LastPass from lastpass.com, ScreenSteps tutorial on using the Gallery tag in WordPress at podfeet.com in my tutorials section. In Dumb Question Corner I answer the Duchess of Dumb when she asks for a workflow for Twitter and a few tool-specific questions too. George from Tulsa is back with a lesson he calls the “Vault of Useless Backups”. In Chit Chat Across the Pond Knightwise from knightwise.com joins us again, this time to teach us about Boxee from boxee.tv, how to use the iPod Touch as a video recording device, and why he names his doggies after Star Trek characters.
Today is Sunday January 16th, 2011 and this is show number 295. Well a lot of you signed up for the NosillaCast News, so evidently the mailing list is a good idea! the first automated letter went out last week after the show, the one that sends you the excerpt of the shownotes. I’ve had some feedback that the episode title gets smashed font-wise, and I’ll be darned if I can figure out how to fix that. I have an email in to Steve Harris, the guy who makes Feeder to see if I control that font choice within Feeder, becuase that’s the only place I can control it. MailChimp doesn’t give me any control over it I’m afraid. Hopefully I’ll crack the code on that some day!
So anyone who says FacePlant is a gimmick is way off. Today I was playing with my new light box, trying to take pictures of a little carving my dad made, and I was having white balance issues, and I wanted advice on how to best do this. Bart agreed to a Faceplant with me, and for over an hour he gave me suggestions on things to try, telling me when to decrease the aperture size because my depth of field was too small, we played with manual modes and aperture priority, with and without the flash, changing lenses. The whole time, Bart is seeing everything I’m seeing, including settings on my camera, the view on my mac, how the lights are set up, it was awesome! I plan to do a video of the setup we worked with while I explain the steps to get it all to work – it was really fun! But now, we need to get to work!
I’m committing treason in this next review – I’m going to talk about LastPass, which is a direct competitor to the beloved 1Password from agilewebsolutions.com/onepassword. Good friends of the show Gita Lai and Stu Helm both work at Agile and I don’t think there’s a single member of the Mac Roundtable who doesn’t use 1Password, so I’m really going against the grain here, but I promise there’s a problem to be solved, so bear with me.
Before I dig into that though we have to back up to the main problem that these applications solve, and that’s finding a way to have secure passwords that aren’t repeated all over the place, and without having to remember in our tiny little brains what all those crazy complex passwords actually ARE. The compromise of a lot of username/password combos about a month ago got me to finally get off my butt and change my password strategy.
I promised I’d tell you why I looked into LastPass with all the fans of 1Password surrounding me though. Having a great password manager is only helpful if you can get access to those complex passwords whenever you need them. What if you need them when you’re at work and you live in a locked down Windows world where you’re not allowed to install software applications, or even browser plugins? Unfortunately this is the one place 1Password can’t follow you.
I had been searching for a solution to this problem for ages, when i finally heard about LastPass from http://lastpass.com/. They have the browser plugins, they have the iPad/iPhone methods of getting to your passwords, but they also have one thing more – they have bookmarklets. Now even a locked down Windows world lets you make bookmarks, right? The LastPass bookmarklets come in a pack of three. The first one you use to do a one click login (entering that one master password). the second one you click to enter the credentials for the site you’re trying to enter. The third bookmarklet will autofill forms for you, for example entering your name, address, credit card number and even that pesky 3 digit code that you can never remember. All of this works on a machine where all you’re allowed to do is create bookmarks.
You can also always simply navigate to the LastPass website and view your password vault. From there you can view your passwords for each website, or simply click on the website to log into it.
Now as I’ve been talking about giving LastPass all of your critical password and credit card information, you’re getting that cold chill down your spine that this could go horribly wrong if the LastPass people turned out to be dishonest. Well I think I can put your mind at ease, and it won’t be platitudes from me saying “don’t worry! I trust them! Nope, I don’t want you to take my word for it, but I hope you’ll take the word of noted internet security expert Steve Gibson of grc.com. He explains in detail on Security Now! Episode 256 exactly why this is secure and how much you need it. I put a link in the shownotes to the audio podcast as well as the text transcription of the show so you can listen to it or read it yourself. In a nutshell though, your LastPass passwords are encrypted and you’re the only one with the encryption key.
