Tag: technology

Identity Theft

In the past six months I’ve received two letters from local health facilities telling me that they’ve been hacked. One office suggested we victims use a company called IDX in case of identity theft. I have Googled IDX, but I do not like that they use cookies. I’m also wary about handing over my social security number. What do you think?

I sure appreciate your vigilance and suspicion! I don’t know if you clicked on the reviews for IDX when you searched for the company, but they indicate pretty clearly that you should steer clear. I’m not asserting that all such companies aren’t worth their salt, but at least a few of IDX’s customers are displeased.

The businesses you are hearing from are under obligation to make some kind of remedial suggestion to you, though I wish they had stricter obligation to maintain tight security in the first place.

What they should be doing is telling you to place credit freezes at the three major bureaus, and to change your major passwords to all be different if they aren’t already. Also use multi-factor authentication on every account that allows.

Sigh.

Your instinct guided you correctly, and keep trusting your gut. If anything on the internet smells even a little fishy, it almost certainly is entirely fishy. That said, you should know that nearly every single website you visit employs cookies. Of a nature it can be a useful technology, for example, letting a web app remember how I had logged into it and displaying my most recent choices on that app. You are not wrong, however, that cookies are also used for purposes more convenient to the site owner than to me, in gathering information about me to sell to data brokers.

The GDPR law passed by the EU in 2016 requires that websites that use cookies must display a choice screen if they want to operate in the EU. I think the spirit is right, though the implementation has proven annoying: rather than use different policies for visitors from different locations, the sites show those choice screens to the globe. So perfectly legitimate, nice, well-meaning, or beneficial websites might show you that they use cookies and let you turn different categories of cookies.

Finally, while I support your care in handing your social security number to just anyone, that number is flowing like water all over the internet, and the credit freezing and password security are our primary, if not only, defenses against identity theft.

Fear mongering

Ronan Farrow tells people to restart their phone every day.

“DNSFilter has found that one in every 644 clicks on unsubscribe links that say ‘click here to unsubscribe’ leads users to potentially malicious websites” – From “Think Twice Before You Click ‘Unsubscribe’” in The Wall Street Journal

Good gravy, I have seen so much misguided fear mongering lately. Like, there’s stuff to be legitimately concerned and vigilant about, but in so many ways that comes down to:

  1. Be careful what you click on.
  2. When you do click on something, make sure it’s the right thing.
  3. Don’t enter your email address or password on a webpage you got to by clicking a link in an email. Go to the site manually and then log in.
  4. When you enter your password for that thing, make sure it is a strong password that is different from every other password you use, and that is stored in a password manager.
  5. Most things should ask you for a one-time two-factor security code, provided by the same password manager.
  6. If you do enter your password into a bogus thing, immediately change your password in the real thing.

The WSJ article isn’t wrong, but they should start it with, “You should absolutely be ready to hit “unsubscribe” on any email you know to be legitimate, which are from legitimate entities that just want to tell you something you might actually wanna know or to sell you something you might actually like. and those entities don’t want to run afoul of the federal CAN-SPAM act, which requires they have an unsubscribe link.” And then talk about the 1-in-644 statistic.

But yeah, if you’re someone who just clicks on every damn thing you see on the Internet, your email inbox probably looks pretty horrorshow anyway, so good luck to ya.

Meanwhile, about restarting your phone every day: That’s insane, or at least irresponsible guidance. It is very unlikely to help if you actually have spyware installed. And Farrow doesn’t highlight how hard it is to get spyware on a phone, almost certainly requiring a targeted attack on an individual, spending time tricking them into installing it.

Instead, Farrow should be talking about passwords and multi-factor authentication, but that doesn’t fit into a soundbite nearly as well as saying that people should be more “freaked out.” They should be vigilant and thoughtful.

Rant over.

How should an individual person buy Microsoft Office?

I updated my MacBook Pro, and now Excel and Word are locked up, telling me I need to subscribe for $100/year. I can’t remember when I bought Microsoft Office. What are my options? Buy the suite, or switch to Google Docs, or what? Are there other options? I tend to feel averse to subscription-model software.

If you can’t remember when you got it and/or your updated computer can’t run the version you have — and if you indeed need to run Office rather than use Google Docs or the excellent open-source OpenOffice — you should prepare to pay Microsoft something.

And if you really don’t need anything but the basics, no extra storage on OneDrive or any new feature Microsoft rolls out, then what you pay should probably be $140 for this one-time license.

I don’t perceive you need any of the more business-y or organizational tools like OneDrive, but if you do, that’s when you pay the subscription. I understand anyone’s reluctance to do so, but truly it is the appropriate model for to keep software that we value in existence.

Latest on AI tools

Just a bit of zeitgeist pasted from a conversation…

…Another well worth mentioning is Perplexity. Their pitch is that it’s built for research, the immediate upshot of which is that the results are organized to lead to your likely next questions. The main features are: 1. it actively searches the web as well as generating from LLM’s, and 2. included are links to real web pages supporting the output. 

