite, but it works fine. One gotcha is that it does not download graphics, so if you have email that is heavy on graphics, it will not be readable offline.
Some people who have multiple gmail accounts use Gmail Offline for one account, so they can have two accounts open without having to log out of their main account in Chrome OS.
6. – (Optional) Open Google Books. You may not use Google Books, but I find it a wonderful resource. Not only does the Google Play Store sell many books cheaper than Amazon, but any ePub that does not have DRM can be uploaded from your local machine. I have purchased books from Baen and other publishers, and downloaded many from sites such as Project Gutenberg. Some of my Favourite Sci-Fi authors are available on Google books, but not on Amazon. And books purchased on the Google Play Store can be downloaded and used in other e-readers if they do not have DRM added.
I read most on my Nexus 7 tablet, but the Chromebook also provides a good reading experience. Simply look at “My books” hover over the ones you want to take with you, and select “Make available Offline” to download it. I currently have eight books available on my Chromebook.
Google Books will synchronize the reading locations, and my copious highlighting and notes between the Chromebook and any Chrome browsers I use, and my Android Reader apps in seconds. I highlight and take notes on the Chromebook, it is easier with a mouse and keyboard. I can then read and see my notes in seconds on any other device. It is a great study tool.
At this point, your Chromebook is ready to be used offline. Any time you have a connection, simply open the Keep, Drive, Gmail Offline and Google Books tabs, and they will sync.
I use a number of other tools, but what else you use is a matter of personal preference. One tool I think is irreplaceable for me is Pocket.
7. – (Optional, Bonus) Open and Synchronize Pocket. Pocket allows me to capture content from any web site, and read it later, offline. I can access it on my Chrome or Android device for offline reading. I often capture news articles, blog posts and other content relating to articles I am working on. I also often capture articles that I want to read later, when I have more time.
The “Save to Pocket” addon puts a button on the browser toolbar. Clicking on this saves the article to Pocket. Tags and annotations can be added. Then, when the Chrome App is opened, it downloads all the articles to the local machine for offline reading. I currently have several hundred articles saved in this fashion. Not everything works offline, searching does not work, but usually I have no trouble making things findable.
So that is the basics. Most people will want other apps and tools, and there are many that work offline. I will discuss some of them in future posts, and some have already been discussed.
Recently a friend visited to ask my advice on a chromebook for his father.
He had visited Harvey Norman, A major Australian retailer. While they had several chromebooks in stock the Harvey Norman salesman were very dismissive of the product and told him that in a year they have not sold one. I found that hard to believe since I have personally bought two chromebooks in that store.
The problem for Google (and users) is that salesmen have very little incentive to sell Chromebooks because low cost means small commissions. And retailers train sales staff to sell the items with the biggest profit margins.
The Chromebook is an appliance like a television set, you simply plug it in and it works
The Chromebook is an appliance like a television set, you simply plug it in and it works. You do not buy antivirus software, Microsoft Office or any other of the other big ticket items that make a salesman’s day. So any salesman, seeing mom and pop walk into the shop will upsell them using brands and names they know. While it is ageing and tarnished in the tech. world, Microsoft Windows is a well known brand. For the non-technical person, the advice of a smiling salesman combined with a name they know, Apple or Microsoft, will convince them.
You do not buy antivirus software, Microsoft Office or any other of the other big ticket items that make a salesman’s day.
The result will be inevitably that’s for Google to succeed with chromebooks they will have to be sold online not through retailers who simply have no incentive to sell them.
This may well mean that for these brick and mortar retailers the day will stay with windows and Apple devices until the market gradually withers and dies and then find that they have lost out to Google and online retailers forever.
I visited Harvey Norman myself the next day, and received the same dismissive response to Chromebooks. The HP 11 original version is my favourite computer. To my delight, I found they had two in stock, reduced almost to half price. I picked one up for my son, with the intention of pensioning off and old Samsung Chromebook.
Before filling out the paperwork the salesman looked at me over the top of the beautiful molded box and said “You do realise that a Chromebook is not a REAL computer…” I assured him I knew EXACTLY what a Chromebook was, and left with a half price Chromebook.
At 11:45 this morning I walked out of my office with my HP Chromebook 11. I had synced drive and offline Gmail, Calendar, Evernote (the Android app.) and Pocket. I have opened Keep, StackEdit, and other apps that I use while online, allowing them to sync up. Then I turned WiFi off.