So I started down my new password strengthening using LastPass on my Mac. That was easy because with the LastPass plugin, every time you enter a user name and password, a thing pops down from your browser bar asking if LastPass can remember the password for you. This is much like the pop down that some web browsers offer you, but in my past research I found that those were not encrypted so anyone gets hold of your machine, they have access to all of your passwords. LastPass doesn’t work that way, no one getting to your machine can crack the code unless they know that one username and password you use to get into LastPass.
Now I know what you’re thinking now. Sure it’s secure, but geez Allison, it’s so easily if I just use the same password everywhere. I know I should change it up, but these kinds of things are just hard…
Well it’s not hard at all. I came up with a new password strategy and every time I logged into a site, I’d change the password, LastPass would say, “hey, I’ve detected a password change, would you like me to update my database?” Heck yeah, that would be awesome! You can even make your life be easier than it is now by enabling auto-fill for your passwords. I go to the url to manage my website, and boom, my credentials fly in and the site lets me in. It is awesome.
Now just in case you think I’m all brilliant and stuff, I haven’t yet gotten up the nerve to allow LastPass to generate secure passwords for me. I know that’s the next step and it looks really easy, you just use a pulldown in the browser extension to generate it, copy and then paste it into the website, and after that it will remember it, but I was scared. Finally, I made the leap. I went to Blockbuster.com for the first time so I could check to see if my local store had the blu-ray version of Season 3 of Dexter in stock, and I was faced with a “create new account” screen. Before I could even think about making up a password, down popped LastPass offering to auto-generate it.
I stood at the precipice, and I realized that worst case scenario I could walk the 3 blocks to Blockbuster to get my DVD, so I’d take that leap. Well, LastPass showed me a crazy password and asked if it looked good to me (like I’m going to complain?) and I said “sure!” and boom, it auto-populated the form. When I clicked ok to create the account, LastPass offered to actually save the site for me (thank goodness because I sure didn’t memorize that crazy password). So I guess I can say that for my first time out of the gate, auto-generate worked great.
Let’s talk again about the bookmarklets. I tested them out on my Windows box at work and I had mixed success. First you have to generate the bookmarklets. You login to LastPass.com, and in the left sidebar, click on bookmarklets, and a popup window shows you your three items, and you’re supposed to drag them to your bookmarks bar. Now you go to a site for which you have a password, click on the LastPass login bookmarklet and login (again). Then you can click the fill bookmarklet to enter your credentials to that website. if you’ve given LastPass your address and credit card information, those are available with the fill forms bookmarklet.
Now I said I had mixed success on this – I tested first with Firefox 3.6.3 on Windows 7 and it didn’t work at all. I then tried it on Internet Explorer 8 and it worked like a dream – came through with the promise I was hoping for. I wrote to support at LastPass.com and they told me to just redo the bookmarklets, but that didn’t fix it. last update I received said they were still investigating. For now I can use IE I suppose but i’d sure like to get it working in Firefox. One last note on bookmarklets – is anyone else every time I say bookmarklets thinking of that Friends episode where John Lovitz is stoned and he keeps saying “tartlet” over and over again?
One thing I would recommend is that you do some organization as you create all your passwords on LastPass. They offer to put them in folders for you but I got lazy figuring it didn’t matter, but when I installed the iPad and iPhone apps I realized the only easy way to use them was if they were organized up a bit. By the way, I paid the $12/year for the premium account because it gave me a LastPass specific browser on the iPad/iPhone. I’m not sure I’m all that fond of it – very oddly even though they now own Xmarks, and even offer bundled pricing of Xmarks and LastPass, their browser on iOS doesn’t seem to sync in my Xmarks bookmarks so it’s kinda lame to user. I can live with it but I hope now that they’re together they’ll get some better integration.
