Security Research Labs hacks Galaxy S5 fingerprint reader

Is the integrated fingerprint reader on the new Galaxy S5 a sufficient password replacement?  In other words: is the fingerprint reader secure?

The answer is an astounding no.

In my mind, the Galaxy S5 fingerprint reader is just another bullet point on a feature list.

As forensic scientists at Security Research Labs discovered, the fingerprint reader isn’t ready for prime time.

In 2013, the Chaos Computer Club exposed a flagrant flaw in the TouchID fingerprint reader built into the iPhone 5s.  You can relive the moment in this 60 second Youtube demo.

Given how egregious the error was and the concomitant stinky press directed toward Apple, you would think Samsung would make its version of the fingerprint reader – indomitable.

But – oh my friend, you’re way too optimistic.

The fingerprint reader on the Galaxy S5 is beset with problems.

With relatively little effort, a motivated attacker can spoof a valid fingerprint by brushing magnesium powder on paper, door knobs, or smartphone screens.  The prints, known as latent prints, are invisible to the naked eye but easily emerge when dusted with fine powders.

Since every human being on the planet has a unique fingerprint (even identical twins who share the same DNA), using fingerprints to unlock smartphones and make online payments might seem like a good idea. As far as biometrics are concerned fingerprint readers are a good thing; however, they must never be used in isolation.

I think fingerprint readers are a prudent addition to authentication systems but only when coupled with something you know such as a PIN or password.  The innate immutability of fingerprints is what makes them both a blessing and a curse.

The fact that they never change means if someone successfully forges your fingerprint there’s no way to change it.

Think about it: how would you change your fingerprint?  Get a finger transplant? Burn your fingertips?  Seriously, this is one of the biggest issues but still it’s not the biggest.  In my mind the biggest problem is that people constantly leave copies of print evidence everywhere.

Smartphones, deskphones, and keyboards are obvious places where we unwittingly leave behind print evidence.  Here’s my question: how easy is it to lift prints from these common places?

Well, if you have a chemical called Cyanoacrylate, which is ubiquitous in Krazy Glue and other strong adhesives, you can use the vapors to display the print.  This works because Cyanoacrylate is a catalyst that reacts to the oils and salts of a human fingerprint.  You can then take a high-resolution photo of the print and use it to make a mold slab which you can use to gain unauthorized access to the victims phone.

Most criminals may not go through the effort of doing this; however, if you’re a high-profile individual like a politician or president then you could be the target of such machinations.

I’m getting the notion that big brands such as Apple and Samsung are more concerned about selling products than they are about securing them.  Security is invariably an afterthought.  Instead of implementing a software and hardware development life cycle that bakes security into every phase of development, it gets slapped on the end and then touted as a cogent reason for buying the product.

I’m actually disappointed in both Samsung and Apple but mainly Samsung.  I wouldn’t go so far as to indict Samsung as being duplicitous but the fingerprint reader should not be marketed under the rubric of security.

Admittedly, biometric systems aren’t perfect and there are advantages and disadvantages to each system; however, the onus is on Samsung to get it right.

In summary, I exhort you NOT to trust the fingerprint reader alone as the singular key for unlocking your smartphone.  If you’re going to use the fingerprint reader always use it in tandem with something else like a secure password.

Another issue is that businesses are eager to flaunt app integration with fingerprint readers and yet forgo the rigorous testing required before selling the product.  Paypal is a case in point.

On the Galaxy S5, Paypal authenticates money transactions with that notorious fingerprint scanner.  The ramifications are obvious: now there’s even more reason to steal and mold fingerprints.

In response, Sophie Curtis reports that Paypal told The Telegraph:

PayPal never stores or even has access to your actual fingerprint with authentication on the Galaxy S5. The scan unlocks a secure cryptographic key that serves as a password replacement for the phone. We can simply deactivate the key from a lost or stolen device, and you can create a new one

That’s fine but still doesn’t obviate the phone manufacturers responsibility for securing the biometric devices on their phones.  The bottom line is that Samsung abdicated its responsibilities by mass producing something that isn’t ready to market.

I love Samsung but it really missed the ball this time.

Tagged with: ,
Posted in Mobile, News

How can I tell how many CPU cores I have in Windows 8?

Some people have a fervor for knowing all the details of their system hardware.

In Windows 8 you can easily view the juicy specs about your CPU speed, RAM usage and OS bit version.

Just press Windows Key + x + y to get the summary… but what if you want to see how many cores you have?

First let me explain what I mean by core.

CPUs do a lot

I’m going to figuratively say that the computer’s central processing unit (CPU) is analogous to your central nervous system: your brain.

That is, every click, keystroke, and action is processed through the CPU just as every sensory input as a human being is governed by your brain.

The CPU has the laborious task of synthesizing billions of electrical impulses per second.   Technically speaking, the CPU comprises foundational technologies such as:

  • Arithmetic Logic Unit
  • Interrupt Handling
  • I/O Control

Let’s briefly walk through the trio

Arithmetic Logic Unit

The ALU is a fancy name for the digital circuit that works out all the basic math and logic functions on your computer.

I suppose if we extend our brain analogy, the ALU would be your brain’s cortex. We’re getting philosophical here, but your stream of consciousness is the closest comparison I can think of to the ALU because it’s where activity is the busiest.

Interrupt Handling

You’re assiduously banging out an email when your boss suddenly stomps in your office and breaks your concentration.

He drops a heavy UPS box on your desk and the sheer weight of the fall almost topples your desk lamp.

After the dust clears he barks: “Hey, I need you to expedite this package to New York.  The CEO is expecting it tonight.”

Interruptions suck but they are great way to illustrate the daily life of a CPU.

CPU’s are constantly receiving interruption signals from software and hardware which means its attention is always being pulled from the current task (known as a thread).

CPU’s manage all these interruption and ensure that the active thread still gets reliably executed.

Input/Output Control

When you think of I/O control think of a traffic cop.

In addition to managing interruptions and executing math operations the CPU coordinates the flow of data to and from itself with the help of a specialized controller called a Channel Processor.

Usually the CPU offloads chunks of the I/O functions to this Channel Processor which then independently deals with data exchange.

Cores Cores Cores

So what’s the deal with CPU cores?

Just think of one CPU core as one CPU

Thus, a dual core processor means you have two cores; that is – two CPU’s inside of one physical CPU socket.

This pattern continues for quad-core processors and so on.

So a dual core processor is a single CPU with two cores which is roughly equivalent to having two physical CPUs.

