January 17, 2017 brianradio2016


The Asus X540SA laptop on which I attempt to run Linux.

Image: Asus

A number of my laptops and netbooks have moved on to other homes and other purposes recently, so I have been looking for something new.

Last weekend I saw an advertisement for an Asus X540SA at a ridiculously low price (CHF 299 / €280 / £245 / $300), which is always one of my criteria. Another criteria in this case was a 15″ screen, and this ASUS has is 15.6″, so that made the decision for me.

This Asus specifications page for the X540S lists a variety of CPUs, memory and disk configurations, so this is obviously just the latest in a long line. The detailed specs for the one I got are:

  • Intel Celeron N3060
  • 8GB DDR3 RAM
  • 500GB HDD / 5400 RPM / SATA
  • 15.6″ LED 1366×768 display
  • Intel HD Graphics 400
  • 802.11 b/g/n WiFi & RJ-45 Wired network
  • Bluetooth 4.0
  • USB 2.0/3.0/3.1
  • HDMI & VGA
  • SD/SDHC/SDXC Card Reader
  • 8x Super-Multi DVD
  • Weight 2Kg

Those look like some very good specifications for such a low priced laptop. You don’t get something for nothing, and even though I found it at a very good price, there is also clear evidence of the low-cost design and construction of this laptop. First, the case looks rather plush, it has a kind of brushed-metal finish – but is it entirely plastic, and it feels like relatively thin plastic.

The keyboard doesn’t have a very positive feel. Oh, and something that I have never seen before, the power button is actually the top right button of the keyboard. After looking at that and scratching my head for a while, I finally realized that the End key is missing. That seems like a pretty extreme decision, how much money can you save by not having a separate power button?

The variety of external connections is good, but there is exactly one of each – USB 2.0, USB 3.0 and USB 3.1 (Type C) – that’s not a lot. Finally, 1366×768 resolution is not very impressive for a 15.6″ display.

Oh, and one other thing. I don’t know if this was a cost-related decision, but this thing has a “clickpad” style of touchpad, which doesn’t have discrete buttons, just a little line in the middle of the bottom of the touchpad which supposedly delineates left- and right-click areas.

There are some positive points about this laptop (beyond the low price) as well. For example, 8GB is a better than average amount of memory, having Bluetooth included is not always the case, as is the DVD drive. I’m not familiar with the USB 3.1 (Type C) connection, but I guess if you have something that can take advantage of this, it is a big plus.

So in the end, I guess you get what you pay for, and if you’re looking for a low cost laptop, you have to decide which compromises you are willing to accept. So far I think this one looks promising, but now it is time to get down to actually configuring and using it.

Configuring Windows 10 Home

The first step, as always, was slogging through the Windows 10 Home initial configuration. Sigh. If I didn’t dislike Windows so much, maybe this wouldn’t be so awful. But I do, and it is. Here are some of the questions it asked:

  • Do you want to share your personal data with Microsoft? Ugh, no.
  • Do you want to share your browsing history with Microsoft? Ugh, NO.
  • Do you want to automatically connect to WiFi networks which your “friends” have previously connected to? What??? No, absolutely not.
  • Do you want to automatically connect to other networks which have been pre-selected by Microsoft? Sigh. No.
  • Do you want to automatically connect to otherwise unknown public-access wireless networks, just to check and see if they need some other kind of authentication? Gaaa…

There were probably more like this that I don’t remember, but really, do other people actually answer ‘Yes’ to some of these questions? I guess that ‘Yes to Everything’ is what you get if you take the Express Configuration option…

After staggering through the initial configuration, the second step is finding and clearing out the pre-loaded bloatware.

  • Dropbox
  • McAfee LiveSafe (limited trial version)
  • Microsoft Office 365 (limited trial version)
  • Microsoft OneDrive
  • TeamViewer (at least two releases out of date)
  • ASUS Cloud Web Storage
  • WPS Office
  • ASUS Gift Box (this contained a number of other “offers”)
  • ASUS HiPost (I never did find an explanation of what this actually is)

There’s more that I have not found or identified yet, I’m sure. But at least getting all of the above off and then rebooting made the laptop noticeably more responsive, and dramatically reduced the amount of disk-thrashing noise it was making after boot.