Bottom line time – I know that 1Password is a fabulous product and I have such respect for Stu and Gita and the work that they do, but it was missing that one little bit that made it not work for me, usability on a locked down Windows box. If you’re not locked down then you have two really viable choices, 1Password and LastPass. The good news is that we have choice and LastPass is actually free unless you want the premium features (but hey, $12 isn’t bad is it?) so there’s pretty much no excuse left for using lamo passwords! Check it out at LastPass.com.
This week I was working on the Zamps website I told you about last week, the one with all the cool drawings. I added some more images but I had trouble getting them into the gallery on the front page. I searched online and on forums all over the place without success. My buddy Niraj figured it out, (he’s brilliant at WordPress) and I figured I’d better take some notes so next time I’d remember because it was so arcane! I started to just type it into a note for myself when I had one of those d’oh! moments and realized this would be way better if I did it in ScreenSteps. It took me longer for sure, but now I’ve captured all the menus, I’ve got little arrows and sequence numbers reminding me of the order, and I wrote the actual instructions too. Then I got an even better idea – I put it on podfeet.com in my tutorials section and better yet, I posted it in the WordPress forums so the next poor joker who stumbles in there looking for help will actually find it! I’m actually going to have to break my tutorials out into sections because the menu is getting so long it’s hard to navigate! That’s how fun ScreenSteps is to do documentation. If you haven’t bought it yet, head on over to ScreenSteps.com and enter my coupon code NOSILLA for 25% off the purchase price of ScreenSteps Desktop or Pro.
Dumb Question Corner
This week’s Dumb Question comes from Kate from Michigan. Remember Dumb Questions are those questions you have that you figure everyone else has figured out and you’re the only one too dumb to figure it out. And you’re wrong. If you ask your dumb question, I guarantee you someone else had the same question. Here’s what Kate had to say:
Hi, Allison, this is the Duchess of Dumb back with another one! Here it is: I don’t get Twitter. Well, I get the basics, the concept, the @s and the #s. What I don’t get is how people integrate it into their lives. I am only following about 40 people (including you, of course) but there is a constant stream of messages. Do people keep an eye on Twitter all day and respond as they go? Or do you give yourself a set
time (and time limit!) to use it? I guess I’m looking for a workflow!
I have tried several Twitter apps and just downloaded the latest from the new app store. How do people manage Tweets? How do I use the “mark all read” button? – it’s always grayed out. How do I keep my place? Why is there a clock for my sent Tweets (in my profile)? What is that magnifying glass? There’s always a random bunch of
strange names when I click it.
Thanks, Allison, you’re a lifesaver (and a “life savor”) and you know I love your show – keep it up! Always subscribed, Kate from SE Michigan.
Dear Duchess of Dumb – let’s break this down into two parts, the first part is about trying to “grok” Twitter, trying to simply get the workflow, and your second question is actually more about the tools (pretty tricky sneaking in TWO dumb questions!).
You said you get the meaning of the @ and #s but let me review for everyone else. Twitter sends you messages in three ways. there’s the general stream of tweets which is everyone you follow yapping away about whatever they think is fascinating, from their cheese sandwich at lunch to the Large Hadron Collider, all depending on who you follow.
Next are your @ replies. These are tweets sent by any old person whether you follow them or not, but they’re trying to get your attention by putting an @ in front of your twitter name. so let’s say you’re not following me but I have something fascinating I just read about Kalamazoo, Michigan, and I think you might find it interesting. I would put an @ symbol in front of your twitter name, and then that message would fall into a pile that’s separate from the general stream.
