Archos Smart Home Review

Archos LogoThese days it’s either i-this or smart-that with new gadgets measuring and changing our personal environment. From Fitbit to Philips Hue, the internet of things is steadily growing and into this increasingly connected world, French firm Archos have stepped in. Their Smart Home tablet wirelessly connects sensors to a central hub that monitors and initiates actions based on conditions. Archos kindly lent me a Smart Home to raise the IQ of my house. Let’s take a look.

Archos Smart Home Box

In the box there’s the Smart Home tablet, plus six connected objects; two mini-cams, two movement tags and two weather tags. The tablet itself looks much like a digital photo frame but it’s actually a small 7″ device running Android 4.2.

Archos Smart Home Front View

Archos Smart Home Rear View

In the looks department, the Smart Home tablet fits the bill with styling that wouldn’t look out of place in a living room. It is all plastic, including the screen which seems to be acrylic rather than glass, but perhaps will better withstand being knocked. Some thought has been given to the design as the screen’s viewing angle appears to be have been adjusted slightly so that screen looks good when someone looks down at it, rather than straight on. There’s only about 2.5 GB of free memory on-board but there is a microSD card slot to boost the Smart Home’s capacity. Performance-wise, it’s no speed demon with a 1.2 GHz ARM processor, but as most of the time the Smart Home just sits there receiving data, it’s a not a big deal. A camera and a thermometer are built into the tablet too and these can be used to take pictures and measure the temperatureas well as the connected objects.

The connected objects are shown below with the mini-cam, weather tag and movement tag from left to right. All have sticky pads which allow adhesion to flat surfaces round the house. The mini-cam ball is held in the foot by magnets and it means the ball can oriented in almost any direction. The weather tag measures temperature and humidity, and the movement tag can measure both motion and door opening / closing.

Archos Smart Home Sensors

Getting setup is easy and straightforward. Running the Archos Smart Home software initially asks for the different rooms where devices are located.

Smart Home Rooms

Once the rooms are setup, the connected objects can be added into the relevant room. The objects use Bluetooth rather than Zigbee and pairing is simply a case of holding down a button on the connected object for 5 seconds. It worked flawlessly. The pairing screen shows all the objects available, not only the ones in the box.

Accessories

Once all setup, the Smart Home tablet presents a view with the room and all the objects in the room.

Hall

In the Hall, I had two mini-cams, a weather tag and a movement tag. Tapping on any device in the app then gives more data or information – here’s the weather tag showing data over the past week for both temperature and humidity.

Temperature and Humidity

Great but how do we get from monitoring the weather to doing something smart? Archos have the answer by building simple “if this, do that” programs. For example, if temperature falls below two degrees Celsius, email to me “It might be slippy.” Or more usefully, if the door opens, take a picture and send an email – like this.

Program

Sure enough, when the front door is opened, I get an email (my personal email is address is obscured by the black box).

Mail

 

The mini-cam also takes a picture (or a short video) but they won’t show a live feed, presumably because Bluetooth can’t transfer the data very quickly. You’ll notice one of the slight problems….the Smart Home doesn’t really take pictures fast enough as in many of the photos the person who opened the door has already moved out of shot. These are all real life photos, nothing was staged. A mini-cam positioned further down the hall generally did better at getting people entering the property.

Minicam Pictures

Out of the box, there’s a fairly limited range of actions such as send email, turn on plug and so on, but Smart Home can use the Tasker app to do more. Tasker supports a wide range of actions, including starting other apps, which makes it quite a powerful solution. However, even this simple email-me-on-the-front-door-opening is useful when wanting to know if someone has arrived home safely (or a thief has broken into your house!)

Other nifty features are that the Smart Home can be accessed from other tablets or smartphones. After a straightforward authorisation process, the system can be viewed from other devices both inside and outside the house. Here’s what it looks like on my smartphone.

Smartphone View

Overall, the Smart Home worked well, mostly sitting on the table doing its job. I did find that I mostly used my ordinary tablet (a Nexus 7)  to work with the Smart Home rather than picking up the unit itself. I set the Smart Home tablet up as a digital photo frame using the standard Android Daydream screensaver to fit into the room.