Having multiple cores means you can process multiple instructions in parallel.  In addition you actually get a performance surge by squeezing multiple cores on to a single slab of silicon because the signal has less distance to travel and therefore doesn’t a attenuate as easily and allows chip designers to push more data for each clock cycle.

Alright, enough of the pedantic details, here’s how to see how many cores your computer has.

Viewing your cores

Open a command prompt by pressing Windows Key + x + a and paste in the following command:

WMIC CPU Get /Format:List

Use WMIC to get the number of cores of your CPU

Scroll down and look for NumberOfCores and NumberOfLogicalProcessors.  From the graphic above you can see I have a quad core processor.

The second parameter is double the first because my PC is using Hyper Threading Technology.

Another way to view your cores is to simply press Ctrl + Shift + Esc from the Desktop and click open the Performance Tab.

Windows 8 Task Manager CPU Cores

Those eight mini-graphs represent eight logical cores.  These logical cores include both your physical and virtual hyper-threaded cores.

If you only see one chart, you can right click it and mouse over Change graph to and select Logical Processors.

How to view logical processors

Tagged with:
Posted in Windows 7, Windows 8, Windows 8.1

Reinstall Mac OS X Mavericks from a USB stick or Recovery Drive

A maverick is an unorthodox, unconventional person… and guess what?  your intrepid operating system claims to fit the bill.

Usually Mavericks lives a happy life opening apps with felicity and running  Safari with alacrity – but sometimes the story isn’t so sanguine.  In fact, there are a faction of users who’ve seen its darker side and if you’re one of them read on.

When your Mac has you lamenting the day you switched from a PC,  it could be time for a complete re-install.

There are two ways to kick off the show.  The first is infinitely cooler than the second but I’ll tell you both anyway:

  • From a USB Drive
  • From a Recovery Drive

Before I explain I should mention a few things:

You can’t buy a Mavericks DVD

Mavericks is diskless so you can’t just march into an Apple store and demand that a Genius sell you a Mavericks DVD.

If she’s a snob, she’ll regard your request as farcical and will shoo you away but that probably won’t happen.  When I visited the Apple Store at Grand Central Station about a month ago, the Genius cordially told me to download it from the App store.

Mavericks is available as a 5.3GB download from the App store… I’ll show you how to get it in a bit.

The USB install is convenient

Let’s say your a Mac man (or Mac girl) and your home looks like a Macbook Pro got frisky with a Mac Mini and gave birth to a dozen Apple devices.

You know what I’m talking about: you’ve got:

  • a Mac mini in the office
  • a Macbook pro in the living room
  • a Macbook Air in the kitchen
  • and a clamshell iBook G3 from the late 90′s sitting in your garage.

One day you want to upgrade all your Macs (except that iBook because it’s an artifact) to Mavericks; it’s a lot easier to install the OS directly from the USB drive rather than launching the App store and downloading Mavericks on each Mac.  The convenience of the USB boot option compelled me to share this method first.

I’m going to show you that you truely have the finesse to install a bootable version of Mavericks on your USB drive

It’s super easy and compared to the old-hat way of burning the OS to a DVD, a USB drive is more flexible.  For example, whenever a newer version of Mac OS X arrives, let’s say Apple calls it Mac OS X Killer Lion, you can simply erase the old image and copy Killer Lion like any other file.

With a DVD you’re fettered to limited rewrites and glacial write speeds; however, a USB stick is faster, more portable and more useful especially since many Macs no longer include DVD drives anyway.

Getting Mavericks on the USB stick

Alright let’s do this.  Make sure:

  • The USB drive has at least 8GB of space
  • You don’t care about losing everything on the USB drive.

After downloading Mavericks from the App store, we need to copy it from the Application folder or else it’ll disappear before we can create our bootable USB stick.

Open on the Finder, press Shift + Command ⌘ + a and copy the Mavericks installer, named “Install OS X Mavericks.app“, to your Desktop.

Click the cloned version of the app while holding down the Control key and choose Show Package Contents.

Mac OS X Mavericks Show Package Contents

Expand the Contents and SharedSupport folders and double-click InstallESD.dmg to mount it.

Mac OS X Mavericks InstallESD.dmg

Okay, now we need to open the Terminal so we can view a very important file named inside the InstallESD.dmg package named BaseSystem.dmg.

BaseSystem.dmg is an invisible package sleeping inside InstallESD.dmg but we can’t view it by default.  But I’m going to show you a little trick…

With a little dexterity in the Terminal window we can view the contents of BaseSystem.dmg using the open command.

Press Command ⌘ + Space and type

terminal

Now paste in the following command:

open /Volumes/OS\ X\ Install\ ESD/BaseSystem.dmg

Mac OS X Mavericks Opening Base System

Once the package opens minimize the window and open the Disk Utility.  You can get here via Command ⌘ + Space and typing

disk util

Plug in your USB drive and then drag BaseSystem.dmg from the left pane into the Source text box in the right pane.

Next, drag your USB drive from the left pane into the Destination text box in the right pane.

Now click the Restore button to annihilate all data on the USB drive. It took my 32GB SanDisk drive about 8 minutes to finish the restore procedure.

Mac OS X Mavericks Disk Utility Restore Base System

When it finishes, click the BaseSystem.dmg in the left pane again but this time click the blue Eject button in the navigation bar near the top of the Disk Utility window.

Okay now here’s the potentially confusing part but if you follow my lead you won’t get confused.

In the Finder there should now be at least two mounted drives:

  • OS X Install ESD
  • OS X Base System

The first is the OS X Install volume we mounted earlier with that esoteric Terminal command.

The second is your USB drive.  The Disk Utility renamed your USB Drive to OS X Base System.

We need to do two things to finish up our bootable USB drive:

  1. Copy OS X Install ESD\Packages to OS X Base System\System\Installation
  2. Delete OS X Base System\System\Installation\Packages

Let me show you what I’m talking about because I know this looks crazy.

Open the Finder, click OS X Install ESD from the left pane then control-click Packages in the left pane and choose Copy “Packages”.

Incidentally, this folder is about 5GB so it’s going to take a few minutes to copy.

Mac OS X Mavericks copy Packages

Click on OS X Base System (your USB drive) in the left pane and click open the System folder in the right pane.

Next open the Installation folder and delete the file (Command ⌘ + Delete) named Packages.  This is just an alias but we need to remove it.

Mac OS X Mavericks deleting Packages alias

Now paste in the 5GB Packages folder we copied earlier.  Make sure you drop it in place of the Packages alias.  So it should end up in here:

OS X Base System\System\Installation\

Command ⌘ + v drops it in.

Now zip on your hoodie, lace up your Pumas and wire up your headphones because you’re going for a 15 minute jog around the block.