Unfortunately, the clickpad was turning out to be just as awful as I had feared. It seemed like half the time it didn’t recognize a normal left-click, and more than half the time a right-click. Two-fingered scrolling was intermittent, at best. Oh, how I hate clickpads.

Installing Linux

At this point I was basically ready to start ‘using’ the laptop. Honestly, I’m still pleased and hopeful abut this laptop, it seems nice. It’s not a speed demon (duh, it’s a Celeron CPU), but it is fast enough to be comfortable to use; the screen resolution is not great, but it’s good enough.

Of course, using the laptop for me starts with installing Linux on it. The first step in that is to reduce the size of the Windows partition to make room for Linux.

Although most Linux installers are now able to do that, I prefer to do it using the Windows disk management utility so that there are no issues about whether it was done ‘properly’ or not.

In this case I found that Windows was installed to a single partition of about 465GB, and the disk/partition management utility said that the maximum I could reduce it was to about 260GB. That’s enough for me right now.

I then booted a Linux Mint 18.1 LiveUSB stick, and it came right up with no problem. That’s a nice surprise, because of course this is a UEFI firmware system and I didn’t have to go into the firmware/BIOS configuration to change anything. On other systems I have had to make changes to enable USB boot, or disable UEFI Secure Boot, which required setting a BIOS password, but not this time.

Linux Mint 18.1 seemed to recognize all of the hardware, including wired and wireless network adapters. The screen resolution was correct (it’s been a long time since I last saw a Linux installer get this wrong, anyway), and the clickpad at least worked (it hasn’t been very long since I last saw an install get this wrong).

I used gparted to set up a few partitions in preparation for Linux installation. I prefer to do it this way rather than fight with a bunch of different Linux installers to get the disk layout and partition sizes exactly the way I want. If you were going to just multi-boot one Linux distribution along with the pre-installed Windows 10 Home, it would not be necessary to do this kind of pre-partitioning.

What’s next?

So, I am now ready to start installing a variety of Linux distributions. That will be the subject of the next post. I’m not sure exactly what I will install, but at the least it will be:

  • openSUSE Tumbleweed
  • Manjaro
  • Debian
  • Fedora
  • Mint

In summary, so far this is not the greatest laptop I have ever purchased. It has a number of negative points, but it also had a very low price. But if things continue to go as they have so far it could very well turn out to be the best price/performance laptop I have ever bought. Then it will just be a question of how durable it is: it should be interesting.

P.S. For those who have been following my latest Raspberry Pi posts, this new laptop has only been a temporary diversion. I will be continuing with the Pi in parallel with setting up Linux on this laptop.

Read more about Linux by J.A. Watson

January 17, 2017 brianradio2016

When I talk to IT managers, I almost always hear fears of mobile devices as conduits for sensitive corporate data to leave the company. I don’t know why I keep hearing this. There’s simply no evidence to support this fear. In fact, there’s solid evidence that says mobile devices are not a significant—or even moderate—risk factor.

Every year, I check the Identity Theft Resource Center’s database of personally identifying information (PII) breaches, which require disclosure by both state and federal laws. I’m sure many losses go unreported, and the database doesn’t cover corporate information not containing PII. But if mobile devices were a conduit to data loss, they should show up in this database.

Mobile-linked breaches haven’t shown up in previous years, and they didn’t show up again in 2016—despite the fact that nearly everyone these days uses a smartphone.

What does show up? Paper records, thumb drives, external hard drives, laptops, hacks into databases and storage systems, and successful phishing attempts. Many of the reported breaches involve lost papers, drives, and laptops, where a data thief probably wasn’t involved. But many involve active hacking of IT systems where data theft is the goal. And some involve insiders (contractors and ex-employees) steal data to use themselves, bring to new employers, or—least often—sell to others.

January 17, 2017 brianradio2016

Google announced an early prototype of Key Transparency, its latest open source effort to ensure simpler, safer, and secure communications for everyone. The project’s goal is to make it easier for applications services to share and discover public keys for users, but it will be a while before it’s ready for prime time.

