Insights For Success

Strategy, Innovation, Leadership and Security

What you need to know about the new Apple Watch Series 3

GeneralEdward Kiledjian

The biggest change to Apple's smart watch lineup is the addition of LTE connectivity (a $70 option over the non-LTE Series 3). This new Dick Tracy style watch will allow you to make phone calls (with your same number), send and receive messages, use internet connected apps and stream music from Apple Music. 

The new OS, which will work on all devices, brings improved exercise and heart tracking, Siri finally can speak back to you. 

The heart rate functionality is dramatically improved tracking your heart-rate pre-working (resting), during and post-workout. It will show how your heart health is improving over time ( faster recovery, better resting heart rate, etc.).

They have also created a new standard that will allow your watch to talk to new types of gym equipment. This means your watch will be able to log gym equipment data (speed, incline, etc.).

The Series 3 Apple watch has the same dimensions as the existing Series 2, and they promise similar battery life. You will be able to pre-order the new watch this Friday (September 15). 

We'll have to wait and see what carriers charge to add this new device to your smartphone plan. Hopefully, it won't be $10 a month.

What you need to know about the iPhoneX

GeneralEdward Kiledjian

Over the coming weeks and months, the media will overwhelm you with review and editorials about the new iPhoneX. Of all the products Apple announced this week, the iPhoneX was the most radical in design. 

They have eschewed the home button and most of the bezels. This newfound space has allowed them to cram a beautiful 5.8" Super Retina OLED screen (458 pixels per inch) in a device that is smaller and easier to hold than an iPhone 7Plus or iPhone 8Plus.

All of the functions requiring a home button are replaced with swipe motions. Swipe up from the bottom, and you get the home screen or app-switcher (full swipe or half swipe respectively). 
A side button (right-hand side) can be used to invoke Siri. 

The removal of the home button also means Apple had to remove the TouchID authentication sensor. The beloved TouchID has been replaced with FaceID. It promises more secure authentication.

TouchID had a false positive rate of 1 in 50,000. Apple claims FaceID has a false positive rate of 1 in 1,000,000 (regardless of you wearing glasses, changing your hair, growing a beard, etc). All the processing is done on the device (not sent to the cloud).

During the demo, FaceID failed. We don't know why but I am sure Apple will workout most of the kinks before it is released early November. 

We can't make any recommendations until we have a chance to test the device in the real world, but many have already started asking if the extra $300 (going from the iPhone 8 to the iPhoneX) is worth it. 

Had the iPhoneX been endowed with a dramatically superior camera system (compared to the iPhone 8 Plus), I would have jumped on it, but now I'm not sure. Yes the built in cameras do have optical image stabilization and the telephoto lens is slightly brighter but that doesn't justify the difference in my view. 

Using the FaceID sensors, Apple will map your face and allow you to apply the new lighting filters (even with the front facing selfie camera). Additionally it will create a detailed face-map allowing filter apps to create more realistic and properly aligned designs (think Instagram filters). They will also use this feature to create animated emojis called animoji. 

Conclusion

Pre orders start on October 27 and deliveries will start a week later.

The truth is, the iPhoneX is a glimpse of the future. My guess is that we will see one more generation of traditional looking phones with a home button, then everything will switch to the all screen design. 

The iPhoneX is an opportunity for Apple to figure out how to mass produce all the sensors affordably, in preparation for an eventual launch in all of its products (including iPad). 

Comparing Google Chrome and Mozilla Firefox

GeneralEdward Kiledjian

Image by Iván Rivera used under Creative Commons License

Chrome has been the browser king for many years and many users can't remember a time where Firefox was "the browser".  Chrome overtook Firefox and Internet Explorer(according to StatCounter) in November 2011.

Statcounter browser marketshare

But recently a group of highly technical security experts seem to have moved back to Firefox. Why have technically knowledgeable users left Chrome for Firefox?

Battery life

Users are increasingly choosing mobile devices (laptops and convertibles) instead of traditional always-plugged-in personal computers. This means battery life is important. In a 2016 battery shootout, Microsoft aggregated billions of data points from real world Windows 10 users and found that Microsoft Edge and Firefox were much gentler with battery consumption.

Image owned by Microsoft Corporation

These numbers are from actual Windows 10 (version 1511) use “in the wild,” not artificial tests or hypotheses.
— Microsoft blog

Privacy

Everyone using Google products should know that the sultan of search is monitoring everything you do on the web, on its search page and in its browser. If you have never visited the Google Dashboard, you really should. It will show you all of the information El Goog has collected about you. Remember that it then uses this data to build a profile about you and we all know how powerful these predictive models can be :

Unlike many unscrupulous sites that track you without your knowledge, Google is a model citizen and clearly, let's users know what it is collecting and why. Most users are willing to trade their behavioural information in exchange for free google services (e.g. Photos, search, Gmail, etc).  I think this trade is perfectly acceptable as long as the user understand what he/she is giving up in exchange for these free services.

