Friday, November 29, 2019

Evaluating Tech Gifts

Are you looking for some assistance in determining whether or not a particular tech device might be an appropriate gift this holiday season? I'd like to recommend a couple of websites that can provide useful information for your decision making process.


Wirecutter is from the New York Times and provides reviews of a wide variety of items. They're also known for evaluating deals and recommending best deals on big shopping days like Black Friday and Cyber Monday.

Mozilla *Privacy Not Included

Mozilla, the people who brought us Firefox also bring us a website evaluating some of the latest tech devices in terms of privacy. The ratings range from Not creepy! to Super creepy! They rate in terms of what they deem Minimum Security Standards - Five basic steps every company should take to protect consumer privacy.

  • Encryption
  • Security updates
  • Strong password
  • Manages vulnerabilities
  • Privacy policy
As you might surmise, products rated Not creepy! pass these five standards. As they climb the creepy scale, you'll see where they come up short according to Mozilla's evaluation process. Good to be aware of. And even if you aren't concerned about privacy, you may want to keep in mind your potential gift recipient.

Thursday, June 13, 2019

Advances in Accessibility

Both Google and Apple have had their developers' conferences for the year where they unveiled all kinds of new features. What stood out to me, in particular, however, were the advances in accessibility.

Let's start with Apple. This article from Tech Crunch goes into a lot of detail about the various accessibility advances coming up in Apple's various operating systems to be updated this fall: Apple’s global accessibility head on the company’s new features for iOS 13 and macOS Catalina.

Voice control is the first big advance discussed at the keynote. It purports to allow seamless movements between navigating, using apps and creating and sending content. The video shown at the keynote makes it all look quite usable.

And to learn more about other existing accessibility features in Apple software and devices, check out this article from iMore: Apple: Accessibility is a Human Right.

This CNET video from YouTube gives a good summary of Google's recent announcements at its annual I/O conference. The first part covers mostly accessibility features including text to speech using a phone's camera, AI assisted voice control, live captioning, etc.

Of course one of the downsides to Apple's offerings is that they're limited to Apple devices: iPhones, iPads, Macs, etc. As these devices tend to be more expensive, that can limit their reach. Google makes apps available on multiple platforms and the Android operating system runs on a wide variety of devices ranging from very cheap to high end. The problem is that Android Q may never run on most of the devices currently on the market. And, for now, some of the features are limited to Google's own Pixel devices.

Another major player in the accessibility arena is Microsoft. They produce apps like Seeing AI which is available for iOS (not yet for Android) and allows a user to point the device's camera at text and have it read aloud. It also attempts to identify objects in photos. When I tested it, it identified a red flower and my dog with a toy in his mouth as a brown dog with a frisbee - close enough. But when I asked it to identify a mountain range, it could only identify the clouds. It seems to default to grey a lot with colors and wanted to make my dog green. It was spot on with currency and identifying products by their barcode.

There's an entire section on the Microsoft website devoted to Accessibility In addition, they have a YouTube channel devoted to Accessibility Training called MSFTEnable which includes a number of training videos exploring how to use many of their accessibility features.

There is progress being made and tools we can all use to make our websites, trainings and resources more accessible to everyone.

Thursday, February 14, 2019

Testing Voice Assistants 2019

In Facebook memories today, I was reminded of a fun little test I ran 3 years ago comparing the responses of various voice assistants to some possible Valentine's Day queries and interactions. Here were the initial results:

Fun with AI on Valentine's Day: Pt. 2
1) What's a good gift for my boyfriend for Valentine's Day?
Alexa: no response
Siri and Google: list of websites with gift suggestions for guys on Valentine's Day.
2) Where's a good place for dinner on Valentine's Day?
Alexa: no response
Google: lists of websites with recommended restaurants for Valentine's Day in Los Angeles, Minneapolis, Philadelphia, NYC, etc.
Siri: list of 12 restaurants in Billings with reviews on Yelp.
I'd have to say it's a tie between Siri and Google. Siri nailed the local and provided recommended restaurants within a mile of my location. But not all fit with the Valentine's Day theme. I wouldn't pick Pug Mahon's for a romantic dinner. It's not open today. 😉🍺
Google picked up on the romantic theme. If I were a Google exec with a private jet, I'd have a world of possibilities.

And here are the results from 2019:

Happy Valentine's Day
Alexa: Ah, that's sweeter than a box of chocolates. Happy Valentine's Day to you, too.
Google Assistant: Happy Valentine’s Day! If you want to say “I love you” to someone special, you can try saying it in Mandarin. It’s pronounced "wo ai ni" 💗
Siri: Happy Valentine's Day
Cortana: Happy Valentine's Day to you!

