#319 Google+, iPod Interface from Crutchfield, Chromebook, Easy Hard Passwords, Getting Ready for Lion

Google+ explained (I like it!), Amazon dumps its’ California Affiliates (including me). The USA Spec iPod® Interface from Crutchfield at crutchfield.com. Chromebook review by George from Tulsa. Poor Professor Albert asks how to figure out what his 26 character password is on his wireless router, but I direct him to some lessons from Steve Gibson of grc.com where he explains how to make a memorable and uncrackable password. Also test out the strength of your password on his “Haystack Calculator” at https://grc.com/haystack. Steve Stanger of the Mac Attack Podcast joins us on Chit Chat Across the Pond to talk about how to carefully get ready for Lion.


Hi this is Allison Sheridan of the NosillaCast Mac Podcast, hosted at Podfeet.com, a technology geek podcast with an EVER so slight Macintosh bias. Today is Sunday July 3rd, 2011 and this is show number 319. It’s amazing that this show ever got out at all this week, guys! First of all this is a holiday weekend, second of Steve’s sister and her family were with us for a couple of days, and finally Google+ came out. I doodled around with that most of the day on Friday until company came!

I suppose I should try to explain Google+ before I go on much further. The good news is it doesn’t take a 45 minute video to explain it like Google Wave did. It’s a social network with a beautifully clean and yet animated interface. You organize people into Circle as they come in – think circle of friends. Because choosing their circle is the first thing you do, you can easily separate your goofy online friends from your in real life friends, from your family. Let’s say you want to show a picture of yourself at a party, but you don’t really want to share it with Dad, when you make the post you only share it with your friends circle.

The site is very clean and has really nice simple animations. To add people to your circles for example, you see a pictorial view of your address book, and you drag people from there onto a circle below, and their little head swirls around the circle till it bangs into the rest of the little circle heads. It’s fun. In fact it’s kinda sad when the circle has too many people in it and adding someone just sort of jiggles the circle. You can have people in multiple circles, so for example I have a podcaster circle, and a friends circle, and Katie Floyd is in both.

When you sit down to browse what’s happening in Google+, you’ll see a list of your circles down the left side. Click on your friends circle for example and all the posts showing are only from that circle. If you post to your stream, it automatically assumes you only want to post to the friends circle, showing you that’s what it’s chosen. You can add more circles to share with or delete circles right before you post. Get this, you can actually edit a post after the fact too! Can’t tell you how many times I’ve wanted to do that on Twitter.

You can “hang out” with people in Google+. If you click the hang out button, you’ll be asked to install a plugin (grrr) and then your camera and mic will become live. The people invited to the Hangout will be those in the circle where you were when you clicked it, just like posting to your screen – so you can add and delete circles before you launch or even after you’re in the hangout. Once some people join, an interesting thing happens – you get video of each person, but the person talking takes the big screen position while the others who are listening sit in a row of videos down below. I haven’t gotten much of a chance to exercise this – like what happens when everyone starts talking at once?

I had a bit of trouble with Hangout where it wouldn’t release my camera even after I quit Google+, which was concerning. The good news is that they’re modifying Google+ as we speak so I dropped some feedback to them about the problem, hopefully it will get sorted straight away. It only happened the one time so perhaps it’s been sorted already.

Another feature is called Sparks; think about something sparking your interest. If you click on sparks in the left sidebar, you can type in a term about something that sparks your interest. I typed in Macintosh (duh) and I was rewarded by a stream of articles and videos about the Mac. Then you can actually Add that Interest and it shows in your sidebar so you can click it at any time and jump right into the subject. What I can’t figure out is where they’re getting the stuff in the Sparks. I went back to my Spark on Macintosh hours later and the same info was there. No idea how they decide what’s worthy of being in each subject Spark.

There is an Android app for Google+, but nothing for iOS yet, which is kind of a bummer but I suppose not altogether unexpected.

So the real questions in your head might include, “do I need another social network?” or “will it replace Facebook?” Well of course you don’t need another social network! If you love Facebook, you’re perfectly happy with the interface, you like the way it works and you have gotten used to managing your privacy settings, you may not be interested. To me Google+ opens up a different way of looking at how we interact. not revolutionary in its differences, but in a subtle way that might be compelling. Like I explained, when you share some information, it’s trivially easy to change who sees it, like my circle of friends, but not my work friends. Adding and removing people is very simple, and the interface is MUCH cleaner and less cluttered than Facebook. I’m not happy that I have to use Picasa to share photos (as far as I can tell), because unless it’s changed there’s a 2GB limit on how much space you have for them in Picasa. I don’t see tagging yet, which is an essential feature of Facebook, but perhaps that’s in the plans. Google+ allows you what they call “Data Liberation” where you can export your information from Google+. I like the phrase too.