Again with the controversy and likely copyright infringements, but the tools are incontrovertibly useful, astonishingly so. Even the stuff in Apple’s latest “Intelligence” feature set has some nice quick “please capitalize and punctuate this nonsense so I don’t have to” abilities that I use. I don’t yet pay for any subscriptions, only the backend API’s. I am able to get most of what I want for free, although I have considered paying for Anthropic’s Claude mostly just to see what it will do, choosing that one for the reasons we discussed. 

I also run a couple of large language models locally on my Mac both for fun and when I don’t want the material out in the world. 

One comparative point I wanted to highlight: While these are all, for so many purposes, interchangeable, they each have their moments in the sun. And in this moment, Google happens to have just released a new model that has received praise, and they are offering 2.5 Pro to all accounts both free and paid as “experimental.” This dropdown menu gives you a good idea of how the different models might be used:

To me it’s a sign of how young this technology is that we have to think about which tool is right for the job. 

I have to acknowledge here and now how little I like the term “AI” in this context — and for different reasons the movie of that name that Kubrick pawned off on Spielberg —  and wish Apple could have kept using “machine learning.” It does not help that now the companies are bandying about “AGI” (“G” for “general”) to represent Kurzweil’s singularity. There is so much nonsense and jazz-hands and jibber-jabber about it, not to mention legitimate concerns and fears, but as that seems true for bloody well everything these days, I’m content using this amazing stuff for what it actually does do very very well. 

Finally, the thing I really want it to do is read my whole computer of my own text, and either answer queries about that or spit my own words back out at me, so I can say, for example “repeat what I wrote Lucy about AI last week.” Apple purported to be working on that, but appears to have been failing in that effort, so much so that they have done some reorganization to address the lack.

AI Notetaking for Meetings

We are considering implementing an AI solution for meeting notes. Do you have any recommendations?

There are now a bunch of tools for this. I stopped employing any of the cloud solutions, to protect client privacy and security, but I am considering a solution to do it locally. Here’s my experience so far:

  • Apple Notes on the phone or Mac is now actually pretty good at recording and transcribing audio. This is my current go-to.
  • Notion is superpopular and if you pay for it, it will AI the heck outta any text your throw at it.
  • I have used Fathom and thought it was cool but didn’t want to pay for it.
  • I just ran into Krisp.ai.
  • I’ve started using MacWhisper a bit for all transcription, and it’s quite slick.

This page is a nice rundown from a trusted source of the current cloud-based offerings.

The benefit to using a cloud-based doohickey is that they’ll have a plug-in running on your Mac or in your Zoom or Teams account, ready to capture any meeting and do all the work for you.

Notes and MacWhisper, on the other hand, will do the trick, though one has to be up for a little manual work: <nerdery>getting or extracting the audio and feeding it into those apps manually. Major upside is they’re running on your Mac, so free and kept entirely local. I am considering recording calls on my iPhone (which is now a thing) and/or using Audio Hijack on the Mac to route audio from multiple apps into a single recorder, and then having Hazel and/or Shortcuts automate from there.</nerdery>

An option well worth mentioning is to build your own custom automation with an excellent tool like Zapier. These have become the new backbone of business operations. I’ve transitioned the main of my work to building them for other folks. In this case, for example, we might have an automation run like:

New Teams recording triggers:

  1. Get the audio
  2. Send to GPT Whisper for transcription
  3. Send to GPT or Claude for summarization, and also separately to list the individual action items and determine/guess the assignees from context
  4. Turn each of those action items into tasks in Asana, with assignments

That kind of build might take an hour or two, plus $240/year for Zapier — which could then do alllllll kinds of other things for you.

Are charging cables all created equal?

The cords in my truck keep dying. Can you recommend cables to withstand life in the passenger footwell? I found a coupon code for Raycon. Are they a decent brand?

Those dang things! Totally normal lifecycle, though. Raycon is a completely OK brand, along with Anker, Cable Matters, Belkin, and Monoprice. There are others but those are easy enough to find. I definitely recommend staying away from the random weirdly named shlock purveyors on Amazon.

However… I would also steer clear of gimmicks like those “Magic” cables that Raycon offers, that swivel or with the heads that flip off to reveal a different jack. Those are just points-of-failure waiting to fall apart on you. And Raycon doesn’t appear to offer normal cables.

Their chargers themselves – the part that plugs into the wall – are fine, though.

And in terms of which type of cable to get, for the iPhone 15 you want one end to be USB-C to go into the phone, and the other end to be either USB-A or USB-C to match the charger you have in that location. Also look for “fast charging” as lesser cables might not charge at all. I think “braided” is nice, too.

This link should take you to a search that narrows things down to what I’m talking about!