“At 11:45 this morning, I turned my Chromebook’s WiFi off. It will stay disconnected for a week”
I will not connect this Chromebook to the Internet for a week. I will write using Drive and Docs, and do all the work I normally do on my Chromebox on this device.
The purpose of the experiment is not to live without the Internet, but to test the reliability of Docs, Drive, Keep, and other tools for a long period of disconnection. Will they be reliable? Will I lose work? A common criticism of Chromebooks is that they do not work offline. That myth has been debunked repeatedly, but the question remains, just how safe is a Chromebook if it is offline for a prolonged period?
“The myth that Chromebooks don’t work offline has been thoroughly debunked…”
To protect my week’s output, I will copy and paste text into QwertyZen or StackEdit and save to a USB stick in case of total disaster.
The first loss, of course is that spell checking does not work in offline Docs. I will have to wait until I am back on-line, or copy text to another editor that does spell checking offline such as StackEdit, QwertyZen, or Write.
One drawback with gDocs (Google Docs) is that they cannot be copied and pasted to a USB drive or otherwise accessed outside Drive. And another drawback is that non Google files, like .txt, .json or .html are not syncronised automatically. These non Google documents can, however be saved to a USB stick or Dropbox, Onedrive or a Windows share for storage. They can also be set to save locally and synchronize using the ChromeOS Files app. Simply save the file to Drive, find it using the Files app, right click and check “Available Offline”. This will need to be done in each instance of drive where you want this file kept, it does not propagate across machines.
I will update my progress periodically. I do not expect to have a problem, but time will tell.
This post was writted as a Google Doc, formatted in StackEdit, saved as HTML to a USB drive and uploaded via my Chromebox.
When I started my Chromebook this morning I discovered that Google had added a powerful new feature. I can now use my voice to type in Google Docs. Impressed when I was wondering if it would work on a Chromebook. and particularly how accurate it would be, as I have found that most voice activated systems tend to work very poorly. I spend more time editing and correcting then I would have done if I had typed the entire article myself.
To my surprise I find that Google Voice typing works almost flawlessly. the only fault I have found is that the words new line tend to be interpreted as a new lawn, and I do not get the new line that I was asking for unless I speak very clearly, probably my Australian drawl.
As an example of how accurate the voice recognition on Google Voice typing is I have produced this entire article using Google Voice with no editing at all.
While this is incredibly useful for writers like me who I slow on the keyboard or in my case have a problem with a shrinking tendon in my right hand, I can only imagine what the future will bring for those who are visually impaired or physically impaired when Google can expand this technology to make a Chromebook completely voice activated.
I have literally not edited a single word in this rather short post about Google Voice typing. I have been a little careful with the pronunciation of words but other than that I have SAT with my arms folded and talked the whole piece.
I am absolutely amazed at the accuracy of Google Voice at the top of the screen is a message telling me we are having trouble hearing you and yet it is continuing to record my words with great accuracy.
Additionally in each sentence words are underlined in gray and if I right click I get an option of Digimon and word was several words that might have been what I meant at that point if I had been misinterpreted.
Strangely I find it very difficult to compose as I speak. when I type I have more time to think through what I want to say and therefore, I am sure write better than I speak. Or as I should have said more accurately.
Punctuation is limited to only a few options which I will now cut and paste in because there is no way I can do them using the voice recognition system.
Google Voice typing has arrived with very little fanfare, but I suggest it is going to be one of the most important features in Google Docs in the future. I have tried other voice recognition systems for riding and found them all extremely frustrating. This is working very smoothly.
You want your documents and data to be secure, accessible everywhere and easy to access. As the saying goes, You can have any two of those requirements you want, but never all three at once. It is simply impossible to have all three. Unfortunately, most people choose easy over secure, and then complain bitterly when their documents are stolen and made public. Or simply deleted.
The dream of instant access to all of you documents is now a reality with cloud based services such as Google Docs and Drive, Dropbox and a host of other services.
You can sit down at any computer or tablet and access almost all your documents immediately.
But there is a downside to that. Others can also access documents from the cloud if they have your login details. They can access your documents if they can access your computer.
So how do you ensure the security of cloud hosted documents? Let’s look at the ups and downs of adequate security.