Secure communications should be de rigueur, but it remains frustratingly out of reach for most people, more than 20 years after the creation of Pretty Good Privacy (PGP). Existing methods where users need to manually find and verify the recipients’ keys are time-consuming and often complicated. Messaging apps and file sharing tools are limited in that users can communicate only within the service because there is no generic, secure method to look up public keys.

“Key Transparency is a general-use, transparent directory, which makes it easy for developers to create systems of all kinds with independently auditable account data,” Ryan Hurst and Gary Belvin, members of Google’s security and privacy engineering team, wrote on the Google Security Blog.

Key Transparency will maintain a directory of online personae and associated public keys, and it can work as a public key service to authenticate users. Applications and services can publish their users’ public keys in Key Transparency and look up other users’ keys. An audit mechanism keeps the service accountable. There is the security protection of knowing that everyone is using the same published key, and any malicious attempts to modify the record with a different key will be immediately obvious.

January 16, 2017 brianradio2016

China is requiring that all app stores operating in the country register with its Cyberspace Administration in an effort to battle malware but also to tighten control over uncensored content.

The rules took effect Monday, in a country where domestic third-party app stores — not from Apple or Google — are serving billions of downloads to Android smartphones. Chinese internet companies such as Baidu, Tencent and a host of smaller, shadier local app stores have been feeding the demand, at a time when Google has largely pulled out of the market.

The government, however, has problems with the proliferation of app stores and the lack of industry oversight, the Cyberspace Administration of China said in a statement on Friday. Some app stores have been offering products that violate users’ rights, contain security vulnerabilities or spread “illegal information,” it said.

The new rules intend to force the stores to better audit their products. Cyberspace Administration officials will keep records on the app stores and investigate those that fail to register or which are found falsifying information. 

January 16, 2017 brianradio2016

iPad users enjoy a powerful tool for creative self-expression on the fly, ‘iMovie Trailers’. These ready to use video creation templates are incredibly useful if you want to make short, punchy movies fast. So what are they and how do you use them?

Movies for the rest of us

If you’ve used iMovie (which is available for download for all Apple devices) you may have been put off by the length of time it takes to create a film from scratch. The results may be impressive, but time is short and many people lack the time it takes to make a perfect movie. iMovie Trailers helps expedite movie making by providing you with a clear and easy to follow template-based workflow that helps you get good results fast.

The modern report card

iMovie’s Trailers feature is being widely used in schools. Teachers like that it provides digitally savvy students with an engaging way to create movies, for special reports, years in view, or project/topic-based work. What makes this so successful is that using technology in this way doesn’t only boost student achievement, but also provides a great way to teach those other valuable skills: project planning, group working, collaboration, team play, decision-making and more – all through a medium children already relate to, video.

Using iMovie Trailers

So, you want to make an iMovie Trailer? The first step is preparation. Figure out what you want to say in your short movie and gather the images and video clips you want to use together.

January 16, 2017 brianradio2016

This tire pressure guage from Fovsal features a lighted nozzle and display screen for ultimate visibility in low light, and doubles as a vehicle emergency tool with LED flashlight, car window breaker, seat belt cutter, and red safety light.  It averages 4.5 out of 5 stars on Amazon, where its typical list price of $20 has been reduced 51% to just $9.87. See it now on Amazon.

This story, “51% off Foval 150PSI Car Digital Tire Pressure Air Gauge – Deal Alert” was originally published by TechConnect.

January 16, 2017 brianradio2016

Microsoft last week backtracked from a 2016 decision to offer Windows 7 and Windows 8.1 users only cumulative updates, saying on Friday that starting next month it will again provide Internet Explorer (IE) security patches as a separate download.

The change was a tacit admission by Microsoft that IE has lost its place of primacy in the enterprise, a fact supported by a disastrous decline in third-party measurements of the browser’s user and usage shares over the past year.

“Customers have requested increased flexibility for deploying the Security Only updates for Windows independently of the fixes for Internet Explorer,” Nathan Mercer, a Microsoft senior product marketing manager, wrote in a post to a company blog Jan. 13.

In August 2016, Microsoft announced that starting in October, it would offer only cumulative security updates for Windows 7 and 8.1, ending the decades-old practice of letting customers choose which patches they apply. The new maintenance model for Windows 7 and 8.1 was a direct transplant from Windows 10, which has always relied on cumulative updates.