You just created your first bootable USB Mavericks drive and that deserves a celebratory action.  Good work.

When you return to your office, let’s do one last trick to tidy things up.

Open the Terminal again.  We’re going to rename your USB drive from that insipid OS X Base System name to something more meaningful:

OS X Mavericks Installer

Type this:

diskutil rename "OS X Base System" "OS X Mavericks Installer"

Mavericks Disk Utility to Rename Volume

Now you’re cooking with gas!  You’ve got Mavericks on your USB stick now and it’s bootable too.

Pop in the USB stick, reboot the box then press and hold the Option key and you’re good to go.

Mac OS X Mavericks hold options key

Re-installing the OS from Recovery

Reinstalling Mac OS X from a recovery drive is even easier and all your settings are preserved.

Reboot and when the gray screen appears, press and hold Command ⌘ + r.

After about a minute the OS X Utilities screen emerges.

Reinstall OS X

Choose Reinstall OS X and click Continue.

Click Continue on the installation Window to verify your computer’s eligibility with Apple.

This should take less than 5 seconds.

Mac OS X Mavericks

Click Agree to the license contract to sign your life away…

Mavericks License

Now select your drive… and you’ll be up and running in no time.

Install Mavericks, Unlock the drive with your Admin password

The Bottom Line

To re-install Mac OS X Mavericks on your Mac you can either create a bootable USB drive or use the OS X Mavericks installer from the Recovery Drive.

Creating a bootable USB drive has the fortuitous side effect of creating an emergency backup of the OS.  In addition, the USB Drive makes it really easy to install Mavericks on your other Macs.

Installing from the Recovery drive is another option and is as easy rebooting, holding down the Command ⌘ + r keys and clicking through an installation wizard.

If my little post helped you through a frustrating time or if you have questions about it please share in the comments!

Tagged with:
Posted in Apple, Mac OS X 10.9 Mavericks

How to disable the touch screen display on your Windows 8 computer

Our materialistic society is absolutely enamored with useless stuff.

  • Why do I need a 41MP camera on my smartphone?  
  • Why do I have 3 dozen apps when I only use 4 or 5 daily?
  • Why the hell does my phone record videos in 4K UHD?
  • Why do smartphone keep losing weight? The smartphone industry is in a perilous race toward anorexia.

When news breaks of some new gadget a melee breaks on the web as everyone rushes to be the first to own it.

Most people just want the latest mode; they want to be at the vanguard of what’s hip, vogue, and unique. With technology this is evidenced by the mobile mania that sweeps our country every Spring and Fall.

But this is the thing: Our acquisitive desire to amass the slickest accouterments has both impoverished and enslaved us at the same time.

By glutting our tech appetites on shiny, tiny computers such as phablets, tablets and phones we unwittingly increasing our dissatisfaction in what we already have.  Furthermore, our avarice leads to poverty as our discontent categorically refuses to be satiated.

Touch on a PC is absurd

One of the things that really really pisses me off are the stupid touch displays on desktops and laptops.

Why the fuck does my desktop computer have a touch screen panel?  It’s one thing for a smartphone to have a touch display and it’s another for your tablet to be touch-ready – but why does my Desktop and Laptop PC have touch screen displays standard?

This is tantamount to buying a minivan with a tachometer.  What soccer mom out there is actually checking the RPM’s of her Dodge Caravan while she hauls little Jennifer to the game? Tachometers are stupid in family cars for the same reason that touch screens are stupid on PCs.

First of all, no sane person is going to use the touch screen display on a desktop to tap out an email, compose a novel or browse the web.  Even if your keyboard failed you would simply buy a new keyboard.

Secondly, touch screen displays condone bad posture.  The human wrist wasn’t meant to twist and writhe in the absurd positions necessary for touching a monitor while sitting.

Third, touch screen displays are like bacon lard, it adds “financial fat” that you don’t need.  Why spend the premium for a touch computer?  You work hard for your money and you’re a scrupulous spender so don’t accede to the hype.

Conversely, proponents of touch might say that everything is moving toward touch so you might as well get used to it now.  Others might add that it works well with the Windows 8.1 Start Screen and looks really neat when your friends come by and see how hip you are.

My rejoinder is simply that touch certainly has its place but it doesn’t belong on a PC.  Touch screen displays are better suited for tablets and smartphones because the smaller size makes it easier to use.

How to disable the touch screen

Today I finally mustered up the strength to disable the touch screen on a friends Desktop computer; however, I quickly lamented the hour I volunteered to help.

The process actually wasn’t straightforward and depending on the PC manufacturer and the software installed on your computer, there are a motley of possibilities for pulling this off.

When it comes to PC’s, I’m no neophyte – so I reasoned I’d disable this touch screen display in a few seconds.

I nonchalantly clicked open the Control Panel and opened Pen and Touch but then stalled.

<screeeeeech>

I couldn’t find anything even remotely resembling a disable button or checkbox.  I clicked the Touch actions items, the Settings button and toggled options but the touch screen adamantly refused to die.

Windows 8.1 Control Panel Pen and Touch

 

Now I’m exasperated.

I thought to myself:

What the..? I am not googling this. I am not googling this.  This is stupid I can figure this out.

Then it caught my eye…

With lightning precision I noticed something called Tablet PC Settings.

Windows 8.1 Tablet PC settings

Eureka! I’m about to disable that odious option…

My eyes narrowed and the corner of my lip curled as I clicked through tabs and drop down boxes like a madman.

My odyssey to find that stupid setting comes to an end NOW

But alas! My joy was quickly curtailed when I realized this was about as useful as a car exhaust grill.

If you haven’t seen a car exhaust grill, google it, it’s hilarious.

Anyway, speaking of Google I finally capitulated, swallowed my pride and googled the solution.

This is how I fixed it:

As an Administrator, open the Device Manager by pressing the Windows icon key + x + m.

Expand the Human Interface Devices section.

If your face turns to a ghostly pallor because of all those HID thingies don’t worry – it’s just a list of all the drivers requisite for running various peripherals such as USB devices.

Skip over the consumer control devices and focus on all those HID-compliant device icons.

We’re going to systematically right-click each HID icon, disable it and touch the screen to see if it’s disabled.

If it’s not disabled, right click the HID icon again, enable it and move down the list to repeat the previous step.

Human Interface Devices in Device Manager

Keep doing this for all your HID’s until you find the right one.  It’s usually either the second or third HID-compliant device; however, it varies depending on the system.

I was elated when I found mine but I was also indignant because I wish the process was more intuitive.

I hope this little article saved someone the vexation I experienced.