There were a couple of problems, the first being the range and penetration of Bluetooth. I live in a modest house with brick walls which meant that the weather tag at the rear of the property couldn’t be picked up if the Smart Home tablet was in the front room. Secondly, battery life – the mini-cams seemed get through a set of batteries in about a fortnight and each one took three CR2450 button cells. The movement and weather tags weren’t quite so bad – perhaps a month and only one battery. As an aside there’s no way of muting the low battery warnings that appear in orange on the screen. A connected object could be disconnected but that deleted the historical date at the same time.

Bizarrely, the other problem was how I felt about spying on my family, which is not anything to do with the Archos Smart Home, so I’ll save that for another post. I can see the Smart Home working for families with children that come home when the parents are still at work and the email notifications would give any parent a measure of comfort that their son or daughter is home safe.

The Smart Home costs GB£199 from Archos’ online store. Other additional connected objects are “coming soon”, including an HD weatherproof camera and a siren tag. In summary, the Smart Home is a well integrated system that has room for expansion with more types of connected objects but watch out for the limitations of Bluetooth range and battery life.

Thanks to Archos for the loan of the Smart Home.

 

Kwikset adds Remote Unlocking to Kevo at CES

Kwikset KevoThe Kwikset Kevo is a deadbolt lock that uses Bluetooth communication as well as a physical key to lock and unlock doors. Currently it only works with Apple iPhones but it looks really cool. You walk up to the door, touch the Kevo lock, the lock checks your eKey on your phone and the door opens. There’s a whole host of clever features based around eKeys which can be transferred to people you trust and owners can receive notifications of when the lock is opened. The glossy video below shows the main features of the Kevo.

The Kevo has been available for a few months and at CES, Kwikset are responding to customer feedback with new enhancements to the Kevo lock system. The Kevo Bluetooth Gateway will be available in the summer and the unit will allow owners to remotely lock and unlock Kevo using their smartphone, say when a relative visits from out of town or a neighbour unexpectedly needs to feed pets.

Kwikset is quickly expanding the value Kevo delivers to current and future owners through a series of Kevo technology advancements, beginning with remote functionality, based on the desires of today’s consumer” said Keith Brandon, director, residential access solutions. “Kevo continues to be the breakthrough smart lock technology on the market, gaining recognition from the CES Innovation Awards, among many others.

As you might expect, the Kevo locks don’t come cheap at around US$220 but it looks like a neat solution and once Kwikset (a) get it working on Android and (b) produce a UK version, I might well be interested.

Two Million Passwords Stolen by Hackers

Trustwave logoOn November 24, 2013, researchers at Trustwave discovered that hackers have obtained up to 2 million passwords for websites like Facebook, Google, Yahoo!, Twitter (and others). Researchers learned this after digging into source code from Pony bonnet. It appears that information about this has only been made public very recently.

Here’s some quick stats about some of the domains from which the passwords were stolen:

* Facebook – 318,121 (or 57%)
* Yahoo! – 60,000
* Google Accounts – 54,437
* Twitter – 21,708
* Google.com – 16,095
* LinkedIn – 8,490
* ADP (a payroll provider) – 7,978

In total, Pony botnet stole credentials for: 1.58 million websites, 320,000 email accounts, 41,000 FTB accounts, 3,000 remote desktops, and 3,000 secure shell accounts.

According to Trustwave, around 16,000 accounts used the password “123456”, 2,221 used “password” and 1,991 used “admin”. Now is a good time to go change your passwords into something strong and secure.

Doing so won’t make it entirely impossible for hackers to crack it, but it could make it more difficult. Trustwave noted that only 5% of the 2 million passwords that were stolen had excellent passwords (meaning the passwords had all four character types and were longer than 8 characters).

AVG Android Social Apps

AVG LogoToday’s Android apps from AVG are aimed at social media users rather than performance junkies whose needs were covered yesterday. AVG has two apps in this space, Image Shrink & Share, and Privacy Fix. Very different apps themselves but both are worth a look..

AVG Image Shrink & Share works on the premise that the average smartphone camera takes photographs which are unnecessarily large for social media purposes. Most people can’t be bothered to downsize the photos and risk incurring bandwidth charges by uploading the large photos anyway. Image Shrink & Share solves this problem by resizing photos on the fly before passing them onto the relevant social networking app. The original photo is not affected and stays on your phone or tablet.

Here’s how it works. Let’s say you want to share a photo on Facebook. You review the photo in Gallery or Photos as normal. Hit the share icon and choose AVG Image Shrinker instead of the app you would normally use (it’s on the left in the screen shot which is from the new Photos app which has a different layout and background).