What's a good gift for Valentine's Day?
Alexa: Hmm, I don't know that.
Google Assistant: List of websites with gift ideas for Valentine's Day but also included some suggestions for possible search refinements, e.g., What do you get guys for Valentine's Day?
Siri: List of websites with gift ideas for Valentine's Day (those at the top for women. Apparently more people search the web for gifts for women than for men).
Cortana: I'm sorry I can't help out with that one, but I found this on the web. List of websites with one for her followed by one for him. Very egalitarian. 😄

Where should I have dinner on Valentine's Day?
Alexa on Echo Show: 10 Creative Valentine's Day Date Ideas video from USA Today
Google Assistant: Listed 3 nice restaurants within 6 miles.
Siri: List of 5 restaurants within one mile. One was fast food and another, Pug Mahon, was recently closed. 
Cortana: I'm sorry I can't help out with that one, but I found this on the web. List of websites mostly with recipes and a couple with reasons why you should never go out for dinner on Valentine's Day. I guess it answered the question.

Will you be my Valentine?
Alexa: That's sweet to ask but I already have a strong connection to your WiFi.
Google Assistant: I found a few places within 0.8 miles (??)
Siri: I don't have an answer for that
Cortana: Of course I can be your virtual Valentine. Would you like me to sing a love song to celebrate? 
(And goes on to sing, yes sing!)
Red is the rose in yonder garden grows, and fair is the lily of the valley, clear is the water that flows from the Boyne, but my love is fairer than any.

Conclusion: Google Assistant is probably the most efficient at answering questions and providing the kind of information one is looking for but it's lacking in fun.
Alexa is fun to interact with but results differ depending on whether you're interacting with just the voice assistant via Echo or a visual interface on an Echo Show or Spot. I think you'll often get more useful results with a visual interface.
Siri continues to be an also ran. The choice of genders and nationalities offers some personality but it continues to lack the ability to meet what I would consider basic expectations from a voice assistant.
I'd never used Cortana before and was surprised by both the natural voice and quality of responses. But singing a love song verged on creepy to my mind. Flashbacks to "Her".

One additional note: I tested Google Assistant, Siri and Cortana all on an iPad. So, while it is disappointing at first glance that Apple's entry into the AI/voice assistant race is rather lackluster, iOS users do have other options through apps. You can also access Alexa through an iOS app. I'm assuming most of these, aside from Siri, are also available to Android users through the Google Playstore. 

Wednesday, February 7, 2018

Digital Assistants or AI Everywhere

One of the major topics of conversation coming out of this year's CES was that digital assistants seemed to be everywhere. Digital assistants are an example of artificial intelligence (AI) and are found in products like Amazon's Alexa, Google's Google Assistant, Apple's Siri and Microsoft's Cortana. The products most associated with these AI are Amazon Echo, Google Home, and just recently available for sale, Apple HomePod. They range in price from slightly under $50 for Amazon Echo Dot and Google Home Mini to $349 for Apple HomePod. There are also third party manufacturers creating devices for use with these AI, e.g., Harman Kardon makes a speaker for Cortana. Sonos makes a speaker that works with Alexa and promises to integrate eventually with Google Assistant.

Google Assistant, Siri and Cortana have all been around for several years and accessible via smartphone, tablet and/or computer. So, we've had a little while to get used to the pros and cons of interacting with voice activated digital assistants. But their move into the home started with Amazon's Echo, essentially a smart speaker, a couple of years ago.

Smart speakers coordinate with music streaming services so you can ask them to play a wide variety of music. The AI can look up information on the web so you can ask for weather or news updates. You can ask also ask for event information like movies and times near you. You can even ask for calculations and conversions, e.g., teaspoons to ounces for cooking, or Fahrenheit to Celsius. Smart speakers are often tied in with the Internet of Things and can work with various gadgets and appliances. As they tend to take answers off the top without scrutiny, they may not always be the best sources for reliable unbiased information. Alexa tends to over rely on Wikipedia, for example. So when people change the Wikipedia entries, answers can change. A recent article in Fortune: 'Who Is Jesus?' Google Home Couldn't Answer and People Weren't Happy  helps illustrate some of the potential problems in AIs remaining unbiased in a polarized information world. Amazon Echo, in particular, also has a large variety of third party skills available so it can be used for an ever growing number of games and various tasks.