The Bottom Line

The bottom line is that a touchscreen on a PC is absurd.

Whenever I hear benighted touch screen advocates breaking into panegyric for how cool their touch desktops are I think to myself: you’re not cool, you’re a fool for wasting money on something that has no functional value.

And so I’ll end this article in the same way I started it…

  • Instead of a 41MP smartphone give me a battery that stays charged for days
  • Instead of 3 dozen apps give me 5 that can replace the rest
  • Instead of recording ultra-high definition videos on my phone give me a phone that doesn’t freeze when I try to call someone
  • Instead of an emaciated, ultra-thin phablet give me one that feels good in my hand and is durable enough to obviate the need for a case.

Oh and of course I can’t leave this one out:

  • Instead of a touch screen PC just give me one that’s fast and reliable.

Is that too much to ask?

Tagged with:
Posted in Desktops, Hardware, Laptops, Windows 7, Windows 8, Windows 8.1

All about the Heartbleed bug and how to protect yourself

Heartbleed Logo

There are three people you should thank right now:

  1. Neel Mehta of the Google Security Team
  2. Adam Langley from the Google Chromium Team
  3. Bodo Moeller of the Association for Computing Machinery

Both Adam and Bodo work for Codenomicon and coined the name Heartbleed to describe their discovery of the cataclysmic bug that is currently affecting millions of web applications around the world.

The bug is technically known as CVE-2014-0160 and according the internet services firm Netcraft, over 66% of all the webservers in the world are affected by the Heartbleed bug.  That’s approximately half a million widely used websites that are now vulnerable.

And guess what?

Yahoo was one of them.

Yesterday, Yahoo told CNET:

As soon as we became aware of the issue, we began working to fix it. Our team has successfully made the appropriate corrections across the main Yahoo properties (Yahoo Homepage, Yahoo Search, Yahoo Mail, Yahoo Finance, Yahoo Sports, Yahoo Food, Yahoo Tech, Flickr, and Tumblr) and we are working to implement the fix across the rest of our sites right now. We’re focused on providing the most secure experience possible for our users worldwide and are continuously working to protect our users’ data.

Shortly after 3PM EST Yahoo plugged the hole; however, the point is that not even big sites with big budgets are hermetically sealed from the implications.

I mean, yesterday, Joost Bijl of Fox-it security, posted the censored results of the actual exploit of Yahoo’s servers:

Heartbleed example from Foxit

In the right column of the screenshot, you can actually see the login names and scrubbed passwords of real Yahoo users.

This is no joke.

But Yahoo isn’t the only one affected.

You can peruse a list of the top 10,000 sites in the world vulnerable to Heartbleed.  You might be find surprised at who shows up in the list.

Imgur, OKCupid, and LastPass were all running affected versions of the OpenSSL cryptographic libraries but thankfully all three companies have mitigated the threat.

What’s the big deal?

The Heartbleed bug enables an attacker to covertly retrieve data in 64KB chunks from random memory locations on the server.

Admittedly, the culprit has no idea what he’ll get from that 64KB memory block (it’s like blind fishing); however, when the attack is iterative it becomes extremely dangerous because all sorts of sensitive stuff sits in memory…

  • Private Keys
  • Passwords
  • Credit Card Numbers
  • Session Data

For nearly two thirds of the webservers out there, the integrity and confidentiality of data is at risk.

An attacker could discretely eavesdrop on “encrypted” conversations or even masquerade as the server fooling unsuspecting users into divulging sensitive data.

When the servers private keys are compromised encryption because futile.  In Public Key cryptography, only the private key can decrypt an encrypted message; but when the private key is exposed – encryption is rendered useless.

But it’s actually worse than that.

Matt Sullivan made a cogent demonstration on how easy it is to completely hijack a users web session with the vulnerability.  Session hijacking means the attacker basically has a magic cookie giving him unfettered reign on authenticated web sessions.

In short, the HeartBleed bug gives an attacker carte blanche access to anything sitting in the servers memory.

Clearly the ramifications of exploitation are abysmal.

The root issue

The root of the problem is what coders refer to as a buffer overrun or “missing bounds check”.

Let me explain:

OpenSSL is an open-sourced library that provides cryptographic functions to millions of web applications.

In OpenSSL versions 1.0.1 through 1.0.f, there was a new addition called the TLS Heartbeat Extension.  You can read the pedantic RFC on the IEFT’s website; but I’ll spare you the boredom.

Just think of it like this:

Just as your physical heartbeat keeps you alive with each beat, so the TLS heartbeat tells the client and server that the encrypted session is still active.  This is especially important when no data is being exchanged because both computers need a way to make sure the other one is “still there”.

When the server received a HeartBeatRequest message it has to send a corresponding response carrying an exact copy of the payload it received in that request.

But here’s the vulnerability:

If the attacker sets the length of the payload to a value greater than the actual payload size any data sitting in memory after the payload will automatically get copied in the HeartBeatResponse packet.

So in vulnerable versions of the OpenSSL stack, an attacker can craft a benign heartbeat request of a relatively small size but then surreptitiously set the length of the payload in the data packet to something like 0xFFFFF.

So what?

Well 0xFFFFF is hexadecimal for 65,535 bytes.

When the server receives this jumbo heartbeat packet is indiscriminately copies the heartbeat request to memory but also any other bits of memory sitting next to it get dumped in the response.

In other words, any sensitive information sitting in the difference between the payload length value and the actual payload itself is returned to the attacker as a 64KB memory chunk in the next heartbeat.

That’s why this is called the HeartBleeder attack because the bug makes the server bleed it’s sensitive guts to malicious hackers.

Ramifications

Jamie Blasco, Director at research firm AlienVault Labs says that this bug has “epic repercussions”.

It’s epic because changing your passwords – although a necessary next step isn’t sufficient.

Affected providers such as Yahoo, OkCupid and millions of others, need to not only patch the security flaw but also replace the compromised keys and certs.  This entails revoking those adulterated certificates and reissuing new ones.

The enormity of this breach cannot be overstated.  And the nature of this threat is such that it leaves no evidence of exploitation.  In other words, when an attacker executes the attack there’s no indication in the logs that the server was even victimized.

Certificate owners and service providers need to check with their Certificate Authorities (CA) to see how to revoke and reissue their keys.

What should I do?

Three things:

  • Change your passwords
  • Delay logging into sites that have your personal information for a few days
  • Test the site for vulnerabilities

Change passwords

This is obvious and onerous but it’s imperative.

Facebook, Tumblr, Yahoo, Google – everything needs to get a password refresh.