AVG Shrink & Share Apps Onward Sharing Apps

Then you are prompted for the final app that you want to use to post the photo, say, Facebook or Google+. Image Shrink & Share resizes the photo based on your default selection and then passes it on to the social media app (or other app) for comment and posting.

You can setup the default size for each application individually in the Settings menu. If you turn an app off, it doesn’t show in the second list presented by Shrink & Share, so it’s a useful way to declutter your sharing screen as well.

Social Media App wpid-Screenshot_2013-11-11-18-53-01.png

In practice, I found that it worked very well and solves the problem very neatly. Images resized correctly and looked good. If I had one suggestion, it would be to have a native resolution option on the resize settings so that photos can be passed through without alteration. I know that it’s not strictly necessary as I can simply choose to share directly to the app, but it makes the process consistent.

Overall, if you post lots of photographs to social media sites, this is a must-have app. Personally I’ve found it handy for uploading images to WordPress as it has a 2 MB limit on photos, so AVG’s tool gets round that problem for me.

Moving on, AVG PrivacyFix is less about sharing and more about controlling your exposure on Facebook and Google+. It’s a complementary app to the PrivacyFix website which covers LinkedIn too, but the app currently only looks at Facebook and Google+. It’s simply a case of giving the app access to your accounts after which PrivacyFix will make some comments and recommendations.

PrivacyFix Start

Here are the recommendations PrivacyFix gave me for Facebook and Google+.

PrivacyFix Facebook PrivacyFix Google+

You can tap through each and PrivacyFix will give you some information on the impact of changing the option and if you wish to proceed, show you what was done. Here’s some info on turning off Search History and then the output from opting out of ad tracking.

PrivacyFix Implications PrivacyFix Ad Tracking

AVG PrivacyFix is another great app. It’s certainly not one that you are going to use everyday, but it’s definitely worth running every month or so to check that your exposure on social media is at an acceptable level. Clearly you can use the PrivacyFix website to cover LinkedIn, but I hope AVG extend the Android app to cover LinkedIn and perhaps others such as Twitter, Flickr, Instagram, etc. I also think that this would be a great tool for parents to check the privacy settings on their children’s accounts and that’s a feature that AVG ought to promote directly within the app and website.

Both Shrink & Share and PrivacyFix are free apps, so go ahead, download them from Google Play and try them out.

Unprotecting Excel Spreadsheets Without The Password

Microsoft Excel LogoSpreadsheets and Microsoft Excel in particular are great tools for any kind of numerical analysis, but they’re good for handling and storing other data as well. I seem to recall a survey a few years ago that Excel was the #1 database in the world with Access, Oracle and SQL Server lagging very far behind. Of course, it all depends on your definition of a database but the point is made.

Excel has useful features for developing forms and hiding information so that it’s easy to create mini apps which take user entered information, combine with data stored in the spreadsheet and provide an answer. Some of the spreadsheets are very sophisticated and Excel offers a “protect” feature that locks down a sheet (or workbooks) and prevents unwanted meddling or fiddling with the data. The protect feature even lets the owner set a password so that the more determined meddler can be thwarted and confidential data kept confidential.

Except it doesn’t. Any protected Excel spreadsheet can be unprotected in three steps. Here’s how.

With the Excel spreadsheet open,

  1. Press Alt + F11 (or go to View Code in the Developer’s Tab)
  2. In the window that appears, paste in this code (courtesy of University of Wisconsin-Green Bay)
    Sub PasswordBreaker()
        'Breaks worksheet password protection.
        Dim i As Integer, j As Integer, k As Integer
        Dim l As Integer, m As Integer, n As Integer
        Dim i1 As Integer, i2 As Integer, i3 As Integer
        Dim i4 As Integer, i5 As Integer, i6 As Integer
        On Error Resume Next
        For i = 65 To 66: For j = 65 To 66: For k = 65 To 66
        For l = 65 To 66: For m = 65 To 66: For i1 = 65 To 66
        For i2 = 65 To 66: For i3 = 65 To 66: For i4 = 65 To 66
        For i5 = 65 To 66: For i6 = 65 To 66: For n = 32 To 126
        ActiveSheet.Unprotect Chr(i) & Chr(j) & Chr(k) & _
            Chr(l) & Chr(m) & Chr(i1) & Chr(i2) & Chr(i3) & _
            Chr(i4) & Chr(i5) & Chr(i6) & Chr(n)
        If ActiveSheet.ProtectContents = False Then
            MsgBox "One usable password is " & Chr(i) & Chr(j) & _
                Chr(k) & Chr(l) & Chr(m) & Chr(i1) & Chr(i2) & _
                Chr(i3) & Chr(i4) & Chr(i5) & Chr(i6) & Chr(n)
             Exit Sub
        End If
        Next: Next: Next: Next: Next: Next
        Next: Next: Next: Next: Next: Next
    End Sub
  3. Press F5 (or click Run) and wait a minute or so…..hey presto, spreadsheet unprotected.