Some people believe Google knows too much and where possible, try to use no-Google alternatives (DuckDuck Go for search, ProtonMail for email, SpiderOak One for online storage, etc).

Open Source means anyone (with the right skills) can audit the code and make sure nothing nefarious has been secretly inserted.

The fact Mozilla is not trying to become this massive financial behemoth is a comforting reality.

Browser security

To be clear, Chrome is an excellent browser and has slightly better security than Firefox but on the privacy front, Firefox wins.

There is an annual security competition called Pwn2Own and the 2017 browser compromise competition presented some interesting findings.

The Microsoft Edge browser proved to the least secure browser, having been compromized5 times. Then came Safari on Mac which was compromised 3.5 times (a half point was awarded because they had fixed one of the attacks in a beta build).  Then came Firefox with 1 compromise and Google Chrome had none.

Firefox is certainly a relatively secure browser with a healthy bug bounty program but Chrome is just 1 step ahead.  If you want the most secure browser and are willing to give up privacy, choose Chrome. If you want good enough security with much better privacy, pick Firefox.

Tab handling

There is no perfect browser.

Google's Chrome browser is the king of standards compliance. It is very secure since it has strict sandboxing. Each browser tab creates a new browser thread in the OS, which means a crashed tab doesn't crash the entire browser. These "features" consume a substantial amount of RAM. If you are one of those users that live in your browser and regularly has 20-50 tabs open, you probably live the sluggishness daily.

Firefox is "as fast" as Chrome but much more configurable. It consumes less RAM per open tab thus is often a better solution for users that live the multi-tab life. The flip side is that a bad tab can crash the entire browser but this is very rare.

Extensions

Chrome is the king of extensions. Just browse the Google Chrome store and be amazed at everything your browser can do.

In many cases, your most used extensions will be natively available either platform. As an example, Lastpass and UBlock Origin are natively available for Chrome and Firefox. You can also install the Chrome Store Foxified add-on which will allow you to install Chrome extensions from the Chrome store into Firefox.

In this example, I picked the Google Keep extension. When you visit the Chrome Store with the Google Chrome browser, you see this window to install the extension:

When you visit the same page with Firefox and the Chrome Store Foxified add-on, you see this window and the ADD TO CHROME is replaced with ADD TO FIREFOX

I have tested this functionality with a dozen extensions (HTTPS Everywhere, Ublock Origin Extra, Grammarly, etc) and all of them work perfectly as if they were running in Chrome. Before people start sending me hate mail, I know these have Firefox native versions but I wanted to test the Chrome extension functionality in Firefox.

Interface design

Both Chrome and Firefox have adopted a clean, minimalist approach. From the interface perspective, neither one really pulls out ahead as a leader.

Verdict

When there is competition, the consumer wins. This is true in the browser market. The extreme competition between Chrome and Firefox means both products have improved over the last 12 months. 

Both browsers are relatively secure. The main difference boils down to privacy and tab handling. If you are someone that always keeps several dozen tabs open, then you may find Firefox more responsive and less likely to bog down your computer. Additionally, Firefox is a much better choice for consumers looking for more privacy.

Ultimately I think most users will end up with both browsers on their devices and use different browsers for different purposes. Recently I have started to move more of my day to day browsing back to Firefox and am satisfied. I want to encourage diversity and even chose to donate to Mozilla. Encourage not-for-profit groups powering open source software is an important step in maintaining a healthy diverse and competitive computing environment. I also donate to Tor, Ubuntu, Wikipedia and Whonix.

Bypass Google's AMP with DeAMPify for Android

GeneralEdward Kiledjian

A handful of readers asked me to review the DeAmpify Android app and talk about it on my blog. So for those readers, here is my opinion.

Google introduced AMP in 2015 (Accelerated Mobile Pages) with the hope of speeding up the mobile web by degunking all of the junk publishers were adding to their web pages (tracking, advertising, etc.)

The CBC web page I am using for this article connects to 16 separate domains (to load content) and has eight different trackers. Obviously, this clogs up the page and makes it slower to load and less responsive.

Journalists and privacy advocates have been criticizing AMP because they claim it is another Google attempt to control content by encouraging publishers to use the search giant's AMP caching servers. Additionally, Google chooses what tags will be allowed for AMP markup on web pages. 

For those with modern high-end smartphones connected to super fast LTE networks, the difference is minor. But if you are on a mid-level phone or a slower connection, an AMP page could load in half the time. 

A crafty developer (Joao Dias) created an Android app called Deampify whose sole purpose in life is to convert AMP links back to "normal" web ones. The app is free with a small in app purchase option to unlock pro features:

  • Disable Ads
  • Ability to add exceptions so that some websites still show the AMP versions
  • Tasker integration so that you can load original pages when you’re on Wifi but load the faster AMP pages when you’re on 4G/3G for example. 

DeAMPify demonstration video

Important considerations

DeAMPify doesn’t work if you click on an AMP link inside of Chrome

Since a link clicked in Chrome does not kick off the Android intent process, you cannot redirect it to DeAMPify and this the app cannot perform its magic. The app works in any non-Chrome app (messenger, hangouts, the Google Search app, etc).

How does DeAMPify work?

When you click on an AMP enabled page, the app searches the HTML code for the original web page URL and then passes this to the browser. So in effect, it is pre-downloading the entire web page anyway.

Conclusion

So is this useful and do I recommend it? No! I tried to find a reason to like this app but I couldn't. I don't have a technical or moral issue with AMP so there is no reason for me to go out of my way to bypass it. 

Additionally, it is pre-downloading the web page to find the non-AMP URL so I am not saving bandwidth and may actually be slowing down my browsing experience. 

I'm glad the app exists in case someone does want it but it's going to be useless for most Android owners. The only reason someone would probably consider this is if they have a moral issue with Google playing manager of the AMP technology and wants to "stick it" to the man.  To me it feels like stabbing yourself to teach someone else a lesson. 

Honest review of the Tunnelbear VPN service

GeneralEdward Kiledjian

Similar Articles:

Start

I've written about half a dozen articles over the last couple of weeks reviewing various VPN services. I asked my social media followers what other VPN services they wanted me to review, and many readers requested that I review TunnelBear. So here is my review of the TunnelBear VPN service.

TL;DR - TunnelBear is an excellent service that won't disappoint.

First, it meets the multi platform requirement. It supports MacOS, Windows, IOS and Android (with browser extensions for Opera and Google Chrome). These are the most requested platforms by users and will meet the needs of 95% of their user base. If you are a tinker and want an OpenVPN configuration file or router support, you will be sorely disappointed (see VyprVPN in that case). They have talked about a very manual configuration option for Linux using OpenVPN, but this isn't for the faint of heart.

TunnelBear has about 19 servers worldwide. This is in strong contract to companies like HideMyAss that offer 190+ locations with 720+ servers.  Countries listed during my test included: United States, United Kingdom, Canada, Germany, Japan, France, Italy, Netherlands, Sweden, Switzerland, Ireland, Spain, Singapore, Norway, Denmark, Hong Kong, Brazil, Mexico, India.

One issue I have with many services is that there is no "auto-connect to the fastest server" option, but TunnelBear has this option. When compared to VyprVPN, UnlimitedVPN (Keepsolid) or HideMyAss, TunnelBear's performance was always a little bit slower. Youtube was always using a lower quality, and downloading files always took a bit longer. 

Many VPN services just provide a plain; we do not collect logs statement. As a more technical user, I expect a little more "meat" with a statement like that. You can read the TunnelBear privacy policy here.  

I appreciate the honesty and clear privacy terms provided by TunnelBear:

By using our services, you authorize TunnelBear to use your information according to Canada’s laws, regardless of which country you are located in
TunnelBear explicitly does NOT collect, store or log the following data:

- IP addresses visiting our website
- IP addresses upon service connection
- DNS Queries while connected
- Any information about the applications, services or websites our users use while connected to our Service

Canada is a member of the five eyes and as a Canadian, I believe my information is collected and shared with the other members of the spying consortium. My preference is to use a VPN service who is headquartered in Switzerland (or another privacy loving locale). 

TunnelBear also offers a free tier (500MB per month) to anyone who wants to test their service or has very limited needs. Free VPN service is a rare offering from a reputable company, and one TunnelBear should be very proud of. 

You can earn one free GB of additional traffic by tweeting about TunnelBear using an in app feature. I tried this twice, and they added 1GB each time within 10 minutes.

I tested Netflix USA with the TunnelBear VPN turned on and Netflix detected the connection as a VPN and refused to show the US catalogue. 

Pricing

The annual TunnelBear subscription is $4.99 a month which is competitive. If you shop around (check out the link in my KeepSolid UnlimitedVPN review) you can get a similar VPN service at $49.99 for an unlimited lifetime subscription. 

Conclusion

TunnelBear offers an easy to use VPN service or the average Joe. It doesn't offer a tonne of client support. It is based in a high-risk country (Canada) and the price is average. 

If your look around on deal sites, you can find an UnlimitedVPN lifetime (5 devices) deal for $49.99 which is a better deal. UnlimitedVPN is based in the USA so they suffer the same headquarter location issue (being based in a Five eyes country) as TunnelBear. The difference is you get a tonne more exit servers than TunnelBear.

For real security, I would say check out Private Internet Access or ProtonVPN.