1. Choose a Good Password
Number one on the list is the level of security we have on our cloud account. The most obvious question is, how good is your password? If your password is 123456 or monkey, secret, letmein or similar, you have a major problem. Security breaches over the last few years have resulted in millions of passwords being leaked. These passwords have been analysed by both good guys and bad guys, and now everyone knows the million or so most used passwords.
For the curious, I have listed the 12 most common passwords of 2013. If you are using one of these, bow your head is shame, and know that any time a hacker wants your data, he will have it in minutes…
Clever passwords are not so clever. If you think s3cret is more secure that secret, think again m0nkey and monkey are pretty much the same when someone decides to use a password list of a million common passwords to crack your account. Use a long, random, different password for every site you visit. If you cannot remember passwords, use a password manager app or plugin for your computer or browser. I use Lastpass, and have had no problems with it. I let Lastpass generate passwords for me. Lastpass is highly respected, well designed and a Trust No One (TNO) app. Lastpass cannot give your passwords to anyone, because they do not have them. they are encrypted for everyone but you.
Don’t Save The Password on Your Computer. Do NOT write your passwords down in a file named Passwords and save it on your desktop. Just read about the Sony hack to find the down side of that approach.
Add Two Factor Authentication
Then, for better security add two-factor authentication.
For Google, Dropbox and Lastpass, and many more online services, an authenticator app like Google Authenticator or Authy work perfectly. I prefer Authy because I can make it require a PIN when it starts up. There is a little effort involved in getting an Authenticator working, but they are well documented. Just be prepared to spend 10 or 15 minutes setting it up on your devices
You need the app running on your phone or tablet, preferably both, and when you log into your cloud service from a new computer, or every few weeks, you must authenticate by providing a six-digit code that changes every 30 seconds. This means you need the password and the mobile phone with the authenticator to log into your cloud account.
Print out a few “Get out of jail” keys so you can log in without your device in an emergency. But secure these printed keys well. See the documentation for your cloud provider.
Secure Your Computer, Phone and Tablet
This makes it very difficult to get into your cloud accounts from another computer. However is someone steals your laptop, phone or tablet while they are unlocked, they will have access.
So make sure you have a password or PIN that is strong enough to keep a thief out. Ensure that a PIN or password is required to access your computer whenever it starts or comes out of standby.
Remember, if someone steals your phone and can access your cloud accounts and your Authenticator, they can change the password. So keep that phone or tablet secure.
I always close the lid of my laptop or HP Chromebook 11 when I walk away from it is a shared space. In fact I rarely get more than a couple of meters away in public or shared space.
I have made a habit of putting everything into a pocket or bag when I put it down in a public or shared space. Basically I treat a laptop, phone or tablet the way I treat cash. I NEVER leave it lying around unattended.
Here is an example of why…
If you work in an office or have a desktop computer, make sure you lock it when you get up and walk away. Having a screensaver that locks it after a few minutes is probably enough in an office environment. I work largely alone in my home office, so I simply set
the screensaver to come on after five minutes. If I was is a co-working space or an office with a lot of people, I would (and have) activated the screensaver manually when I walk away. This is easy to do on computers running Linux. I think it also an option on later versions of Windows. On Chromebooks and Chromeboxes, it is in the bottom right corner of the status window.
Remember the simple security rule. If someone can access your unsecured hardware, they can do pretty much anything. A running, logged in PC is the crown jewels for a thief. Don’t assume everyone in your office is trustworthy.
Follow these three steps, and you will be well on the way to having secure and safe access to your cloud based files and documents.
There is a price. It takes a little longer to log into your account, there is a bit more friction. But after a few days it becomes second nature.
A modern business of ANY size is largely the sum of it’s data and documents. Keeping them safe and private is crucial for the survival of your business. Are you safe if you use Google services?
Security in the Post Sony Hack World
The Sony Pictures hack has shone the spotlight on the security issues posed by Internet connected systems, particularly those using Windows desktops. Sony, it will probably be revealed, got hacked via a spearfishing attack. Spearfishing is aiming a carefully crafted attack at an individual using personal information to make the attack seem like an email or document they expect, know, or want. Once they have allowed it into the network, lax security procedures and poor passwords gave them access to everything. However they got in, poor security procedures will ultimately be revealed to be the main culprit.
Passwords were stored in unencrypted files named “passwords”. Thousands of email messages stored in Microsoft Outlook .PST data files were copied. massive numbers of documents were just copied off the Sony servers and out to the web. It is obvious that security was lax, but the reason all this was copied is basically that it was all sitting on Sony servers, and the passwords were weak or available to the hackers.