On my modest PC it takes about 80 seconds to crack the password and it seems to come up with a password such as AABBAAABBB^ which isn’t the original password but nevertheless works. Spreadsheet is now unprotected. Try it for yourself.

Shocked? Surprised? Worried about a .xls that you sent last week with confidential data in it? I’m sure lots of people would be very worried if they knew how easy it was to unprotect a sheet.

To be fair to Microsoft, the help page says, “IMPORTANT  Worksheet and workbook element protection should not be confused with workbook-level password security. Element protection cannot protect a workbook from users who have malicious intent. For optimal security, you should help protect your whole workbook file by using a password.” Personally, I think setting a password sets unrealistic expectations about the level of protection; in some ways it would be better if there was no password option as there would be no expectation.

Overall, it’s best to think of protecting an Excel spreadsheet as a way of making the spreadsheet more convenient to use and don’t ever think of protecting an Excel spreadsheet as a way to hide secret information.

If you thought the Adobe hack was bad, you should see the user data

Computer securityBy now you have likely heard of the attack on Adobe — the one that seemed to grow worse with each new bit of information. What started out sounding like a problem quickly deteriorated into disaster. Originally said to affect some three million customers, the number swelled to 38,000,000 and finally landed at 150,000,000.

But there were bigger concerns than just just that — security firm Sophos analyzed the compromised data and released a case study of its findings. The results are staggering, in terms of what it revealed about the average computer user.

Sophos lodged an almost immediate complaint regarding the situation — “One of our complaints was that Adobe said that it had lost encrypted passwords, when we thought the company ought to have said that it had lost hashed and salted passwords”, the security firm states in the report.

Then the data analysis begins. The number one password, used by 1.9 million customers, was “123456”, while “password” followed in second place. Appearing at the 25th slot on that list was “LetMeIn”. You can’t make this stuff up, folks. One user’s password hint read “try: qwerty123″, while another user cryptically stated his hint as “rhymes with assword”. The sad list goes on.

Sophos points out that “With very little effort, we have already recovered an awful lot of information about the breached passwords, including: identifying the top five passwords precisely, plus the 2.75% of users who chose them; and determining the exact password length of nearly one third of the database”.

Image Credit: Bigstock

Microsoft retreats: tells customers to get third-party AV software

When Microsoft released its Security Essentials software the company claimed it was all the end-user really needed and, for a time, that was mostly right. But the software suite has not entirely been kept up, and is not compatible with Windows 8, though in that OS, it was still present in the background under the name Windows Defender.

Now the Redmond company has officially given up it seems, as in a recent interview it referred to Defender as “baseline software” and claimed that it would “always be on the bottom” of comparison tests — this after failing multiple ones.

Microsoft Windows 8

Now Microsoft claims to be using Defender, which still comes as part of the OS in Windows 8.1, as more of a research tool. “The company is just sharing its virus tracking findings with the security industry so they can develop better anti-virus programs”.

This is not to say that WD will not continue to be updated every patch Tuesday — it will be. However, the software maker is now recommending users supplement the program with a third-part app.

Several good ones are available, both free and paid, but for the average user,  it’s back to square one, as many do not know that they need such a thing, forget to update it even if they have it or just don’t know enough to stay out of trouble. For the tech-savvy, this is likely not a big deal, as many never used AV before anyway.

Battle.net Adds New SMS Protect Service

Battlenet logoGamers who play any of the games by Blizzard Entertainment may want to check this out. Battle.net has introduced a new way to protect your account from hackers. The new service is called SMS Protect. If you currently have your account protected by an authenticator, it is possible that you received an email from Battle.net about this.