Overall Google+ doesn’t replace some fundamental parts of Facebook for me (yet) but I think it has enough cool features and is such an amazingly good start that I’ll stay in it to see how it progresses. One bit of warning – if you add Leo LaPorte to your circles, I suggest you make him his very own circle. He did so much blabbing on Google+ on Friday and so many people responded to what he said that I couldn’t see anything else in my stream! I moved him to his own little world and now I can check what he’s up to from time to time but still see everyone else. I’m glad there’s a competitor in town, it’s guaranteed to help Facebook to step up their game.

No More Amazon Affiliate

So one week after I reminded you to be sure to use my affiliate link to Amazon, they terminated their contracts will all affiliates in California. I’m not exactly sure of the details, but I know CA wants Amazon to make us pay sales tax, and Amazon decided to punish the state by stopping paying us to advertise for them. I’m not going to get into politics here but I think it’s a reasonable request that Amazon (and other online retailers) compete on a more fair playing field. If I got to Best Buy and check out a TV, even though it’s bound to be at LEAST 10% cheaper at Amazon because that’s our tax rate, I’ll still buy it at Best Buy because they allowed me to actually see and touch the TV. I think I’m the only one left in the country who feels that loyalty but that’s how I feel about it. I would probably still shop at Amazon because of the selection and service. So the bottom line for you is that I’ve deleted the Amazon affiliate search window from podfeet.com so if you’re looking for it, you won’t find it. I’m investigating the idea of being an iTunes Store affiliate now. Stefaan Lesage from Belgium told me about it, and it might be even better for the show. They pay 5% of the purchase for stuff from the iTunes music store, iOS app store, AND the Mac App Store. Since the vast majority of what we talk about comes from one of those three that might work out pretty well. I’ll let you know when I’ve got it going.


This weekend my father-in-law desperately needed my help. He had booked a trip on Holland America and wanted to print his luggage tags (two months in advance) but for some reason the PDF to print wouldn’t come up. I had removed Adobe Acrobat Reader from his computer the last time I was there, because of all the vulnerabilities in the product and I was worried that might be causing the problem. We did a screenshare in iChat today and I watched him step by step until he got to the screen where the Safari said, “I can’t open this, pick an application”. I showed him how to scroll to Preview, but oddly it was greyed out. Hmmm. Installed Acrobat against my better judgment, but oddly it didn’t fix the problem. Then I started wondering whether they might not be following good web standards on the Holland America site. I installed Firefox for him, and sure enough the PDF window came up and politely asked if he’d like to use Preview! He happily printed his luggage tags (two months in advance).

Now while this was a happy ending to an annoying story – what happens the next time he has to print from Safari and he has a problem? I can guarantee you that grandpa is not going to remember how to copy the URL from Safari, launch Firefox, and paste the URL in. Ain’t gonna happen. Grandma on the other hand would be able to do it without pause. She’s very clever on the computer and gets it almost immediately. But for grandpa – what do I do? They kidded around that I’d better leave my phone off the hook when it comes time to print their boarding passes because I’d lose another couple hours of my life!

I have a better idea, in just 10 minutes I could easily create a ScreenSteps tutorial, complete with full descriptions of each tricky maneuver, using arrows and boxes and sequence steps on screenshots and then export the three step lesson to PDF and email it to him. In those short 10 minutes, I can save myself at LEAST an hour when it comes to boarding pass printing time, AND it saves him the frustration of trying to remember. Everyone will be happier, the birds will sing, the flowers will bloom, and we’ll probably all lose weight. Okay maybe not that end part, but the happiness and time savings part is true!

I’m sure you go through this with your friends and family, or maybe you want a way to record stuff for yourself so you don’t forget it. Head on over to ScreenSteps.com and download the free trial of ScreenSteps and then when you inevitably buy it, make sure you tell them you heard about it on the NosillaCast!

iPod Adapter for the Car

It’s 2011, but the car companies are still selling cars with CD players and not including iPod adapters in their audio head units. Talk about a problem to be solved! If you’re lucky, your head unit might include a plain old audio jack so at least you can play audio from your iDevice. But with that you can’t charge the iDevice, and you can’t control the iDevice from the head unit or perhaps controls on your steering column.

I bought an Acura TL in 2005, and with iPods first being introduced in 2001, you’d think that 4 years later that fancy pants car would have an iPod adapter, right? Heck now, but I’m sporting find looking cassette player dontcha know. It doesn’t even have an audio jack. A few years ago I had Honda Bob install an iPod adapter for me. It took me a long time to find one that would work with my car, but eventually I did. I’m not going to give you the model because it was complete crapola. It was lovely for a bit, maybe a few months, and then I noticed that from time to time the right channel would cut out when I went over a bump.

Most of the time it was ok, but after a while that right channel was out more than it was on. The good news is that I only listen to audio podcasts and they’re all mono so after a while I just used my audio controls on the head unit to have all the audio come out of the left speakers only. It sounded awful at first but I got used to it after a while.