But don’t just change it… you also need to make sure your passwords are both strong and unique.  And don’t share the same password across multiple sites.

That’s why I use LastPass for this kind of thing because it’s a secure means of storing and protecting your passwords… and it’s free.

Abstain from the web

In addition, I suggest abstaining from any sites that hold personal information.  We need to wait a few days for the major sites to revoke and reissue their vitiated certificates before we login again.

There’s no point in changing your password and then logging into a comprised server only to have it stolen again.

Test sites yourself

Finally, you can test websites for the Heartbleed bug by entering the URL into Filippo Valsorda’s Heartbleed tester.

The Bottom Line

The Heartbleed bug has actually been effectual for over two years, specifically according to Codenomicon, since December 2011.

<shiver>

Given the ubiquity of OpenSSL, with that kind of exposure for such a long time at least one of your accounts has a high likelihood of being compromised.

The Heartbleed bug is a sweeping problem that was either a programming mistake or a volitional act of malice.

I want to believe the former; however, I have no evidence to support my belief.  Apparently, I’m not the only one who shares this sentiment.

On his blog, the preeminent security expert Bruce Schneier muses that we’re all asking the wrong question.  He ruminates:

The real question is whether or not someone deliberately [emphasis mine] inserted this bug into OpenSSL, and has had two years of unfettered access to everything. My guess is accident, but I have no proof

This obviously veers in the realm of speculation but it’s an intriguing thought…

We know the German software developer who worked on the code containing the Heartbleed bug claims he “unfortunately missed” the bug two years ago.  But it’s odd because the developer, Robin Seggelmann, is also one of three authors who worked on that RFC 6520 specification.

There’s a lot of speculation on Hackernews about this but nothing substantive so you should but your judgment in abeyance.

But I wonder….

Who knows.

Maybe we should just scrap all our computers and go back to the stone ages when Tablets were actually tablets of stone.  That would obviate all our security problems right?

Well, we’d have to worry about people stealing our tablets then but… I digress.

Seriously – I really wish there was a happy ending to this debacle; however, the truth is it’s going to take months to clean up the collateral damage.

The Heartbleed bug is a sober reminder that we live in an interconnected world where one mistake can have devastating effects for millions of people.

Refresh your passwords, take a break from the internet if you can and see if the website you’re trying to access is vulnerable before logging in.

Oh, and please share your thoughts in the comments!

Tagged with: ,
Posted in News

Windows 8.1 Update is here

Discerning Windows 8.1 users may notice a new update in the Update and Recovery center today.

Microsoft conventionally releases updates on Tuesdays.

IT administrators and computer gurus colloquially refer to this monumental day as “Super Tuesday” or “Patch Tuesday”.

Today is reason to exultant because a valuable update was just unleashed.

Keyboard and Mouse users rejoice!

Keyboard and mouse aficionados once disparaged Microsoft for supplanting their needs for pompous touch-users who flouted keyboards and thought mice were obsolete.

Dogmatic users asserted that touch screens would eventually replace keyboards therefore everyone might as well accede to this nascent touch movement.   But millions of customers dissented (including me) because we think there are still people with an inseparable affinity for keyboards and mice.

These peripherals aren’t antiquated.

I’m glad to see Microsoft nod in agreement.

Windows Update 1, now simply known as Windows 8.1 Update, is teeming with improvements - Microsoft wisely delineated the user interface changes on its blog today.

If you’re not as elated as I am about the interface changes you still need to install the Update chiefly because Microsoft has made this update the prerequisite for receiving future updates.  In other words, you won’t be able to download new features and security patches unless you have this Update.

In a statement on the Microsoft blog, Michael Hildebrand said:

Failure to install this Update will prevent Windows Update from patching your system with any future updates starting with Updates released in May 2014 (get busy!)

The Windows 8.1 Update will become the touchstone on which all future updates will lean on so it’s pretty important.

What you get

Here’s what your computer is getting:

  • Boot to desktop by default
  • Power and Search buttons on Start Screen
  • Context menus via right click on Start Screen Tiles
  • New App installed notifications on bottom of Start Screen
  • Pin Apps to Taskbar
  • Modern Apps get Minimize and Close buttons
  • Skydrive becomes OneDrive
  • Internet Explorer gets Enterprise Mode for backwards compatibility with older version of IE
  • View app sizes in a new Disk Space setting in PC and devices.  You can easily see which apps are consuming the most space.
  • Show estimated data and Forget this network returns when you right click on your WiFi network.

If you install the update on your tablet it’ll magically divine that there’s no need to boot to the desktop so it boots to the Start Screen instead.

Clever.

One more thing:  the update purportedly included a new Start Menu; however, this was a false rumor proliferated on the interwebs because of statement taken out of context at the 2014 Build Conference.

An image of the Start Menu was shown during a presentation to denote a feature in a future  update; unfortunately we’ll have to wait indefinitely for that one.

Impetuous users who can’t wait for Microsoft to revive the Start Menu should check out Start Menu Reviver and Classic Shell.  Both of these are the best Start Menu replacements I’ve seen for Windows 8 and both are free and customizable.

How to install the update

Alright enough talk: here’s how you can get the update.

The update (singular) actually comprises several updates.  In other words, this is a big boy.

The first update you need is KB2919442.  You can download it manually but the easiest thing to do is just run Windows Update.

Press the Windows Key + w and enter this this:

windows update settings

Click the gray Check Now button in the right pane and wait for Windows to work its alchemy…

Update and Recovery Check Now Windows 8.1

You can hunt and peck for the updates you need but I recommend just checking Select all important updates and choosing Install to get started.

Windows 8.1 View Details Select All Important Updates

My Final Thoughts

I’ve been using Update 1 since February 4th and can attest to its usability enhancements.

It’s becoming my conviction that Microsoft is really starting to get things right.  I feel like the software giant is listening to its customers and really taking our feedback to heart.

On the one hand it’s frustrating when Microsoft removes features you’ve become conversant with but on the other hand it’s a challenge to make sure the world is happy with Windows.

In a candid interview with CNET, Chaitanya Sareen, Principal Program Manager Lead for Windows, told editor Tim Stevens:

The product is living. There are some times when you have to take a bet, and there are times when you have to adjust what you’re doing.

He went on to compare working with Windows like “ordering pizza for 1.5 billion people.”

I’m not going to empathize with Microsoft here but given the prodigious amount of users who depend on the product and who incessantly want a voice in development, I can see how making software for everyone can become a herculean chore.

Ultimately I’m happy with this update and I hope Microsoft continues to listen to its customers.