Digital assistants are offering a lot of possibilities to people with visual and physical disabilities. They may prove particularly useful to our aging population. They offer quick information in response to verbal requests and can be asked repeatedly for the same information without ever showing signs of tiring or exasperation. As they can also be tied in to IoT hubs and devices, they can be used for routine tasks like turning on and off lights, locking doors, changing channels on TV, setting thermostats, as well as monitoring cameras and doors for security. People can use them to order groceries or other supplies as well as provide reminders of appointments or times to take medications. They can be linked to family members' devices for quick calling features. In short, they might make it easier for people to stay in their homes and for families to feel comfortable about it. There are many articles such as this one written on the topic: Amazon Echo for Dementia: Technology for Seniors

One of the downsides is privacy concerns over always on listening devices in the home. There are indications when they're actively listening. The Echo lights up blue as in the photo.
However, one does notice that they seem to turn on periodically for no apparent reason. This is particularly true if they're near a radio or TV. People seem to say the A-word setting off the Amazon Echo at an alarming frequency. There are other optional wake words for Amazon's product. You can change it in settings to: Amazon, Echo or Computer. But I doubt any of these will solve the problem especially if you watch or listen to tech podcasts like I do. It will still turn on at odd times. The phrase, "Hey Google" is probably a lot less likely to be uttered by accident. In the case of the Echo, you can go into the settings and see when it was activated and what were the triggers and responses. You can also delete any or all entries from your history. But many are uncomfortable that information is being collected and stored. And law enforcement has at least once that we know of asked for it. So, if you have privacy concerns, you might want to think twice about bringing listening devices into your home. But do keep in mind that most phones, particularly newer Android phones are also always on listening devices. They're just not quite so open about it.

There are some open source solutions.
Mycroft Mark 1 pictured here. As it's open source, it's designed to be modified and customized by users. But it will also provide basic AI functions like answering questions, controlling IoT devices, playing music, etc. From reading some of the information on their website, I think that the key difference they offer is that your voice information is aggregated so that it cannot be tracked back directly to you. This is different from Amazon which connects your queries to your Amazon account as one of the services offered is shopping via your Echo device. Google also offers shopping capabilities. As their main business is advertising, so you can assume that Google Assistant information goes into their aggregate database about you and your interests, all the better to direct ads at you. Apple offers a more privacy oriented service for those who are willing to shell out premium dollars. 

The allure of open source is its customization. For those who are so inclined, one can use the Mycroft software on a raspberry pi and enable a number of different devices and uses. The downside is that it might be a bit trickier for non-techies to set up and troubleshoot and it may not work with certain services. Digital assistants seem to be following the services silo model. Amazon products work best with Amazon services: Echo with Amazon Prime music and video, Fire TV, Google Home with Google Play and YouTube, Apple HomePod with Apple Music and iTunes. They all purport to work with major third party services like Spotify. But if you're tied to a particular service, it would be a good idea to make sure that it is supported by the device of your choice.

So, what does all of this mean for libraries? I think it will continue to be important for librarians to help educate the public about new products and how they can be used or possibly misused. It also seems very important to make people aware of the privacy implications of many of these devices and services. People should understand there's a trade off between convenience and giving up personal information and data so that they can make better informed decisions. 

But there are wider implications as well. What about the increasing reliance on voice control? It is convenient but it does limit the kind of information that is routinely accessible. There is no and evaluation of sources and perhaps not even a citation. But I have heard Alexa say a piece of information came from Wikipedia. There's also very little opportunity to drill deeper or question further. Part of the assistance offered might be to help people set up their own custom news briefings so that they can get news of interest to them from reliable sources.

Once again, librarians also have to ask how they can get their services on some of these devices. One of the features people love is the availability of audiobooks. Unfortunately, as far as I know, this only applies to purchased audiobooks. Wouldn't it be great if the libraries' offerings were available as well? And how about ordering library materials via digital assistants? Shouldn't our ILS be searchable as well? It goes back to the notion of meeting our patrons where they are. If they are spending more and more time with digital assistants, shouldn't we be there as well?

Tuesday, January 23, 2018

Wifi networking options for your library

There is a lot to know about networking in general and wireless networking in particular. So, I've put together a bibliography with articles and videos you can watch to learn more about the overall topic and/or a few specifics.

From CNET: Home networking: Everything you need to know
From KnowHow on the TWIT Network:
Networking 101 The whole series is helpful, but the episode on
Router WiFi Setup may be particularly helpful as that's what I referred to when setting up mine.

There are some interesting alternatives for setting up subnetworks for trusted, untrusted and perhaps totally untrustworthy devices using old routers. You might want to check out the Know How episode:
Networking 102 - Part 4: 3 Dumb Routers

Friday, October 20, 2017

KRACK safety precautions

I've had a chance to track down more information about the KRACK attack and what can be done to protect against it.