Fast forward a couple of years, and I go to squeeze the two plastic side pins together on the dock connector, and one of them breaks off. Ok, now it’s getting annoying. I have to push my thumbnail into the gap in the connector to reach the metal pin. I can do it though so I carry on.

ipod adapter with three sets of cablesA couple weeks back and I’m driving Kyle back from UCLA for the sumer and I figure I’d better play music for him. Luckily I have one (test) album – the album 1 from the Beatles. I start playing it, and at some point Kyle says, “you know there’s supposed to be music plaining right now, right?” He suggested that stereo music actually has separation and comes out of both speakers at different times. I actually didn’t realize that!

Fast forward another week and now the 2nd plastic pin breaks off. Now I have to use a specialized pair of needle nosed pliers to get my iPod in and out of the connector. Great. Now I have to say it, this is a real ghetto device I’ve got going here. No right channel at all and using pliers to pull out my iPhone…in an Acura.

I began my quest to find a new adapter. I had assumed I wouldn’t have any success, because when I first found my adapter I only found the one that would work with my car. I started stumbling around on the Googles, when it occurred to me that I should start with the best resource, Crutchfield from crutchfield.com. I’ve had Crutchfield recommended by folks before and I’ve used them before and been really happy. Imagine my delight when I was able to find an adapter that supposedly worked for my car.

unit with two cables, one going into an iPodI like sites that start with the thing you want to buy and then help you find the thing that fits your machine. Like OWC where you start with memory, then tell it what exact Mac you have and then tells you exactly what you can and should buy. At Crutchfield I searched for iPod adapter, found the USA Spec iPod® Interface and then it said, “Please Select Your Car”. The menu asks first for the model year, then the make, but then I had to choose the model and they didn’t have the plain old TL, my closest choice is the 3.2TL. I know the 3.2TL was discontinued before my 2005 TL was born, but I chose it anyway. I’m feeling lucky, you know? Next up you need to tell them whether your head unit is original equipment or if it has a navigation system or not. The interesting thing is that as I go back through this exercise, it has a big red symbol saying it doesn’t work with my car stereo. The good news is that I never noticed that before, because this device works perfectly well with my car stereo! Perhaps it’s because it’s not picking the correct Acura model, I’m not really sure.

I want to back up just a wee bit here and explain how this device works. There’s a small white box, maybe 2 inches square that you mount in back of your head unit. This means basically tearing out 1/3 of your dash and console, which is why I was so glad to pay Honda Bob to do it. The hunt has a cable that goes into one of the pre-assigned jacks, like your CD Changer or XM radio. I do use my CD changer, however rarely, but I never use the XM radio at all so we chose to replace that with the iPod interface. The box has a second cable that comes out with a standard iPod dock connector. We chose to have that come out from a little pocket in my dash out from under my radio. You can choose to have it come out in the glove box, or the center console, all up to you because they give you a really long cable.

The great advantage of this kind of after market device is that you get superb audio sound out of your car stereo, and it charges your iPod/iPhone while you’re driving. My iPhone protests when I plug it in, claiming that it isn’t a supported device but I can dismiss the warning and it charges and plays back. The USA Spec adapter also allows the navigation system display to actually show the album and song name (or podcast in my case) that’s playing, using the audio control panel that’s built into the Nav system. From that audio screen I can also change whether I control the iPod’s functions using the nave screen or the iPod directly, and whether to view individual songs, by album, or by playlist. Personally I find it far easier to control the iPod directly but others may prefer to use the stereo for those controls.

The USA Spec iPod Interface from Crutchfield was $150 for my car, comes with lifetime tech support from Crutchfield and free shipping. I am delighted with the product, and it’s of note that there are no plastic pins to break off on this unit, the connector is a sealed unit. I wish I’d upgraded sooner!


photo of the finished dvd covers and labelsLast week I asked you guys to send in examples of how you use products from Smile. I know how valuable they are to me, but I wanted to hear your examples. Stefaan Lesage from Belgium sent in a beautiful story. I can’t reproduce the entire story but I’ll do my best. His 11year old son’s teacher asked him if he’d help make a video of the children as a surprise father’s day present. Well Stefaan went WAY over the top. They actually recorded the audio at a recording studio and recorded to a CD. Then he video taped their rehearsal of them singing the same songs. He dubbed the professional recording into the video he’d recorded. He made photos out of the videos so that particular classes would have their own unique menus on the DVD. He did all of this in Final Cut Pro. Then he decided to add a more ‘Professional Look’ to it all. He felt it was still missing something. Here’s where Smile comes in. I’m going to quote him exactly on this part:

That’s when I started fiddling around in DiscLabel and noticed I could even design something which could be printed on DVD’s. I had never done that before and a quick check showed that I had a special DVD adapter for my Canon Pixma iP4000r. I decided to quickly order some printable DVD’s so they would be delivered the next day. Meanwhile I took a base template (Pop Art) from DiscLabel and started experimenting with it. I added my own texts to it … used our ‘company font’, added some logo’s and one hour later I had a pretty descent look for both the Slimline DVD box and the similar look and feel to print on the actual DVD’s (both in 2 versions … one for each class). Designing the look and feel of the actual print on the DVD and the cover took me about an hour thanks to DiscLabel from Smile and printing on the DVD’s was a piece of cake

Now this sounds like an AWFUL lot of work for Stefaan, but it sure paid off. He said, “the reaction on the faces of the children was enough to make everything worthwhile.” The next week he went to pick up his son from school and one of the kids there came to him running as fast as she could … she wanted to thank him saying ‘she had never seen her father so happy with his fathers-day present and even grandma loved it’. Stefaan said, “I just melted … right there on the spot.” Here’s another great quote from Stefaan:

I went running and I encountered one of the parents (had no idea it was one of the parents) and he told me it was ‘The best fathers-day present ever’. Even the guys at the recording studio emailed me saying the whole experience of the DVD was amazing … the booklet and printing on the DVD made their version look cheap (they burned the audio on a separate blank audio DVD with no box … no printing …) and asked me what I used …

Well that’s a better testimonial for Smile’s Disc Label software than I could ever do – check out the photos of the DVD’s that he posted on Flicker, there’s a link in the shownotes of course! And check out DiscLabel from Smile at smilesoftware.com/DiscLabel. Thanks Stefaan for such a heartwarming story!

Chromebook Review from George

Google’s new Samsung Chromebook has a lot in common with my 11” Macbook Air.  They’re about the same size, boot instantly from SSDs, have excellent full-size keyboards, and superb LED backlit screens.  I “ever so slightly” prefer the Chromebook’s keyboard. Its matte finish screen is legible on a sunny patio where the glossy Air is driven to seek shade.  At five hours, the Air’s battery runs a long time.  At eight and a half, the Chromebook’s runs all day.

Air and chromebook side by sideThat said, hardware to hardware, there’s no real competition between the Chromebook and the Air, or for that matter between the Chromebook and cheap Windows machines that offer more utility for less than the $500 I paid for a Samsung 3g. My Chromebook gasped running Nosillacast’s live video feed and simultaneous chat stream.  No problem on the Air, or on a really low end Toshiba Win 7 AMD Fusion.

The Chromebook does nothing unique.  Its Chrome OS is a very stripped down Linux running a GUI that looks and behaves exactly like Google’s Chrome Browser running on any other computer. Nor does the Chromebook run local applications.  Without live Internet,  the Chromebook is a door stop.  Google promises offline access to Gmail and Documents this summer, which will help.  While the Chromebook streams music well, and video adequately, as a local media player, it isn’t competition for a $20 Coby.

So, is the Chromebook a sad joke? No, and here’s why.

SpayOklahoma is a charity that offers low cost pet neutering at two clinics.  Scheduling is critical.  Spay must keep its contract veterinarians busy, but not overloaded. I set Spay up with a free-for-charity Google Apps Account and donated Macs.  

Spay’s staff schedule appointments on Google spreadsheet templates.  Because the “appointment book” is in Google’s Cloud, it can be accessed by multiple users, on and off site, during and after office hours.  Off hour access enables staff to connect with callers who leave voice mail.   Without the Cloud, Spay’s appointment books would be locked in closed clinics.  In the Cloud, they’re available 24/7.

Spay’s staff are not geeks.  While Apple’s automatic update has kept its two Macs current, local software and browser versions aren’t.  And I’ve received several “rescue” calls after volunteers mucked around in System Preferences leaving the Macs unusable.  Now with malware like “Mac Defender,” Spay’s computers are at risk, and I’m reluctant to lock them down and install Anti-Virus.  

Were I starting now, I’d probably give Spay Chromebooks instead of Macs, and here’s why. Google promotes the Chromebook as impervious to viruses and malware.  I’m withholding judgment.  

Google advertises nothing’s lost even if a Chromebook gets tosed in a river.  Well, nothing except the Chromebook.  I test wiped my Chromebook and restored it to “fresh out of the box” in less than ten minutes.  Then I logged into my Google user account and, Voilà!, everything synced back from the ‘net just as I left it.  

Immunity to viruses and malware left open to debate, but with total restore to “good as new” in less than ten minutes, I’m persuaded the Chromebook is about as close to an idiot and hacker proof computer as a Speak ‘n Spell. Accessing Google’s services is the reason to use a Chromebook.  But to be clear, although a Google ID is required at the Chromebook’s first boot, its owner can totally ignore Google thereafter.

use IE not chrome!The only limit I’ve found to Chromebooks on the ‘net are the few sites that still insist on Internet Exploder.  Most services, even those that compete with Google, offer Apps or Extensions that run on Chrome.  Connect right up to ZoHo office, Amazon Cloud Player, MobileMe, Facebook, Twitter, and even Bing.  Oh, the places you can go, just not the Oklahoma Unemployment Commission . . .

You’ll find links and more about Chromebooks and the Chrome OS, in Allison’s show notes.
SpayOklahoma Website
George’s Extended Comments:
Amazon “Chromebook Store” for Specs and Prices
Google’s Chromebook “Features” Page
Google on Chromebook Security Features

Chromebook “Local Storage”
I’ve successfully saved and opened files from a USB stick, SD card, and 500 GB Fat 32 USB Hard Drive.  I don’t have a USB optical drive, so I’m uncertain if the Chromebook would read files from one.  I doubt it would “burn” a CD or DVD.

Insert an SD Card (and probably other USB media) with photos, and the Chromebook identifies the pictures and opens an “Upload” Window.  Since I use Picasa, and was logged in with the Gmail account linked to Picasa, a Picassa Window opened and very neatly moved my pictures to the Web.  According to Chromebook’s help, the user can choose what Web photo site is the default. (google.com/support/chromeos)

Google Voice for making telephone calls works just fine.  You’ll need a wired headset with mike like those that work with iPhones.  My Logitech USB headset was not recognized.  

Chromebook Help: USB Storage
Chromebook user files are automatically deleted if older than five days, or earlier if local SSD space needed.  Gone in 5!

“Only the Net”

3G Models come with inbuilt Verizon access and a USim Card slot.  100 MB is free.  Additional Data is available beginning at 1 GB for $20. Verizon Pricing.  WiFi models have the USim slot.  Status of the Sim slot in Acer’s machines is unknown.

The free 100 MB?  Good for streaming 1 hour and 45 minutes of music.  The 1 GB I bought?  30 minutes a day for a month.  Bring money! Business Insider on Chromebook Streaming Cost

Chrome, no Chromebook Required
Parallels 6 creates a ChromeOS “Virtual Machine” on a Mac with just one click.  Chrome in Parallels 6
And it will run in VMWare Fusion: Simone Carletti: Chrome in Fusion
Run Chromium, the open source version, from a USB stick:  Chromium OS Builds by Hexxeh

Selected Reviews
Dana Wollman in Engadget
” . . . if you’re certain you can live in the Chrome browser and the Chrome browser alone, and would readily trade local storage for a zero-second boot time, we think Chromebooks have a lot of potential”

Joanna Stern in “This is my next”
“The Series 5′s hardware has been polished, but the software experience still needs work.”

Professional Curmudgeon John C Dvorak in Marketwatch
“The idea is bad, inefficient and comparatively expensive. In other words: a loser.”

Thanks George, this is a perfect use for a Chromebook, I’m wondering where else they could use these. Pretty cool you got to test one out and thanks for sharing with us.

Dumb Question Corner

Hello Allison, dis is Professor Albert and I need your help again. I am going tru Mac withdrawal!

Just recently, my vireless router exploded so I vent out bought an APPLE AIRPORT EXTREME VIRELESS ROUTER and I set it up very easy. Because I learned from Bart dat Security is very important, I put in da Airport EXTREME a 26 character passvurd so dat no one could figure it out. I linked it up to my BRAND NEW 13 inch MACBOOK AIR and everything vurked perfectly. Like a charm. But dat night ven my vife ELSA asked me for da new Password for da AIRPORT EXTREME – I could only remember 21 characters so she couldn’t get on da Home WiFi. And when you take FACEBOOK away from my vife, she gets mean! Vell, I love my vife very much, but she vent crazy on me, and stole my BRAND NEW 13 inch Macbook AIR and said dat until I fix da AIRPORT EXTREME BASE STATION she vill be using my MACBOOK AIR to talk vith all her friends on FACEBOOK.

It has been two days since I touched my Macbook Air and I have no odder computers, and I am getting da D T’s da DIGITAL TREMORS, and I may have to go into a 12 AP program for I am losing my mind without my Mac. Oh my God, Allison please I need your help vith dis dumb question!

How do I find out my 26 character Vireless Network passwurd? Is dere a vay to go into da Airport Extreme and see da Passvurd, or is dere a vay to go into my MacBook Air and find out da passvurd, or is dere some odder vay to fix dis so I can get my beautiful Macbook Air back from my vife Elsa and get out of withdrawal?

Help me out Allison, you are so smart!

Well I answered Professor Albert in email first so he wouldn’t have to wait 6 more days without to use his precious MacBook Air. Here’s what I told him.

Well you happen to be in tremendous luck. But before I tell you the answer, I have to tell you about our trip to Ireland last summer to visit Bart. We were traveling light of course, so we only brought with us Steve’s MacBook Air, my MacBook Pro, my iPhone, Steve’s Blackberry, my BlackBerry, and I’m pretty sure we had an iPod Touch thrown in the mix too. So we go to Bart’s house and we’re dying for some internets, and Bart tells us he’s got his 63 character random password on his wifi network. Now what are the chances that we could ever successfully type that in four or five times???

We festered on the problem for about 15 minutes before we figured out how to do it. It did take some convincing to get Bart to go along with it but here’s what we did. We had Bart turn off the encryption altogether, but just for a minute. While the shields were down, all of our devices jumped onto the network. Bart quickly pasted the 237 character password into an email to us on all our devices. As soon as we’d received the emails, Bart battened down the hatches and slapped his WPA Encryption key as fast as he could. Then on each of our devices, it was a simple matter of copying the 4328 character password from the email, and pasting it into the password field for the wifi network. Problem solved!

You can do this today to get your wife back on her own computer.

That worked, but there may be a better solution for the long run. Bart’s been bugging me for ages to listen to Security Now! with Steve Gibson. I used to listen to it but got out of the habit a few years ago. I kept hearing these stories from Bart and other people about how Steve Gibson explained this hack and that hack and I was jealous I didn’t know all about it too. So last weekend when I was needlessly rewaxing my car, I gave Steve’s show another try.

I chose out of the blue to listen to episode #303 in which Steve brought up the fact that his iPod Touch has never once been on his wireless network as he’s unable to enter his 63 character password on the device (guess he didn’t think of our idea of turning off WPA for a few seconds and emailing himself the password). He used the big giant password because, as he said, that randomness means a lot of entropy. I took a lot of physics and quantum mechanics and thermodynamics in college, and I’m not entirely sure the word entropy can describe a number, but you get his point, it’s unpredictable is what he meant I guess.

During this show he described his recent epiphany where he realized there’s a way to create a password that’s uncrackable inside our lifetimes, and yet memorable. I’m not going to go into full detail, but the gist that I took from his explanation was this. If you’ve got a password that’s all numbers, each time you lengthen it by 1 digit, it gets 10x harder to hack because each digit is from 0-9. if you had a password that was all letters, adding a letter would make it 26x more difficult. now combine letters and numbers and upper/lower case and special characters AND make it long and you’re getting in the uncrackable range.

But just making it long and random is the hard to remember part, right? Well here’s the epiphany part. You know how in the movies when they’re hacking into a password, they show that they’ve figured out one character, then they’ve locked in the next one, and on and on? Well that’s not what happens at all – if you guess a password, all you get back as a hacker is that you’ve failed. You don’t know if it’s failed because of the number of digits or the capitalization or numbers or anything.

So the epiphany was that you CAN make your password rememberable and long and complex all at the same time, by simply adding a lot of the same character or a pattern of the same characters. So he used the example of using D0g and 21 dots. He’s got upper case, a number, lower case, and special characters, and it’s 24 characters long! He said as long as you have SOME entropy (randomness) that’s enough, it doesn’t have to be all random.

So think about a pattern or set of characters you could use, in the front, middle or back end of your password where the password itself is that entropy-filled joy. That would be uncrackable and yet easy to type!

Steve built a tool he calls “How big is your haystack” over on https://grc.com/haystack, meaning how well is your needle hidden? where you can test out how well this idea works. You can type in some ideas, and modify them real time to see how long it would take to brute force guess your password. I made a 13 character password where it only had 5 real characters, but with numbers and upper/lower case letters but then added 8 of one special character – and give computers that can crack 100trillion guesses per second – it would take 1.65 hundred centuries to crack that password! How totally cool is that?

I really encourage you to go listen to Security Now episode 303 (http://twit.tv/sn303) to hear Steve’s much better explanation of this, or read the transcripts (which sometimes for me are easier to absorb) at grc.com/sn/sn-303.txt. I put a link in the shownotes to his Haystack calculator (https://grc.com/haystack) too so you can test out your new password ideas!

If you had asked me this question a week earlier professor, I would have only been able to give you the hacky way to fix the problem, now you have a method that will solve the problem forever! Remember to not share this basic part of your new password scheme with anyone because once they know your pattern they can figure out all your passwords (maybe you could share it with Elsa I suppose) but rather type it in for them when they come to visit. thanks for the great question, I’m so excited I could answer!

Chit Chat Across the Pond with Steve Stanger of The Mac Attack Podcast

You need Mac OS X 10.6.6 or greater to download Mac OS X 10.7 Lion from the Mac App Store

System requirements:

  • Macs with anIntel Core 2 Duo,Intel Core i3,Intel Core i5,Intel Core i7, orXeonprocessor.
  • At least 2GB of memory
  • Latest version of Mac OS X Snow Leopard (10.6.8), with the Mac App Store installed
  • At least 4GB of disk space for downloading

Rosettais no longer available in Lion, which means Lion no longer supports PowerPC applications. *(See below for how to check your apps)

Preparation for Lion

• Back up. Test your backups. -Nuff said-(Super safe: Clone your boot drive, I do)

• No need to do a clean install unless you are having some serious problems with your OS. Clean install (it seems) requires a Snow Leopard disk. Clean install via Snow Leopard installer then install Lion. –It’s still possible Apple will change the install behavior before the official release or see links below for unofficial alternative clean install.

SIDE NOTE: OS X Lion includes a built-in restore partition, allowing you to repair or reinstall OS X without the need for discs.

• Do system maintenance: (For time we don’t have to go step by step. Just refer people to the show notes. Up to you of course.)

We use Onyx, free fromhttp://www.titanium.free.fr/index.php

Prettier $20 app called MainMenu fromhttp://mainmenuapp.com/pro.php

Recommended monthly maintenance

– repair system/disk file permissions

–in Onyx: Maintenance Tab, Permissions Tab, Execute Repair System Files Permissions
– manually run daily, weekly & monthly maintenance scripts

–in Onyx: Maintenance Tab, Scripts Tab, execute weekly & monthly scripts

Recommended six month preventative maintenance
– zap parameter ram (PRAM) – hold down Command, Option, P, and R
– rebuild LaunchServices

–in Onyx: Maintenance Tab, Rebuild, Execute on LaunchServices
– rebuild or delete System, User, Internet, and font caches

• If you want to be super safe (part 1) disable any Finder and System Add ons. Some applications unless updated for Lion will be incompatible with the new OS and may cause issues when you first reboot after doing the installation. Check the application developers websites for Lion updates or see if their software is Lion compatible.

• Part 2 being super safe – I would also recommend taking a look at your “Login items” in your Accounts preference pane. Make a list of the applications you know you added. Then go into those individual apps and set them to not start at boot. You can usually find this in the applications preferences. I am sure many applications, both shareware and commercial, will be updated by the time Lion is unleashed. So hopefully we won’t have to disable too many applications for the install.

• Disconnect any external HDs and other peripherals (another safety precaution).

• We all have shareware/freeware that we depends on every day. It is really important to check the developers web sites to see if they have updates for Lion or that they have tested their current versions with Lion.

• VERY IMPORTANT. Does your Mac make you money? Then do not load Lion onto your production machine until you know you won’t run into problems. If you happen to have a couple of Macs and you have the time, then load it on one and test the applications out or just wait for other people to be the guinea pigs. You really don’t want to be down & out because of an OS upgrade.


Lion’s 250+ features –http://www.apple.com/macosx/whats-new/features.html

Burning a Lion boot disk – http://eggfreckles.net/tech/burning-a-lion-boot-disc/

Doing a clean install of Lion (alternative) –http://eggfreckles.net/tech/installing-lion-clean/

UnofficialApp Compatibility Table –http://roaringapps.com/apps:table

OS X Lion for Businessand Education – Apple PDF document (PDF) – Volume license customers will receive one redemption code for each contract. The redemption code can be used to download Lion from the Mac App Store. When the redemption code is entered, the Lion installer will download to the Applications folder, but will not install immediately. This Lion installer is used to install Lion on other systems. Download once, install many times. (viamacrumors.com)

*Checking your apps:

Go to “About This Mac” under the Apple menu then click on ‘More Info’. This will bring up the System Profiler application. Scroll down the sidebar to ‘Software’ > ‘Applications’ and then sort the list that comes up by “Kind”. Apps that say Intel or Universal will most likely be fine, apps that say PowerPC are too old for Lion.

You can find Steve at about.me/sstanger.

You can tell Steve and I love to talk to each other, we talked for a good 20 minutes before AND after the recording! I love having him on, hope he can come back again soon. In the mean time, many thanks to our sponsors for helping to pay the bills: ScreenSteps, and Smile. Don’t forget to send in your Dumb Questions, comments and suggestions by emailing me at allison@podfeet.com, follow me on twitter at twitter.com/podfeet. If you want to join in the fun of the live show, head on over to podfeet.com/live on Sunday nights at 5pm Pacific Time. Thanks for listening, and stay subscribed.

13 thoughts on “#319 Google+, iPod Interface from Crutchfield, Chromebook, Easy Hard Passwords, Getting Ready for Lion

  1. George from Tulsa - July 3, 2011

    Steve gives good advice.

    HOWEVER, Snow Leopard upgrade DVDs are still only $29.

    If you have a Mac that can upgrade to Lion and you’re still running Leopard, buy Snow Leopard now. Even if you never upgrade your machine, when you pass it on (or try to sell it), you’ll be glad you have the SN install.

    Apple is NOT A CHARITY but a hard-nosed business. Apple WILL withdraw Snow Leopard from sale, and you don’t want to need it when it is no longer available. Anyone who’s followed the Final Cut controversy where FCP 7 isn’t available should take notice of just how far Apple can go to the detriment of even its best customers.

    There’s another self-interested reason to have a SN upgrade. Quite reasonably, Apple stops supporting older OS versions with security updates. SN should be good for a couple more years. Leopard? Expiring sooner. You’ll want the newer version even if you don’t upgrade to Lion.

    > Brief heads up. The $29 SN disk is not a full install. It is an upgrade. I was out of town and needed to do a wipe install on a mid-2010 Mini. Couldn’t get it to work with just the SN upgrade disk. The original “boot” disk was inconveniently necessary and 50 miles away. When SN first released it was able to upgrade directly from Tiger, skipping Leopard, but that was still an upgrade to a machine with an OS

    I don’t know if the Mac Box Set (SN & iLIFE) currently on the store for $129 contains a full install, or just an upgrade. DON’T LOSE YOUR MAC’s ORIGINAL DVDs!

  2. […] für den Hinweis auf diesen Artikel geht übrigens an Nosillacast Folge 319 von Allison Sheridan. Allison’s Podcast hat halt doch immer regelmäßig was gutes […]

  3. BJ Wanlund - July 5, 2011

    Allison, don’t feel rained on! We North Carolinians have no Amazon affiliate links, and have had no Amazon affiliate links, for quite some time. Same issue of Amazon not charging sales tax (which actually I like for big-ticket items, since we have a 7.75% sales tax rate in my area (for our international listeners, state sales taxes are almost exactly the same as your VAT taxes, save for the fact that we have a state or two which do not charge sales tax (Delaware is the main example here), whereas I believe VAT taxes are in effect everywhere (and someone may correct me if I am dead wrong about that, LOL).

    Also Allison, I was screaming at my iPhone during Dumb Question Corner the obvious answer to Professor Albert’s dumb question: Keychain Access! It is actually fairly easy to do, I’ll whip up a ScreenSteps tutorial and send it along as soon as possible, Allison!


  4. Donald Burr - July 9, 2011

    How to recover your AirPort network password using Keychain Access:

  5. john - July 10, 2011

    entropy is a property in communication engineering


    entropy in comms has a similar idea to chemistry and your mentioned ‘randomness’

  6. Allister - July 12, 2011

    A thought on the new password technique. One of my 4 digit bank PIN numbers has a doubled digit in it. I’m always conscious of tapping it out with the double digits more closely spaced than the others, as that is something of a tell on the code and effectively reduces the number of digits to guess to three.

    When someone is typing, it is often relatively easy to observe them undetected. I’ve managed to figure out the odd word someone has typed simply by being familiar with the keyboard layout and watching their fingers. This is almost impossible with a touch typist, but the many hunt-and-peck typists are quite manageable. If your password is D0g………………… then it’s going to be a HECK of a lot easier to observe and determine the password than MyDogIsBarkingAndItsLoud which is exactly the same length and with a smaller alphabet. So the fancy new dotted password may be harder to brute force however is not only easier to observe but may even attract attention as you mash away on that dot key.

    A further complication of the example is that all password fields are obscured, so knowing when you have the correct number of dots could be problematic. The chances of losing count somewhere on the way to 21 is reasonable. I’ve even used systems where the password length is disguised which would even remove the possibility of counting the characters entered.

    So it would seem that the most successful password would be somewhere in the midground between highly complex, hard to type and low complexity and easy to type.

    I’m happy to report that my 1Password master password has a shortest attack time of 1.21 million centuries and my main GMail password has a time of 95.17 thousand trillion centuries and is easy enough for me to type out several times a week. Sure it’s a bit of a pain to type but it’s easy to remember and muscle memory is kicking in. I don’t think I’ll be coming up with any new passwords in light of this new thinking.

  7. podfeet - July 13, 2011

    You make a good point on the repetitive characters. I wouldn’t probably go with a 21 character dot system. One idea I had was to create a fairly short simple sentence but put periods between the words so it looks easy to read and it’s easy to type. Definitely still using the number/letter substitution and the upper/lower case letters. good feedback!

  8. podfeet - July 13, 2011

    Jesse Green added a comment to my Facebook wall that I have to copy to here!

    Jesse Green posted toAllison Sheridan
    The discussion on passwords made me think of this clip from Star Trek…

    The Access Code From Hell
    Data locks out the rest of the Enterprise crew by imitating Picard, and entering the ACCESS CODE FROM HELL! Must be nice to have a random number
    generator in…

  9. Jesse - July 14, 2011

    I read on the Memory Alpha page for Brothers (http://memory-alpha.org/wiki/Brothers) that to crack that bad boy Data entered one would need to enter 8.467 x 10exp80 combinations. It’d be the equivalent of cracking a 269-bit key in symmetric cryptography, which they say isn’t currently possible to do.

    And the Enterprise computer would still probably want him to enter a new password every 30 days.

  10. George from Tulsa - July 17, 2011

    My Chromebook received an update late last week (it is 7/17/11 as I type). I checked, and it was an upgrade partly of the embedded “Flash Player,” and more

    Part of Google’s Chromebook promise is continuous improvements.

    While I have no way to “benchmark” performance, my Chromebook seems much smoother, typing into any of the Google applications doesn’t suffer buffer lag, and watching the Women’s Soccer matches on it (full screen) was very good.

  11. George from Tulsa - July 17, 2011

    Improved Chromebook OS update, yes, up to watching Nosillacast stream and participating in simultaneous live chat?

    Not yet.

  12. Michael Poczynek - July 18, 2011

    Should have bought a BMW. They have had an iPhone and iPod adapter for years. 🙂

  13. […] reviewed Samsung’s original Chromebook in July 2011’s Show 319. As much as I liked the concept of a malware-proof computer, its Atom processor was just terrible. […]

Leave a Reply

Your email address will not be published.

Scroll to top