This was a failure of the classic server-client network on a huge scale.
Security in the Google Cloud World
On the other hand, a business that keeps it’s workers on Chromebooks and stores data in the cloud is going to be in a better position to defend it’s data.
The documents, spreadsheets and mail are all stored on Google’s secure and backed up servers. Access is via individual user passwords. Documents can be private, shared with individuals, shared with domains (everyone in the business) or publicly.
There is one huge security advantage to this. Instead of documents being emailed around the company, they can be shared via email. This means that all that is sent is a link. A document in an email can be forwarded, copied and stolen. The document link will only work for someone logged into Google Drive as the recipient of the document. Anyone else that gets the link will not be able to access the document. This is a huge step up from emailing documents.
An Example of the Dangers of Sending Documents
Some time ago, I worked for a very large organization that used Microsoft Office. Everyone used Outlook for email. People inside the company sent contracts, proposals, memos and other documents as Word documents attached to emails.
In one large department, Instead of saving documents on the corporate servers, they began to go back to Outlook to find the last version of the document and worked on that. Then they sent it or saved it back to Outlook. Corporate data was not being saved on the file servers. Outlook .PST files grew to huge sizes.
Then, one Sunday night, the mail server for that department ran out of disk space. It tried to alert the Sysadmin, but there was no space on the server to process the email. The whole system collapsed at 2:35 AM and no-one knew anything was wrong until they arrived for work on Monday.
The lack of disk space had also prevented backups from running properly. Tape backups had failed weeks before, but no-one had checked the logs. It took two weeks to get the mail system running, and many users had lost hundreds of documents and revisions of documents. Some lost their entire email history, address book and calendar. For weeks, email flew around the organization begging for recent versions of contracts, proposals and other documents to be sent back to the originators. The fallout went on for a year or more.
As the Sysadmin for my department, I began monitoring the size of Outlook data files, and began delivering scathing warnings if they began to grow to large.
It was a lesson I never forgot.
And the Winner Is…
If Sony had been using Google cloud storage, how may this have played out?
E-mail would have been protected by storage in Google’s cloud. Google mail is accessible by web browser. The connection to Gmail is by a secure HTTPS connection. This would have made intercepting e-mail difficult to impossible. Attachments would have been replaced by links, and not accessible to the hackers without the relevant passwords. Email would have remained secure as long as passwords remained secure.
I have mentioned secure passwords a few times. A cloud based solution needs good password security. Sony obviously were using bad passwords and poor password procedures.
For Google Docs (the business version of Drive) User policy is controlled centrally by the Administrator and allows policy like good passwords and two factor authentication to be enforced.
A corporate account with Lastpass would have saved a lot of grief. Lastpass creates and stores secure passwords. Instead of using “Monkey” or “123456” everywhere, Lastpass will generate a real, unique and secure password for every site and then store it for you. Every time you visit that site while logged into lastpass, it will paste the password and username into the browser for you.
And even better, it is really secure, really cheap, and uses two factor authentication.
Singing the Praises of Two Factor Authentication
Two factor authentication simply means you need something other that the password. The password is easily stolen, but a second form of identification means the password is not enough
The second factor or token can be one of those key-ring devices that shows a number every thirty seconds, a fingerprint, a retinal scan, or a usb dongle that has to be plugged into your computer before you can log in.
Every teller at my bank has to swipe a card and type a password before they can use a terminal. That card is their second factor.
The simplest one for most of us is an app for our phone or tablet. I use Google Authenticator. I have registered my Google Mail account, and when I login, I have 30 seconds to type in the six digit number displayed on my phone or tablet. I also have a sheet of six emergency codes. I keep that paper very safe, and have never had to use it. I always have a phone or tablet in range when I sit down at the computer.
The Cloud IS Secure
As we can see from this, using a cloud service like Google Docs is no less secure than storing everything on a local server.
Is it absolute security? No. No-one is even sure such a thing exists. It is all relative.
If the FBI, NSA, ASIO or GCHQ want your data, they will get it. But Google is working hard to make this process more difficult for them, and is making great strides.
This is a low friction, low cost option to provide secure storage and sharing of your data with high reliability, and no cost for a big IT team to keep it working.
REALLY Secure Information in the Cloud
Some things really are secrets, rather that just private. There are ways to put the absolutely most secret things in the cloud to. They just require a little work to get them there.