Apple owes a lot of money, but thankfully a new iPhone model is around the corner..

Personally, I don’t think Apple will get away with an appeal.  But I reckon it’ll make Apple think about where they’re going to want to put their next European HQ.  Probably a country which is in the process of leaving the EU…

Regardless, we can probably expect iPhone 7 announcements next Wednesday.  But I don’t care.  I’ve got my Samsung Galaxy Note 7, and it’s a thing of beauty.  This little (haha – but in all seriousness, even at 5.7″, it’s not as big as you might imagine) thing will have to last me at least a year – if not two.  But that’s okay, it’s got enough oomph in it to last the course.

The Hitchhiker's Guide to the Samsung Galaxy Note 7.. DON'T PANIC!
The Hitchhiker’s Guide to the Samsung Galaxy Note 7.. DON’T PANIC!

In comparison to the S7 Edge:

Samsung Galaxy Note 7 (left) versus the Samsung Galaxy S7 Edge (right). Note 7 has a Spigen case, the S7 Edge has a Griffin case.
Samsung Galaxy Note 7 (left) versus the Samsung Galaxy S7 Edge (right). Note 7 has a Spigen case, the S7 Edge has a Griffin case.

What I love about the Note 7 is how clean the UI is in comparison to the S7 Edge.  I’m able to put many more app icons on each screen, and the icons are much more “professional” looking.  The S Pen works fantastically well, and I’m extremely impressed with the ability to write on the screen when it’s “off” (Samsung’s “Always On” display feature) and save the notes for later use.  Only slight issue is that the case tends to hinder even my E.T. fingers at pushing out the pen, but I’ll get used to this.  Unlike the Apple Pencil which I still keep in its original packaging because Apple couldn’t be arsed to design a holder with their covers.

While the screen is curved like the S7 Edge, it’s less pronounced and makes it much, much, much easier to grip with or without the case.  It really does feel much nicer in the hand over the S7 Edge.

The S Pen works fantastically well, and I’m extremely impressed with the ability to write on the screen when it’s “off” (Samsung’s “Always On” display feature) and save the notes for later use.  Only slight issue is that the case tends to hinder even my E.T. fingers at pushing out the pen, but I’ll get used to this.  Unlike the Apple Pencil which I still keep in its original packaging because Apple couldn’t be arsed to design a holder with their covers.

Here’s the first image I took with the Note 7.  It should be identical to that of the S7 Edge.

Note 7 image test
Note 7 image test

Finally, a word about the Iris scanner.  It’s a pain in the rear end.  I’ll be sticking with the finger scanner (and others) for the time being.

I’ll post a more in-depth review after a week’s use.

(Note: I was due to post a report on Guildford’s Comic Con, but WordPress’ text editor / image editor is playing silly buggers at the moment.  I’ll to sort the photos out in Photoshop and deal with them that way.. sigh)

No longer just Let’s Encrypt, cPanel offers free Comodo-backed SSL certificates

With the latest release (to the CURRENT tier, which is considered “release candidate” worthy) of cPanel/WHM, you can now obtain completely free 90 day SSL certificates from cPanel themselves (backed by Comodo) for your web site.  This requires version 58 of cPanel/WHM.  These certificates will automatically be renewed.

2016-07-18_13-35-39

This blog is already using them, and long may I do so.  As I’ve said earlier, obtaining SSL certificates for securing usernames and passwords or e-commerce is now the cheapest (e.g. free) it’s ever been.  There’s absolutely no excuse to run a web site that’s not secured by an SSL certificate now.  None.

If you don’t want to use Comodo backed SSL certificates, there will be a Let’s Encrypt plugin for cPanel/WHM appearing soon from cPanel themselves.

As Apple’s cloud services fall over and go splat..

(See Daily Mail: “Apple’s iCloud comes crashing down” which includes a quote from me courtesy of Twitter, but they managed to mangle the caption (9.2.3 versus 9.3.2) and also includes the typo of the week which is: But it is unlikely the tech giant knew it would unleash furry on the iPad Pro.” – this is why I use an ad blocker these days to prevent publications from getting revenue for poor editing)

.. I’m putting the Samsung Galaxy S7 Edge through its paces.  Android has come far since I last used it in anger.  Yet there’s still no method of setting up a way of getting the phone to keep notifying me of an unread SMS – essential when you’re on-call and you’re in deep sleep.  There are third party apps, thankfully, but finding the right one is tricky.

I put Android Pay to use this morning.  Unfortunately, the uptake from British banks and Building Societies is a bit thin on the ground at the moment.  Thankfully my own bank has adopted Android Pay and it was just as easy to set-up as Apple Pay.  And even easier when it came to pay for a Costa coffee.  If anything, it felt faster.