January 16, 2017 brianradio2016

Google is finally giving administrators the ability to manage their encryption keys in Google Cloud Platform (GCP) with its Cloud Key Management Service (KMS). Google is the last of the three major cloud providers to provide the key management service, as Amazon and Microsoft already have similar offerings.

The Cloud KMS, currently in beta, helps administrators manage the encryption keys for their organization without having to maintain an on-premise key management system or deploy hardware security modules. With Cloud KMS, administrators can manage all the organization’s encryption keys, not only the ones used to protect data in GCP.

Administrators can create, use, rotate, and destroy AES-256 symmetric encryption keys via the Cloud KMS API. Multiple versions of a key can be active at any time for decryption, but only one primary key version can be used for encrypting new data. The rotation schedule can be defined to automatically generate a new key version at fixed time intervals. There’s also a built-in 24-hour delay when trying to destroy keys to prevent accidental or malicious loss. Cloud KMS integrates with GCP’s Cloud Identity Access Management and Cloud Audit Logging services so that administrators can manage permissions for individual keys and monitor usage.

Cloud KMS also provides a REST API that allows AES-256 encryption or decryption in Galois/Counter Mode, which is the same encryption library used internally to encrypt data in Google Cloud Storage. AES GCM is implemented in the BoringSSL library maintained by Google, and the company continually checks for weaknesses in the encryption library using several tools, “including tools similar to the recently open-sourced cryptographic test tool Project Wycheproof,” said Google product manager Maya Kaczorowski on the Google Cloud Platform blog.

January 16, 2017 brianradio2016

With Windows 10, Microsoft has raised user data tracking to new levels. Worse, Microsoft has been reticent to divulge what it’s collecting and exactly how it uses that gathered data, further blurring the thin line it’s walking between telemetry and snooping.

In fact, Microsoft’s unwillingness to share details about the user data it gathers from Windows 10 has been one of the two main reasons for sticking with Windows 7. (The other, forced updates, may be solved in a few months.) So when Executive Vice President of Windows and Devices Terry Myerson announced forthcoming changes to Microsoft’s data collection features in Windows 10, you can bet the Windows faithful were listening.

In his blog post, Myerson renewed Microsoft’s commitment to providing “the most secure Windows ever and a product you love and trust.” It’s a laudable goal and, given the current regulatory pressures in Europe and a scathing rebuke from the Electronic Frontier Foundation, a timely one. Says Myerson:

Many of you have asked for more control over your data, a greater understanding of how data is collected, and the benefits this brings for a more personalized experience. Based on your feedback, we are launching two new experiences to help ensure you are in control of your privacy.

First, today we’re launching a new web-based privacy dashboard so you can see and control your activity data from Microsoft including location, search, browsing, and Cortana Notebook data across multiple Microsoft services. Second, we’re introducing in Windows 10 a new privacy set up experience, simplifying Diagnostic data levels and further reducing the data collected at the Basic level.

Any reduction in Win10 data gathering is praiseworthy, as is any increase in transparency. But will this new initiative significantly reduce the amount of data collected? Or, more important, will we learn more about what data is harvested and how it is handled? The days of “love and trust” for Windows may be gone, but there’s still hope that plain talk and honesty may help us Windows users sleep a little better at night.

January 16, 2017 brianradio2016

Nothing in the world is more dangerous than sincere ignorance and conscientious stupidity. — Martin Luther King Jr.

Imagine driving car without a dashboard. Not only would you break the speed limit and soon run out of gas, but in a new car, you’d lose your engine health readouts, rear-cam view, and other telemetry.

I’ve always seen open data as the telemetry we need to drive democracy. Sure, open U.S. federal government data tends to be widely dispersed, difficult for ordinary people to digest, and often ignored by the news media. But for years vast quantities of open data about everything from agriculture to mining to education to energy have been available for anyone to peruse or download from government websites.

What sort of data are we talking about? For starters, check out the Open Data 500, an NYU project funded by the John S. and James L. Knight Foundation, which lists hundreds of federal government data sources — and 500 private companies that depend on them.