It will send a text message to your cell phone every time suspicious activity is detected on your account. You will also get a text if your account is flagged for suspicious login activity, if your password has been changed, or if account security features are added or removed.

In other words, if something nefarious appears to be happing to your account, you won’t have to wait until you get home, and try to log in, to find out about it. You can get a text message about it, while you are away from your computer. All you need is a standard cell phone with a data plan. You also need to be in one of the countries that is currently supported by SMS Protect.

The sooner you know something has gone wrong, the sooner you can try to fix it. If you want to get texts, you have to log into your Battle.net account and enable the texts. (The “default” mode has the texts turned off).

Those of you who play World of Warcraft, Diablo III, or Starcraft hopefully are already using an authenticator to protect your account. The key-fob authenticators are still useful, and so are the mobile authenticators for iPhone, Android and Blackberry. Those will still function as intended. You are not required to change over to the SMS Protect service if you do not want to. SMS Protect is simply one more tool to use to protect your characters and loot from hackers.

Who Can Access Your Dropbox Folders?

folder iconA lot of people use Dropbox as a convenient way to transfer large files from one person’s computer to another. I find it to be extremely helpful for podcasters who need to send an audio file of their voice track to an editor who puts everything together. Today, I learned something rather unexpected about who, exactly, can see the files that are in my Dropbox.

My husband and I are both podcasters. We have a podcast that we do together. I do a couple of other podcasts without him. He edits some of the podcasts that I do and some podcasts that I am not a part of. As such, both of us use Dropbox to move audio files around.

The computer I use, and the one that my husband uses, are on a home network. He has admin level access to my computer. We find this to be helpful for many reasons – one being that it makes it easier for him to grab the audio file of my voice track for a podcast that he will be editing. Obviously, he and I are both aware that his admin status means that he can access anything on my computer.

It turns out that the admin status also allows him to access my Dropbox. He discovered today that he can use his admin status to gain access to my computer and that it also allowed him to access my Dropbox. He was able to open folders, look at the contents, and remove files.

Now, some of the folders that I have been invited to are the same ones that he has been invited to. For example, today he was editing a podcast that I am involved with. He and I already had access to that particular folder. He could access that one from his own computer.

Surprisingly, he was also able to access folders that he had never been invited to. There is a podcast that I do with a friend of mine. That friend does the editing. My husband has no need to be invited to that particular folder. Even so, my husband was able to open that folder, look at the contents and remove files. He could have put files into that folder if he chose to do so.

Typically, people are very careful about who they allow to access their computer. Admin status should never be given out on a whim. We only give that to people we trust. Before this little experiment, I had no idea that giving a person admin status to your computer also gave that person complete access to your Dropbox.

For me and my husband, this isn’t really an issue. We trust each other. Our network is at home and secure. That being said, it made us both wonder about the potential risks involved with work computers that are accessible by multiple people within one company or business.

Washington Post admits website hack

bigstock-Computer-Hacker-in-suit-and-ti-31750772

Amazon’s Jeff Bezos just purchased the Washington Post — and despite jokes, I am pretty sure he didn’t do it by accidentally clicking the “Buy it Now” button. Plans at this point are unknown, but one thing is certain — there are already problems to deal with. The newspaper has admitted that its web site was recently hacked.

The announcement came in two parts yesterday. The first red simply that “the Washington Post Web site was hacked today, with readers on certain stories being redirected to the site of the Syrian Electronic Army. The group is a hacker collective that supports Syrian President Bashar al-Assad”.

An hour later the organization updated this with additional information — “Washington Post Managing Editor Emilio Garcia-Ruiz: ‘A few days ago, The Syrian Electronic Army, allegedly, subjected Post newsroom employees to a sophisticated phishing attack to gain password information. The attack resulted in one staff writer’s personal Twitter account being used to send out a Syrian Electronic Army message. For 30 minutes this morning, some articles on our web site were redirected to the Syrian Electronic Army’s site. The Syrian Electronic Army, in a Tweet, claimed they gained access to elements of our site by hacking one of our business partners, Outbrain. We have taken defensive measures and removed the offending module. At this time, we believe there are no other issues affecting The Post site'”.

Welcome to the newspaper industry Mr. Bezos. This is something not experienced at Amazon, but when you run a publication that can post stories on subjects that could be considered politically charged, then things change. Everyone may want to buy a new book or laptop, but not all wish to read opposing views.

Image Credit: BigStockPhoto