The S7 Edge has a great camera built in – capable of even shooting in RAW format (requires that you switch to the Pro mode).   But even when on Auto, it takes some great pictures – take a look at this 12 megapixel shot of keys.  Focusing was extremely fast indeed.

Macro shot of some keys - focusing was very fast.
Macro shot of some keys – focusing was very fast.

I’m a bit undecided about the video.  I’ve not had a chance to put either the HD or UltraHD video shooting modes to use – but I have seen footage where it looks the person shooting the video has consumed 90 pints of beer and taken hallucinogenic drugs.  The background seems to distort and wobble.  It’s been pointed out that this is likely due to video stabilisation being enabled – that is, digital video stabilisation + optical image stabilisation = improbability drive effects.

I’ll get back to testing the video functions later.  Not important to me right now – I don’t shoot much video anyway, the important thing is stills photography which seems to me to be one of the best smartphone cameras on the market.

Call quality is excellent.  The unit supports EE’s Wi-Fi Calling out the box (you just need to enable it within the Phone settings), so if you have decent Wi-Fi, you can make calls over that rather than the cellular network.

Pretty much every app I had on the iPhone 6S Plus (bless it’s recently sold soul) is available under Android, and in some cases is a much better experience.  And like the iPhone 6S Plus, the Galaxy S7 Edge has a fingerprint scanner which works pretty well.  Not quite as spontaneous and as flexible as the iPhone, but it’s come leaps and bounds since the Galaxy S5 (which I have as a work phone) and is perfectly usable here.

The “edge” part of the S7 Edge is a lovely idea: you can access frequently accessed content, apps and contacts by simply swiping from the right hand curved edge of the phone.  Really makes a difference and the whole screen looks extremely impressive as a result too.

Google Play, which replaces the temperamental Apple App Store, works and I can remotely install apps from any web browser.  The S7 Edge also integrates into my Google Apps for Work account and I can manage the device remotely – so if it ever fell into the wrong hands, I can perform a remote wipe (or locate it, or both).

Overall I’m very impressed with the Samsung Galaxy S7 Edge and I do not yet regret my move.  Time will tell how fast Samsung will roll out security and Android updates to the device (including new major versions of Android), but so far so good.

You’ll never have to buy another SSL certificate again!

(At least not if you are a financial organisation or need some form of extended validation/identity confirmation)

The SSL certificate marketplace is undergoing an extraordinary transformation.  Once upon a time you could expect to pay a princely sum to obtain what is called an “SSL certificate”.  This is effectively a piece of code that you install on a server (whether it be web, email, or similar) that allows you to encrypt data between two end points (a client such as a web browser and a web server, for example).  The SSL certificate allows the client (browser) to identify the server it’s connecting to.

But as the Internet has grown, the need to protect data in transit (such as usernames and passwords, credit card details, or other personal information) has also increased.  To that end there has been many attempts to provide free or cheap SSL certificates to all and sundry.  Self-signed certificates are no longer good enough.  Unless you explicitly trust a self certificate within your browser, you’ll see all manner of warning messages.  No,  a trusted third party must now be present to ensure that your communications in a web browser are secure.

SSL certificate prices have been gradually becoming cheaper and cheaper over past few years.  I’ve picked up regular domain validated SSL certificates as little as 99 cents (US) or at the most around £2-3 per year.  The drake.org.uk wildcard certificate (which protects an unlimited number of us domains with a single certificate) only cost me 40 quid for two years.

But now things are getting even cheaper – cheap enough to be FREE!

Let’s Encrypt has been one such effort to bring SSL certificates to the masses, for free.  Completely free.  Having left beta, we are going to see a lot of companies and organisations offer Let’s Encrypt as part of their product or service.  cPanel, for example, will be integrating Let’s Encrypt as part of the next major release of cPanel/WHM.  This means that providing that the server operator/hosting company you’re hosting with allows it, your web site will be protected by an SSL certificate for free – automatically.

CloudFlare is another company that’s offering free certificates.  Their free tier allows you to encrypt between their servers and your own (origin) servers – combined with an origin SSL certificate that you install on your server that provides full, authenticated encryption between CloudFlare’s data centres and your server(s).

WordPress and Sucuri are also two other services offering free SSL certificates with their services.

So as you can see – the days of the paid SSL certificate appear to be coming to an end.  The only exceptions are special SSL certificates that require additional validation and assurance – normally Extended Validation (EV) certificates – the ones you’ll normally see at a bank’s web site – the company name all in green alongside the green lock symbol.  These certificates require a lot of paperwork.  This consequently costs quite a bit more money (and time).

But for us mere mortals, we may well never have to spend a single penny on SSL certificates for our sites or services ever again.  We can encrypt for free.  And that’s a good thing.

A good reason never to use your broadband ISP’s email service..