Let’s see if they deliver on that Start Menu thing…

Tagged with:
Posted in News, Windows, Windows 8.1

3 tips to stop your Galaxy S4 from randomly rebooting

What’s worse than a skittish smartphone with a slow browser?  A skittish smartphone that keeps randomly rebooting.

When your Galaxy S4 get’s stuck in the twilight zone it’ll do some silly stuff.  That’s why I wanted to give you 3 tips to stop your Galaxy S4 from randomly rebooting.

Here’s what you should do:

1 Battery Break-dancing

Remove the battery and spin it like a dradle on a flat hard surface.

Samsung Galaxy S4 Battery

That’s right; we’re making your battery break-dance like a 80′s hip-hop dancer.

If it spins then there’s probably a bulge or the battery is swollen. Samsung is cognizant of this issue so just call up your nearest Samsung service center and explain the problem.

Samsung should replace your battery gratis.

But let’s say you don’t have a bumpy battery and your phone chronically restarts itself.  

What’s the deal?

2 Update your software

Sometimes updating your apps and system fixes the problem.

There are two places we need to update:

  • Google Play
  • System Updates

Updating app with Google Play

Tap open the Play Store then when the Google Play app opens, tap the little Play Store shopping bag icon in the upper left corner of the screen.

Your options drawer will slide in the from the left edge of the screen. Touch My Apps.

Samsung Galaxy S4 Play Store

You can pick specific apps to update; however, I’m lazy so I just tapped Update All.  

I actually suggest flipping through the full app list before mindlessly doing what I did because you may spot some apps you no longer want.  There’s no point wasting time updating those.

Samsung Galaxy S4 Google Play My Apps 

After updating our apps we need to update the system.

Updating the System

Swipe down from the top edge of the screen with your index finger to expose the Notification Center.

Now tap the cog in the upper right corner, choose the More tab with the three dots on far right of the screen then flick down and open About phone.

Samsung Galaxy S4 About Phone

Tap Software update and knock it out.

Your phone’s operating system is constantly evolving and developers are assiduously plugging vulnerabilities and bugs; thus it behooves you to check for updates periodically.

In addition to fixing your random reboots, updating the system has the fortuitous benefit of protecting you from the latest security threats in the wild.

Samsung Galaxy S4 Software Update

Usually updating your phone won’t nuke your settings; however, to be sure I would backup your contacts and photos anyway.

Samsung Galaxy S4 Software Update

You can use Smart Switch from Samsung to get started with that.

3 Use Safe Mode to Delete Apps

It’s possible a third-party app is responsible for your grief.

Try this: boot your Galaxy S4 into Safe Mode.

If the phone doesn’t exhibit the problem in Safe Mode then you know there’s at least one aberrant app debilitating your phone.

Start sifting through your apps and deleting useless apps.

One useful app I use that makes clean a breeze is Clean Master.

This super app cuts through cache, flushes your digital trash and purges programs from flash memory like a champ.

Samsung Galaxy S4 CleanMaster

Just tap open the App Manager in the bottom right corner of Clean Master then peruse the list for unwanted apps.  You’ll probably find stuff in here that you’ve never heard of and don’t need.

If it says Rarely Used and has a blue check mark with the word “Safe” next to it, you typically won’t break anything if you kill it.

Samsung Galaxy S4 CleanMaster App Manager

After you get rid of the dross, reboot and use your phone normally and you should be fine.

The Bottom Line

Nothing will cause you to deprecate your Galaxy S4 more than when it stops working and very few things are more infuriating than when it reboots interminably.

But there’s no need to get violent or despondent!

If you do these three things you’ll probably fix the issue:

  • Replace the battery
  • Update the OS and apps
  • Purge extraneous apps

If this helped you please share in the comments!

Tagged with:
Posted in Hardware, Samsung Galaxy S4, Smartphones, Smartphones

How to delete your Windows.old folder

If you perform a custom Windows installation and choose not to format the hard drive or you upgrade Windows to a newer version you’ll most likely see a folder on your C:\ drive named Windows.old.

Windows 8 or 8.1 users will also see the Windows.old folder after doing a Refresh.

Incidentally, a Refresh essentially installs Windows on-top of itself while perserving your personal files and settings.  You can get there from the Start Screen by typing

recovery options

Refresh your Windows 8.1 PC

Finding old files

That obscure Windows.old folder contains not only your old Windows installation files, which probably isn’t a big deal, but also your old Documents, Settings and Programs.

So if you can’t find an elusive photo or document after upgrading Windows then this is the first place to search.

Press Windows Key + r and type this in the Run box:

%systemdrive%\Windows.old

Windows 8.1 Run Box

Now you can dig into your folders and save off your old stuff.

Deleting Windows.old with Disk Cleanup

After you rescue your files we should delete the folder. Mainly because the Windows.old folder is unnecessary and often consumes an inordinate amount of space (sort of like the WinSxS folder).

For example check out the Properties on my Windows.old folder:

Windows 8.1 check out Windows.old properties

Why am I wasting 5 gigs?

Unfortunately, you can’t remove it by simply pressing the Delete key because your user account doesn’t have ownership of the folder.

Thankfully we can circumvent this by using our good old friend Disk Cleanup.  Just make sure you know the Administator password because non-admins can’t pull these tricks off.

Press Windows Key + r  and paste in the following command:

cleanmgr.exe

When the Disk Cleanup wizard appears select your drive and hit OK.

Windows 8.1 Disk Cleanup Drive Selection

Click the Clean up system files button in the bottom left corner of the description box.

Windows 8.1 Disk Cleanup Clean up System Files

Place a check in Previous Windows installations(s) and choose OK

Windows 8.1 Delete Previous Windows Installation

Removing Windows.old via the Command Prompt

Killing Windows.old from the command prompt is trickier but undeniably cooler.

Open the the command prompt as an Administrator by right-clicking it and choosing Run as Administrator.

We’ve got a trio of commands to run.

In the elevated prompt paste in the following line:

takeown /F C:\Windows.old\* /R /A

Take ownership of Windows.old

takeown allows you as an Administrator to take ownership of a folder owned by another user or process.

The weird /F C:\Windows.old\* thingy means you want to take ownership of all the files in that Windows.old folder.

/R makes the command recursive.  In other words, you’ll take ownership of the parent folder, Windows.old, and all the subfolders and files contained inside.

The /A thing gives ownership to all accounts in the Administrator group (not just the currently logged in admin user).

Okay now paste in this command:

cacls C:\Windows.old\*.* /T /grant administrators:F

Grant Administrators access to Windows.old so you can delete it

cacls let’s you modify the access control on specific files.