The third pile are your direct messages. These are very specialized messages that can ONLY come from people you choose to follow. So imagine you’re some international superstar, and people are @’ing you all day long, but you want to be able to hear from your real friends when they have something to tell you, a DM is a great way to go. the other thing about DMs is that they’re private while everything else is public. So when I woke up one day and Steve had DM’d me “there’s something in my eye and I’m at the emergency room”, that was a private message just to me. Now most normal people won’t use it to tell their wives they’re going to the emergency room, a normal person might just gently shake their wife’s shoulder and say, “honey, I’m going to the emergency room”, but you get the point. Think of DM’ing as a way to do have essentially an instant messaging chat except it’s not instant, it’s whenever the person checks Twitter, or their email because it notifies them there too.
Now you mentioned the # messages – that’s actually not one of the three piles. The # is used to designate what they call a hashtag. It’s easiest to explain in an example. let’s say MacWorld Expo is going on, and you didn’t get to go but you want to keep up with what’s happening. People at the show will write something about the show and add the hashtag #mwe11 in their tweets. Then you could go to any of a number of sites, like hashtags.org or even just at twitter.com, type mwe11 in the search window there and you’ll see what people are talking about. I tested it right now at hashtag.org and typed in tunisia and they even have a graph showing the dramatically increased number of #tunisia tweets that re going on and shows you a list of tweets on the subject. This is a great way to follow an unfolding story – like 2 years ago at Blogworld we were all following #balloonboy to instant updates on his fate.
Ok, now that we’ve explained the jargon, which you didn’t ask me to explain, what’s a good workflow with Twitter? Well it all depends on how much time you have either at a computer or on your mobile device, and it also depends on how many people you choose to follow. I follow about 400 people, which means the main stream is really more of a raging river for me. I simply dip my face into the river a few times a day to see what’s happening if I’m bored. If you follow just a few people then it’s actually practical to scroll backwards and see what people were chatting about while you were away having a real life.
I created a couple of lists that are way more interesting to me – the NosillaCast Live list is awesome because I feel like I “know” those people even though many of us have never met. They also share a common interest with me so I know that whatever they’re chatting about will usually interest me, which isn’t true of the huge list I follow. I also have a family list which occasionally has stuff from my daughter or son, but mostly it’s how I find out what Steve’s been digging out of reddit to share with us. My third list is of the Mac Roundtable and that’s ALWAYS good reading. I probably read at least half of what’s been said in my lists overall.
One thing I do find is that if you have Twitter on a device that’s with you like your cell phone, it gets 10x more fun. You can easily read three or four 140 character tweets while in line at Starbucks. Stuck in a meeting? Catch up on Twitter. All I’ve really described is how I personally use Twitter, it would be interesting to have @switchermark describe his workflow because I swear he always comes up with a clever answer to anything Steve or I say. I’m not sure if he’s got it glued to him, or if we just happen to be online at the same time, or if he manages to read every single tweet of everyone he follows!
I hope that helped – now to the second half of your question. it turns out you’re asking about a very specific tool. the application you downloaded from the Mac App store is called Twitter, which used to be called Tweetie. It’s not my favorite Mac Twitter client by far, in fact I uninstalled within the hour after I downloaded it. Oddly it IS my favorite client on the iPhone. The reason the “mark all as read” menu pick is greyed out is that this Twitter app automatically marks all as read if you scroll to the top. If you look at the icons down the side for @ and DM, you’ll see a glowing blue ball next to them if you haven’t yet scrolled.
Let’s see – the other interface questions: the clock on your sent tweets is simply a choice they made for an icon, doesn’t mean much other than the fact that they’re in time order. You can click in that same menu on the @ symbol or star for favorite tweets (the only tweet I ever favorited was when Jeff Gamet tweeted that he’d sneezed so loud he set off a car alarm) and finally one to show and edit your profile. The magnifying glass is what you might expect, it’s a way to search all of twitter. In fact you can use this to do a hashtag search too, like searching for #tunisia.