Once upon a time, Google offered internet service providers a branded version of Gmail and associated Apps.  For a while, all was good. Then Google decided it no longer wanted to offer the service and gave the ISPs a deadline to get the hell out of town.

Unfortunately for some, this has proven to be a complete and total farce. Virgin Media (who happen to be my broadband provider of choice – no, seriously, and I’m currently happy with them) appear to have flummoxed their own email service after migrating away from Google.  One issue has been Virgin’s spam filters blocking legitimate mail.  Now an argument has broken out over spoofed emails.

(But don’t worry, Virgin Media, BSkyB also had problems moving away from Google – although they migrated to Yahoo!)

Let me tell you something.  Managing email is bloody hard work.  It has increasingly been made difficult over the past two decades with the increase in spam, phishing and malware.  And when you’re dealing with poorly designed/implemented email clients (Outlook stands out as being one such culprit despite having some fairly decent features) on top of that, you’re asking for trouble.

And this is why many broadband ISPs outsource their email service to third parties such as Yahoo!, Google, etc. because they know full well that it takes a lot of effort to manage and maintain many hundreds of thousands (if not millions) of email addresses.

I’ve been running mail servers for close to 20 years.  And I can tell you that, even managing small number of people/mailboxes, it can be mad.  Back at the Moving Picture Company – around 2002 – I migrated mail from an ancient 486 machine running an obsolete OS to a more modern and updated OS and upgraded Exim.  SpamAssassin was moved to its own server because the thing was a PITA when it came to using resources.  When you’re scanning lots and lots of incoming email, it pays to offload these resources to other machines.  Add Mailman to the mix to provide mailing lists for individual projects, and already you’re juggling a delicate service.  Things were made more complicated when Microsoft Exchange was brought in for business services.  It was expensive, required specialist knowledge, and a complete pig.  I proposed the much cheaper MDaemon (if you were going to run a Windows mail server, you might as well use something decent) which offered pretty much the same features at less cost and fewer resources.  But nope – MPC management thought Microsoft were wonderful and kissed their bottoms to kingdom come.

At Imagineer Systems, I faced the open source Zimba mail server.  It offered calendaring facilities and a reasonable web interface.  But boy, was it a resource pig.  It ran as a virtual server under Xen on a server based in the US and despite upping resources, it was still a pig even for a small company such as Imagineer.  So I persauded them to move over to Google Apps.

I’ve been a Google Apps for Work customer since around 2007 when it was first a limited feature beta.  I even spent a little while as a Top Contributor on the product forums helping out users of the free version.  But when Google started to add premium features for prices I’d couldn’t believe (seriously, it’s one of the lowest cost mail systems out there – plus you get collaborative word processing, spreadsheets, presentations, etc. included). I use a web browser to access my mail.  I read mail and compose mail from within my browser.  I’m practically online all the time, but there is the option to read mail offline if I wish.  I also have access to standard mail protocols such as IMAP and POP3.  I tend to use Gmail’s own iOS app on the iPhone.  For the iPad Pro, I use Apple’s own mail client because Google are extraordinarily slow at updating all their iOS apps to use the higher resolution of the iPad Pro.

But even before Google Apps I’ve had my own email address at this domain and have hosted all my own mail myself.  I’ve gone through so many ISPs over the years that it’s made it necessary to do so.  And this is the problem.  If you’re unhappy with your ISP and you want to move – you’ll lose access to your ISP mail.

One of the biggest problems with ISP email – as well as the ability to scale and keeping everything running smoothly – is that one can’t use additional security features such as two factor authentication.

Even if an ISP offers webmail, I’m pretty sure they won’t offer two-factor authentication when logging in.  Do ISPs offer brute force protection for their accounts?  Many people are likely to be using exceptionally poor passwords.  And even more likely won’t change them every few months.

So people need to look into:

  • Buying their own domain.  A domain doesn’t have cost more than £5 per year, and in some cases it can be cheaper or even free.
  • Finding an email hosting provider.  There are few hosting providers that specialise in just hosting email.  You’re more likely to find a web hosting company that can provide you with your own server (probably running the excellent cPanel/WHM control panel system) for which you can run your own web site and email addresses.  Some provide a simple web hosting service, but you’ll need to look around to find what you need.  People can struggle if they take out their own server.
  • Using a password manager.  Use different passwords for different services (the password manager should be able to generate secure passwords – you shouldn’t need to remember them all – just the master password for your password vault).  Change passwords regularly.  Use two-factor authentication wherever possible.
  • Use Google Apps for Work.  Doesn’t have to be used for work!  You could start off with just one account and add more with the flexible option.  Prices are around £4 per user per month.  Includes 24/7 support.  And no adverts unlike regular Gmail.  Offers two-factor authentication too.