Here we’re telling Windows that we want to give the Administrators group carte-blanche access over everything inside the C:\Windows.old folder.

We’re basically hijacking the folder.

Now paste in this final command:

rmdir /S /Q C:\Windows.old\

RMDIR Windows.old

This powerful command essentially drops an Atom bomb on the folder.

rmdir /S removes all directories and subfolders and the /Q zaps everything without bothering you for confirmation.

After running these commands you’ll undoubtedly see a prodigious sum of text scroll up the screen at a lightening speed.

That’s fine – Windows outputs the result of each file modification so you’re just seeing the results of each modified file.

The Bottom Line

If you ignore the Windows.old folder, Microsoft automatically purges it after 28 days; however, if you’re pressed for space and need it immediately you can easily delete the folder by using the Clean up systems files button in Disk Cleanup or taking ownership of the folder and removing it via the command line.

That’s it!

Tagged with:
Posted in Windows, Windows 7, Windows 8, Windows 8.1

3 smart ways to speed up Chrome on your Galaxy S4

Chrome is great.

I mean, seriously who doesn’t like Google Chrome?

It has the charisma of Nelson Mandela, the flexibility of Boyanka Angelova and the speed of Usain Bolt

Umm…

. . .

Okay fine – nothing is as fast as Usain Bolt.

My point is that Chrome pretty much kicks ass.  It has abounding extensions, multiple profiles, and a built in task manager that puts inferior browsers such as Internet Explorer to shame.

But occasionally Chrome puts me in choleric mood.  It randomly crashes and has other vexing issues.  Thankfully there are reliable ways to speed up Chrome on your PC but these tricks aren’t as easy to implement on your Galaxy S4.

Today I want to arm you with three power tricks for speeding up Chrome on your android smartphone.

You don’t need to root your device you should notice results immediately after relaunching Chrome.

Let’s get to it!

1. Disable click delay in Chrome

If you visit a website that isn’t optimized for mobile then the display window (technically called the viewport) is zoomed all the way out.

The result is microscopic text which requires that you either pinch or double-tap to zoom.

Google introduced a 300 millisecond delay to account for the double-tap to zoom gesture on non-mobile optimized sites.

But times have changed.

Despite the fact that less than half of the 1,858 survey responders in a 2013 Adobe study are developing mobile optimized sites, there are still more mobile first sites today then there were 5 years ago and the trend continues to search, based largely on consumer demand.

According to a 2011 Trinity Digital Marketing infographic, over 1.2 billion people are accessing the web from mobile.

In addition, page 18 of 112 of the 2012 KPCB report on Internet Trends, shows mobile internet traffic is poised to usurp desktop traffic.  In fact, some analysts predict the eclipse will happen as soon as this year.

Check out the chart from Comscore:

Mobile traffic vs Desktop traffic in Comscore

My point is that Google recognized that web developers and designers were adjusting the changing landscape of digital consumption.  People are consuming content from smartphones and tablets and we’re seeing a paucity of non-mobile optimized sites.  This means you less people are having to double-tap-to-zoom.  Mobile first sites make such gestures superfluous.

So the 300ms delay is superfluous too and can be disabled.

Now, 300ms may not sound like a lot but this little tweak can make the web feel slightly snappier.

To disable click delay, open Chrome on your phone and and paste the following address into the omnibar:

chrome://flags/#disable-click-delay

Disable Click Delay in Chrome for Galaxy S4

Tap the blue underlined Enable link and scroll down and touch the Relaunch Now button to commit the changes.

2. Enable Chrome Smooth Scrolling

If you screen chronically skips or stutters when scrolling this next setting will help your browser get its spunk back.

We’re going to give our voracious browser the thing all computers crave:

MORE MEMORY!

Paste the following address in the browser omnibar:

chrome://flags/#max-tiles-for-interest-area

Now, tap the drop down box named Default

Set maximum tiles in Chrome for Galaxy S4

I set mine to 512 and this works for most people but if you have an emaciated Galaxy S4 starving for RAM try 256 first. (128 is the default).

Set maximum tile values in Chrome for Galaxy S4

After making the change restart your browser.  You see an immediate improvement in responsiveness and speed.

Also please note that this won’t make your webpage render the screen elements faster but it will scroll about as smooth as spreading hot butter on a muffin.

And you know that’s pretty dang smooth…

3. Enable Offline Browsing

This last one isn’t really a speed trick but it’s worth noting since we’re already poking around the Chrome flags.

Paste this into the mighty omnibar:

chrome://flags/#enable-offline-mode

Enable Offline Cache Mode in Chrome for Galaxy S4

Let me explain what this does and why you might want to enable it:

Here’s the scenario:

You’re on a date with the girl of your dreams and you’re trying really hard to impress her.

But this is the thing: she’s really smart.  In fact, she graduated top of her class from an ivy league school, is a member of MENSA and understands game theory so well that it would make John Nash blush.

So how do you measure up?

Man, you’re a buffoon, an oaf, a complete imbecile.

It’s not that you’re stupid but when you’re around this girl she makes you feel dumber than a brick.  But she’s hot so what the heck…

Anyway, you guys are in the midst of an invigorating conversation about astrophysics and the origin of the universe when she asks you what you think about the Kalam Cosmological Argument.

“So do you agree with Thomas Aquinas and Aristotle or dissent with their opinion?”

“I um… ”

She stares back at you fluttering her pretty eyes eagerly waiting to be enlightened by your lucid mind.

“I…  hold on one second I need to take this call real quick”

You dart from the dinner table, sprint to the restroom and start Googling like you were the phone-a-friend on Who Want’s to be a Millionaire.

But your favorite site that has the answers, that you’ve visited before, won’t load.

It turns out a major media outlet promoted that site on live TV and an influx of new traffic crashed it.

So here’s my point:

If you enabled Offline Cache Mode in advance then you could have read the page even though the site was currently down.

Since you visited the site before, your browser had sections saved locally on your phone.  But by default Chrome quits when it can’t resolve a website; it won’t tap into locally stored page elements unless you tell it to.

Offline Cache Mode forces Chrome to render the saved version of your site instead of displaying that ugly “the webpage is not available error”.

If had this enabled it would have saved your relationship man…

The Bottom Line

Why should the desktop version of Chrome get all the glory?

It’s a patent fact: mobile phones are becoming increasingly ascendant and people want to browse on the go.  But over time stuff gets slow – that’s why I’ve armed you with three little known Chrome tricks to boost the performance of your smartphone.

When Chrome on your Galaxy S4 starts throwing a tantrum try this to speed it up:

  • Disable Click Delay
  • Enable Smooth Scrolling
  • Enable Offline Browsing

If this helped you please share in the comments!

Tagged with:
Posted in Mobile, Samsung Galaxy S4

How do I take screenshots in Mac OS X?

Apple Keyboard

Are you tired of your friends belittling you because you adore your little Mac?

Sometimes I hear zealous PC guys recounting the onerous process of taking screenshots on the Mac and how no one can remember the silly key combinations.

So you’re telling me to take my right index finger and place it on the command button, then stretch my pinky all the way to the number pad while holding the Shift key with my chin?

Or I could just press the PrtScn key on my PC.  Hmmm… yeah I’m sticking with my PC.

In all candor, the first time I started using my Mac I couldn’t figure out how to take screenshots.  I’m a PC guy because it’s what I grew up on; however, that doesn’t mean I feel antipathy toward Apple.

I think Apple makes good products and my Mac Mini rarely gives me problems but there is one thing that bothers me:  I keep forgetting how to take screenshots on my Mac.

That’s why today I’m not only going to tell you how to take screenshots on your Mac but also give you a mnemonic that will permanently prevent you from ever forgetting.

It’s a graphic memory tool but that’s why it works.

Children close your eyes.

Taking full screenshots

Have you ever noticed if you take the number 3 and rotate it 90 degrees it looks like two voluptuous breasts?

Now that I have your attention: think of yourself as a professional photographer with your wife as the model (I’m really trying to keep this clean)

In a rare moment of creative genius you ask her to stand on the porch in front of the screen door while you focus the lens on her gorgeous physique from the other side.

You’re trying to capture her physical beauty through the screen door. The screen adds an intriguing moire pattern that produces a captivating aesthetic.

So this is the thing: she’s posing topless and you want to take a full frontal snapshot but it’s noisy because a bunch of loquacious models just walked in and your vociferous assistant keeps prattling about last night’s episode of The Voice.

So instead of quietly instructing your wife how to pose you elevate your voice above the chatter and shout a Command telling her to Shift her position so you can capture the perfect view of her jewels through the screen.

Command Shift 3

Command Shift 3 takes the full screen

It may sound perverted but it doesn’t have to be.   If you really visualize this scenario: I guarantee you’ll never forget how to take full-screen screenshots on your Mac again.

Smell the summer air… the scent of freshly cut grass… hear the background chatter of your unwanted guests… see the beauty of your wife’s figure through the fine gray grid of the screen door… really insert yourself into the scene and you’ll never forget this key combo.

Command Shift 3 takes the full screen.

Alright so my next mnemonic is less licentious and won’t engender controversy.

Only Capturing the window with focus

Now maybe you don’t want to take a snapshot of the entire screen but just want the screenshot of a specific element.

Here’s the mnemonic:

Let’s say you’re fortunate enough to have a billionaire uncle donate his multi-million dollar Yacht to you for your birthday.

In your exuberance he says he’s going to sail you and your family to St. Lucia today.  He tells you that he’s going to circumnavigate the island and wants you to take in the sights.

The Yacht has three levels; however, he advises that the top level offers the best views of the island.

As you ascend the spiral staircase to the upper deck you notice the entire floor is lined with a wall of windows which affords spectacular 360 degree views of the sparkling cerulean sea, verdant island flora and white pillow clouds drifting lazily across the sky.

A warm Zephyr brushes your face as you walk to front of the ship and watch as your uncle adroitly steer it around the perimeter of the island.

He says the best view is coming up but we need to decrease the hull speed by a few knots so we can get a steady shot.

He quickly steps aside, motions you forward and Commands you to Shift the transmission to a lower gear so you can capture just the island in the foreground in front of you.

Sailboat!

If you look at the number 4 it looks like the profile of the mainsail that’s attached to the mast of your Yacht.  Thus, whenever you want to take a shot of just the item in front of you, in the foreground, such as a browser window, a chat window a portion of your desktop just press:

Command Shift 4

Command Shift 4 gets the foreground for sure.

Pressing this magic key combination transforms your banal cursor into fighter-jet cross-hairs.

The tiny numbers that follow the cursor reveals how many pixels the cursor is from the left edge of the monitor (the top number) and the bottom edge of the screen (the bottom number).

This gives you pixel perfect precision when you need specific dimensions for a screenshot.

Hover the mouse over the active screen element you want to capture and press Spacebar to select it.  (Sorry , I don’t have a memory trick for that one)

You can keep gliding the mouse over different screen elements to select them.

As you push the mouse cursor over the Menu bar it takes on a soft shade of lake blue.   Keep moving over different things and different windows will highlight in the same shade of blue.  Hover over the dock and it’s selectable too.

When you have the one you want just click once to save the file to your Desktop.

Alternately, if you need to select an element of a particular size just click and drag your selection box to the desired dimensions after pressing Command Shift 4.

Things to keep in mind

Alright so we’re done but I should share a few things:

File names

By default all the screenshots will dump to your Desktop in the format:

Screen Shot yyyy-mm-dd at h:mm:ss

So since today is April 1st 2014 and it’s 1:47 PM – if I took a screenshot I would see a file with the following name sitting on my Desktop:

Screen Shot 2014-04-01 at 1:47:45 PM

Save to clipboard instead of Desktop

If you would rather save the screenshot to the clipboard instead of the desktop hold the Control Key with the others.

So for example, to copy the Desktop to the clipboard press Control + Command + Shift + 3.

Now you can paste the image into an email message or a Word doc with Command + v

Don’t use the numeric keypad

For some reason the numeric keypad on my Apple keyboard refuses to accede to my screenshot commands.  In other words, pressing Command + Shift + 4 (on the numeric keypad) doesn’t do anything.

I can only use the numbers under the function keys… does anyone else have this issue?

Apple keyboard Numeric Keypad

Anyway here’s the bottom line.

The Bottom Line

Taking screenshots with your Mac is pretty easy:

  • Command + Shift + 3 takes the full screen
  • Command + Shift + 4 gets the foreground for sure
  • Command + Shift + 4 + Space captures the element under the cursor when you click and saves it to the Desktop
  • Add Control to copy to the Clipboard instead

Hope this helps!

Tagged with:
Posted in Apple, Mac OS X 10.8 Mountain Lion, Mac OS X 10.9 Mavericks

@markfoxisadj @jaredamay intriguing article, do you see this becoming a reality within say, the next 5 years?

About 2 days ago from Vonnie Hudson's Twitter via web

Advertisement

fixedByVonnie Daily Digest
Get your daily fill of fixedByVonnie

Get the latest tips from fixedByVonnie sent right to your inbox.