I think that’s enough Twitter talk for one day, but just keep playing with it and you’ll find your way. Don’t forget to follow people with your interests, and try to contribute so that people follow you back which makes Twitter way more fun.
George from Tulsa on Vault of Useless Backups
On Monday I was in our fireproof vault at work, thinking about Allison’s comments about backups in #297, as I trolled through file folders looking for a seventeen year old document. That’s pretty new paper, some in our vault dates back to the early 1900s. Those are getting crinkly, but there’s no trouble reading them.
While we have lots of paper in our fireproof vault, we also store computer backups there. One covered the period through which I was searching and could have made finding what I needed easier. But I didn’t bother. Why? Well, we used Windows back in 1993, and the most likely backup was spread over a set of Windows floppies by a proprietary program I don’t even remember. Windows PC, no problem. Twenty year old program, something else. And what’s the chance every one of the many floppies would work after all these years? Not so good.
Close by was a newer backup set, made after we upgraded to a tape drive. I remember tossing out the tape drive after it went CLUNK and ate a tape. No drive. No program. No backup. Our last Windows backup was made as we fled our Trojan infested XP machines to the safer harbor of Mac. No proprietary software. No obsolete tapes. Simply CDs onto which I burned copies of all our Windows data files.
Uh. CDs. Didn’t Steve Jobs say my new Mac Air is the next generation of MacBooks? And isn’t the biggest difference between the Air and the MacBook a missing Optical Drive? If you’re archiving to CD or DVD, before you know it those archives you burned might as well be burned.
There’s a couple of lessons here. If there’s something you absolutely, positively have to keep, paper will outlive computers. But when your data, like digital pictures, has never been paper, you’ll need to upgrade your backups as new technology evolves, or your backups will be as useless and inaccessible as old Microsoft MultiPlan spreadsheets buried in that stack of old floppy drives stored in my Vault of Useless Backups.
Tune in next week, I’ll share how to encrypt gigabytes of your data using free Mac software, and backup to the cloud, all for free.
You are such a tease George!!! Well I guess I’ll have to wait till next week too to find out. You have a great lesson here about backing up to the latest medium – Bart warned us to move our backup DVD collection of our home movies that Steve so lovingly made to a hard drive and luckily we heeded his advice. Till next week then!
Again my cars are running smoothly and we have no visit from Honda Bob. I’m going to have to have him over to do another gadget review soon because he’s done too good of a job keeping our cars running well! When he does come over he is always on time, he does a professional job, he works while I relax and bother him, he charges a fair price and he cleans up after himself. You do have to put up with the bad jokes but it’s worth it to have piece of mind while you’re driving. If you live in the LA or Orange County areas, and you drive a Honda or an Acura, give Honda Bob a call at (562)531-2321 or send him an email at email@example.com. HDA Bob’s Mobile Service is not affiliated with Honda, Acura or Honda Worldwide.
Believe it or not there’s no big scary exploits going on to speak of so it’s another feather lite version of security lite. As long as you’re allowing your applications to update, and you’re letting Apple’s Software Update run, and Windows update run, AND you’re remembering to wake up your VMs (last week was patch Tuesday) then you can sleep well this week.
Chit Chat Across the Pond
This week’s guest is Knightwise of knightwise.com, creator of KWTV and the Knightcast. Topics include:
- BOXEE as a media center. (mac linux windows) download at boxee.tv. Cut the cable entirely at lifehacker.com
- The new iPod Touch as a video recording device
- Chit chat about the new doggies and why we give them star trek names.
Well I hope you had fun this week, I had a grand time as always with the chat room, and I had a great weekend with this unseasonably warm weather we’ve been blessed with in California. It was a real treat to have dinner with Stu Helm of the International Mac Podcast last night, Steve and I had a blast with him. Until next week, send your Dumb Questions, comments and suggestions to me at firstname.lastname@example.org and be sure to follow me on Twitter at twitter.com/podfeet. Thanks for listening, and stay subscribed.