It's what is known as a "Man in the Middle" attack. Someone has to be physically on your network in order to execute an attack on your router or devices. This makes it unlikely to be a problem for home users. And probably not a huge issue for a small library wifi network. But it's always better to patch devices when you can and take precautions.

A few points that can stand further clarification:

  • Windows and iOS devices are not particularly susceptible to this breach as WPA2 was never implemented entirely correctly in these operating systems. The protocol didn't work as planned. Neither does the hack. Regardless, both Microsoft and Apple have patches in the works.
  • Android 6.0 and higher are most vulnerable to attack. Google is working on patches for Android. Whether or not your device gets an update is largely up to the manufacturer. Most current models will most likely get the patches eventually. Many old ones won't. But these devices have always been vulnerable to attacks. This is just another one to add to the list.

Information of a highly confidential nature that requires a good measure of privacy protection should probably never be done over wifi. If you have such a network, the best advice is to turn off the wifi router and use ethernet cabling to make it a wired LAN. It's always a good practice to use ethernet for secure transmissions.

Other general good practices for wifi networks will help protect you in this instance as well:

  • Use a VPN (Virtual Private Network) when you're connected to a wifi network. This creates a kind of tunnel connecting your device to a server owned by the VPN company. That information is not accessible to anyone on the wifi network with you. When your request reaches the company's server, it then proceeds the rest of the way to its destination via the wired Internet. But don't rely on a free VPN. They may not to be reliable or trustworthy. Remember the adage, if the service is free, you're what's being sold. But even a paid VPN can slow you down and they don't work with every site.
    We'll look at VPN options in a future post.
  • Https Everywhere:
    Electronic Freedom Foundation offers an extension for your browser that chooses the secure web protocol https over the unsecured general protocol http when more than one is available on a website. It's available for Chrome, Firefox and Opera browsers. The impetus behind this is reasonable. A secure website connection is better for many reasons including protection from attacks like KRACK. Financial and shopping sites, in particular, should be using this protocol and you should look for it. And, opting for it, when it's available, as this extension is supposed to do, is a good practice. Unfortunately, the extension can also break some sites if there is no https available. Or if the transfer from one protocol to another cannot be completed smoothly. Possibly worth a try, but don't be surprised if you hit some snags.
  • Cellular data - using a cell phone's data option is almost always more secure than public wifi. If you're concerned about security, you should probably consider increasing your data plan and reducing your use of public wi-fi. You can also use your cell phone as a modem and tether a laptop or tablet to it for use outside the home.

Steve Gibson makes the point on Security Now that is CLIENTS not ACCESS POINTS that particularly need to be patched. This cartoon shows a reason why.

That said, the other option to protect a network from a man in the middle attack is to update the router. Many router manufacturers are offering firmware updates. It's a good idea to check your make and model number on the manufacturer's website to see if there are updates available. Protecting the router becomes particularly important when you're running a network with a lot of IoT (Internet of Things) gadgets on it: doorbells, cameras, light switches, thermostats, etc. Cheaper gadgets, like cheap Android phones, will probably never get updates or patches. So they are best protected from the router side. If your wireless router is so old that you have no way to update it, it may be time to get a replacement. 

For more information on the KRACK Attack

Monday, September 11, 2017

How to protect yourself in a massive data breach

Hopefully, everyone is aware of the data breach at Equifax, one of the major credit bureaus. Reportedly, the data of 143 million people has been compromised, including social security numbers, names, addresses, phone numbers, credit card numbers, in short everything someone would need to commit identify theft.

Equifax is offering a website where you can go and enter your name and part of your social security number to see if you are among those whose information has been compromised. Some hackers and tech enthusiasts claim that the viability of this system is questionable as it provides different results to the same information entered in subsequent queries. It also has provided positive results for fabricated data. It's probably safe to assume that your data has been compromised and proceed from that assumption.

Equifax also provides a solution for that possibility: a year's free enrollment in their identity protection program: Trusted ID. Many are skeptical as to whether they want to trust the company whose potential gross negligence resulted in the problem in the first place.

CNET offers A guide to surviving the Equifax data breach (without Equifax's help). Not all of the information provided in this piece is uniformly agreed upon. For example, apparently enrolling in the Equifax Trusted ID program no longer requires you to opt out of a class action lawsuit. I think most of the advice about checking credit reports, freezing credit, setting fraud alerts and being vigilant during tax season is good advice.

Update 9/12/2017 - Thanks to Diane Van Gorden and Alex Clark
How to Protect Yourself from Identity Theft - Montana Legal Services Association

Update 9/14/2017 - Thanks to Steve Gibson on Security Now
Credit Freeze Guide: The best way to protect yourself against identity theft

Here is more information and background on the data breach from some of my preferred sources: