Apple vs. Lenovo: Devotion & Deception

The news of the Lenovo malware scare is simply another example of why I won’t use anything other than Apple products for my computers. Said Thomas Fox-Brewster from Forbes: “Lenovo might have made one of the biggest mistakes in its history.”

“By pre-installing software called ‘Superfish’ to get ads on screens, it’s peeved the entire privacy community,” continued Fox-Brewster. “Lenovo won’t want anyone to call it that, but Superfish has been described as a piece of malware, or an adware pusher, that the Chinese firm pre-installs on consumer laptops.”

lenovo-superfish-malware

Which is why all the computers in my house come from Apple. No, Apple isn’t perfect. Like cars, display panel TVs, and toasters, there’s no such thing as perfect.

Understanding mass production means comprehending that a certain percentage of units rolling off the assembly line will, for one reason or another, have a defect or problem. This includes everything from #2 pencils to the venerable BMW M5. Defects happen. Period.

Defects vs. Deception

Defects are accidental. Happenstance, if you will. Completely unintentional. Lenovo, however, engaged in deception and malice. After reading these first few lines of a TechCrunch article today, my sentiment regarding my computer choices was cemented:

Earlier this week, word started spreading that Lenovo had been pre-installing a sketchy adware program called “Superfish” onto many of its Windows PCs for months.

Then researchers started finding nasty vulnerabilities—namely, that Superfish was using some pretty ugly hacks to tinker with your computer’s encryption certificates, and doing so in a way that seemingly leaves your otherwise “encrypted” communications (everything that goes over HTTPS) unsecure whenever you’re on a shared WiFi connection (like at a coffee shop).

Preinstalling Sketchy Adware

“Lenovo had been pre-installing a sketchy adware program….” I really didn’t need to read beyond that first line of the article. I hear and read plenty of interesting things in the daily research for my writing. “Apple isn’t worth the extra money.” “Apple is too expensive.” “Apple is a rip-off.” “You’re just making Tim Cook rich; you’re a chump.”

tim-cook

But let’s read a bit more of that TechCrunch article. “Even without the security implications, Superfish was pretty sketchy. Its purpose? Catch Google search results before they hit your screen, then quietly modify them to include more ads.”

Yes, Apple products are certainly more expensive than Levono, HP, and Dell. But why do so many flock to Apple for their computing needs? I’ll admit, some do so only because it’s trendy or fashionable. These aren’t people who necessarily engage in a great deal of critical thought in deciding what computing device to purchase.

Can’t Afford Lenovo Crap

Then there’s people like me and many of my friends and colleagues. People who earn their living from the QWERTY keyboard sitting under their fingers. People who have children who rely on their income. People who can’t afford the bullsh*t coming from companies like Lenovo.

I’ve written in the past about how Apple products are superior. I even wrote about how I tried an Android tablet, only to have it croak on me within just a few months of purchase. I returned to Apple for my daily tablet needs. It’s the best thing I ever did.

macbook air for blog

The case of Lenovo is just another example of why professionals, and many who seek the best quality, reach out to Apple. Yes, there are the posers and dorks who just want to be seen with the “cool stuff.” But professionals don’t care about that. We focus on reliability, dependability, and performance. We can’t afford problems like Superfish and not being able to trust our computer vendor. We have enough vulnerabilities in our daily lives; inviting more just to save a few bucks is foolish.

Don’t Mess With the Work Truck

I call my laptop my “work truck.” Because it is. It’s my Ford F-350 pickup. And it better damn well get me to the job site every day. Lenovo may be the world’s biggest personal computer manufacturer, but it certainly isn’t the best. And, in striking clarity, it just proved it to the world.

“By this morning, the U.S. Department of Homeland Security was urging Lenovo laptop owners to remove the tool.” Wow. When I read things like this, I smile, knowing I’ve made the right decision by positioning Apple as the default, trusted source for the computing needs of my family. My daughters will graduate from high school and emerge from my house knowing the value of their computing dollars.

download

For those of you boasting about how you saved a few bucks by going with Dell or Lenovo for your new laptop: Have fun with that (and worrying about if something like Superfish has compromised your communications or finances). In the words of Bryan Wakefield, a Lenovo customer who commented on the Forbes article, “Just purchased a Lenovo product for the first time this year. Might have to rethink that decision in the future.”

Rethink indeed. After the Superfish stunt on Lenovo’s part (all to generate a few bucks), more and more consumers are becoming aware of the true cost of “cheaper” when it comes to computers. Pay me now, or pay me later. That’s what my dad used to say. Like it or hate it, it’s reality. Lenovo just provided it.

Trust Your Vendor?

So choose your poison. Pay more upfront for a quality product that you can trust from Apple, or pay later in loss of privacy, hidden infections, vulnerability to hackers, even more ads, fear and panic, and whatever else has been surreptitiously loaded onto your PC.

Trust is the foundation of most relationships. Be it a marriage, business partners, or product manufacturers, how can you justify paying your computer vendor to lie to you and then hijack your personal computer—all while leaving it unsecured and open to hackers?

With Apple, I pay not only for quality and dependability, but also a seemingly invisible element that you won’t find installed on any hard drive: Trust.

curtsig2 - trans
Curt Robbins

________________________________________________________________

Curt Robbins is author of the following books from Amazon Kindle:3d1

You can follow him on Twitter at @CurtARobbins, read his auto-related articles on CarNewsCafe, check out his Apple-themed articles on Apple Daily Report, and read his AV-related articles at rAVe Publications. You can also view his photos on Flickr.

Personal Data Security: Password Basics

securityThis post is an excerpt from my new book Understanding Personal Data Security, which covers centralized data, backups, strong passwords, and malware protection. The following is from Chapter 4: Passwords.

Also check out the previous posts in this series, including Personal Data Security: Backups, 3-2-1 Backup Rule: Get Offsite, and Personal Data Security: NAS.

curtsig2 - trans
Curt Robbins


Basic Password Rules

There are some basic rules that will help prevent hackers from stealing your passwords, gaining access to your online accounts, or stealing your identity. While following these rules doesn’t guarantee that your accounts won’t be compromised, it vastly improves the resiliency of your online accounts and protects you about as much as possible.

You’re creating what is known as a “strong password,” meaning it has a mix of letters (both lower and upper case), numbers, and symbols and is of a minimum length.

  • Make a Strong Password: Use a minimum of 16 characters that are a mix of upper and lower case letters, numbers, and symbols. Don’t use easy-to-guess phrases, such as “iloveyou” or “MaryHadALittleLamb.” While “MaryHadALittleLamb” has both upper and lower case letters and is of appropriate length, it lacks numbers and symbols. Also, hackers look for common phrases, using dictionaries and even terabytes of Wikipedia and Bible content as a “check against” list. Guess it’s time to change that “yabbadabbado123” password.
  • Change Your Password Frequently: You should change your password/passphrase every six months. This is the rule few people follow (simply because it’s a hassle), especially if all of your online accounts feature unique passwords. Nobody ever said protecting your accounts and data was a total cakewalk.
  • Use a Unique Password on Each Account: Nobody likes this because it’s such a pain (especially when you should change all passwords with such frequency). This is where password vault software comes in handy. In 2014, nearly no one has only one or two online accounts. A dozen or more accounts is not uncommon. As you’ll learn below, password vault apps that store all of your passwords in a single password-protected program or app are a solid strategy for keeping several long, strong passwords at your fingertips.
  • Tell Nobody: This means nobody. Putting effort into creating strong passwords that are difficult to crack and then simply giving them away to a friend or co-worker is stupid. Even if your friend/family member has no malicious intent, they can easily get sloppy and expose your password to others (like by writing it on a sticky note and slapping it on their computer monitor!). There’s no reason for anyone else to know your passwords. It’s simply antithetical to the cause!

Even if a hacker doesn’t get your password from you or your devices, the bad guys can compromise a password database held by a service provider (your bank, email service, large retailers like Target or Amazon, social media like Facebook or LinkedIn, etc.). Once the hacker has gotten into the password database (often by breaking its encryption), they then have to guess the passwords. Something like “P@ssw0rd1” will be guessed in mere seconds. Regardless of the quality of your home or office firewall or the security of the individual devices you use to access your accounts, the password itself must stand up to the most robust cracking attempts that will most likely be perpetrated on the organization with which you have an account.

Strong Passwords

You have already learned that the strength of your passwords is determined by their length, complexity, and lack of predictability (why you don’t want “maryhadalittlelamb” or “ILoveNY”).

The password “Tr0ub4dor&3” seems like a relatively strong password on the surface. Although it’s too short (only 11 characters), it features both lower and upper case letters, numbers, and a symbol. However, a hacker with a computer capable of producing 1,000 guesses per second (an old computer can do this) will require only three days to guess this password. Compare this to “correcthorsebatterystaple,” a passphrase that requires 550 years to crack (at the same rate of 1,000 guesses per second). And this passphrase doesn’t even include upper case letters, numbers, or symbols! By adding these elements, you would have a passphrase that, for all practical purposes, is nearly impossible to crack (unless it’s the NSA trying to get it) and relatively easy to remember.

Longer, more complex passphrases are also more difficult for others to steal through simple observation. Sometimes, passwords are nefariously obtained by the act of observing the owner type them. Short, simple passwords and passphrases can be learned by watching the owner input them only once or maybe a few times. If someone really wants your password, they may even use a wi-fi-based webcam or security camera to record your keystrokes! Don’t underestimate the lengths to which a hacker or enemy will go to steal your information, identity, or money.

One of the best ways to understand strong passwords is to consider weak examples. Weak passwords include those that:

  • are shorter than 16 characters
  • include personal details such as your name or the name of a family member, a pet’s name, your street or address, your birthday, etc.
  • include complete words or sequential number strings (like “qwerty” and “12345678”)
  • lack a mix of upper and lower case letters
  • lack numbers
  • lack symbols

Curt Robbins is author of the following books from Amazon Kindle:

You can follow him on Twitter at @CurtRobbins, read his AV-related blog posts at rAVe Publications, and view his photos on Flickr.