Immediate Action Required! Your SpiderOak One account will be canceled?

Spideroak logo

I received an email the other day. It looked like a classic phishing attack, except there was no link to fix the problem…

Your account is in violation of our terms of service

Hello. This is ************* from SpiderOak’s support team. I’m writing to inform you that your account is in violation of our Terms of Service immediate action is needed on your part.

Because of the amount of data stored in your account or the type of data you are storing, your account is negatively affecting the accounts of other SpiderOak users. Because of this it will be necessary to close your current account.

We realize this is sudden and we want to do what we can to help you.
We have two options to offer to help you move forward:

1. A 5 TB account at the same price as your existing account. If you choose this option a member of our support team will help you set up a new account, transfer your billing information, and place the new account on a 5 TB plan at the correct price.

2. Cancellation and a full refund of your most recent payment. If you choose this option our support team will set up a refund as soon as we hear from you.

If we don’t hear from you by the end of this week we will lock your account while retaining your data for a grace period of 14 days. At the end of the grace period if we still have not heard back from you your account will be canceled.

You can contact us by replying to this email, or by writing to support@spideroak.com. Please contact us as soon as possible so we can help you move to one of the options I mentioned.

Thanks,
**************
Customer Success

The first thing I did was check my account directly and then replied with this…

Hello ************* and support

To check this isn’t a phishing attack can you tell me the name of the device and how much data is currently stored?

I’m keen to resolve this but it strikes as a phishing attack.

It felt like a phishing attack and since I have seen a bunch of new data dumps, you could hardly blame me.

But once I could verify everything I suggested removing some of my older computer backups after seeing this. This fell on deaf ears.

Unfortunately that isn’t an option. Your account has been using excessive resources, which has caused issues for a number of other users on the same server cluster as you. Because of the No Knowledge nature of our product we can’t tell you exactly what is causing the issue. I’m sorry that I don’t have more details for you.

The two options I can offer you are moving to a new 5 TB account (at your current payment price, normally it is a $320 / year plan) or cancellation and a refund. You won’t be able to keep your current account.

Spideroak account

Note in option 1,  if I pay more money I could still upload the same files to Spideroak!!! Something is fishy here. Either theres a problem with my files or not. I get the zero-knowledge issue but something doesn’t add up.

Frankly I’m pretty peed off about this all. I’m not the only one either, a few searches later I found others who have had similar emails.

Spideroak a while ago stopped their unlimited option and it feels like this the nail in the coffin by removing all the unlimited users?!

I guess its been a good but I have been thinking about switching since Spideroak is American based, the change to the warranty canary and finally something which has always bugged me – No two factor auth!

Suggestions for places to store my backup data which is also zero-knowledge or I could client side encrypt it before uploading if needed.

Motiv ring sold to the corporate world

My Motiv ring on my hand

This was a surprise…Motiv smart ring gets bought – and will stop selling to consumers

It seems the world of consumer wearables has lost Motiv – the smart ring company that’s been an underdog hit in the world of wearable technology.

The company isn’t dead – but it’s being bought by Proxy – a digital authentication start-up that sees potential in using Motiv’s technology in enterprise. As a result of the buyout, Motiv will cease selling its smart ring device through consumer channels, and there’s no word of how long devices will be supported.

Motiv started life back in 2017 as an activity tracking smart ring that put its focus on active minutes rather than simple step counting, with a heart rate sensor on board.

But its feature set widened over the years. In 2018 a second generation landed that put its focus on biometric security – and these are the features that will have interested Proxy.

Likely explains why they returned the full price of my ring a while?

I lost all trust for Zoom yesterday…

British PM on Zoom
Wonder how many people have tried to dial into that zoom id?

Yesterday I was on a zoom call which was hijacked or zoombombed with something not just horrible but totally illegal. Because of this I have pretty much lost all trust in zoom.

This is of course very difficult as its what we use at work and of course being in the middle of the covid19 lockdown, makes things tricky. Because of this, I’m going to still use it but with much more caution and I’m going to be a lot more forceful about the hosting side of it.

Its clear war-dialers for public Zoom meetings is so easy and well used by inscrutable groups of people. Zoom could make sharable links much more difficult to war dial, similar to the way Google docs uses combinations of characters and numbers to make a much longer url, a lot harder to war-dial.

The defaults of Zoom, is setup for a semi trusted corporate environment. I understand the covid-19 pandemic changed everything but there has been many updates and only now is the defaults only just safe. Their share prices have rocketed but they are only now focused on security ahead of more features?

Their idea of end to end encryption is a total dump on top of the security findings saying some calls are being routed via China.. Today they announce you can choose your routing but you need to pay for it. More governments and companies are blocking zoom because they just don’t trust it.

Likewise neither do I… but I will use it… with caution.

I have been thinking about an equivalent, and thought about two.

  1. I lost trust in Facebook a long while ago but still use it for volleyball events and the occasional post about something I feel could be important for friends, family and the public who don’t read my blog (as its posted on the internet already, I post publicly adopting the indieweb Posse approach, much to the surprise of some friends). For example I posted what happened on zoom yesterday there today.
    Facebook was hardly trustworthy to start with and over and over again they took the living daylights with our data.
  2. There was a point when Windows Vista pushed as the step/edition of Windows XP and I didn’t like what Microsoft had done to it. To be fair I didn’t trust them and saw shadows of where things were heading. So I switched to Ubuntu.I know the new Microsoft is quite different of course but the damage was done.

If you are hosting a Zoom call, please do lock it down theres a number of guides to help including this one.

Only 5 months later and face unlock is fixed

Its one of those things which I wasn’t happy about with my Pixel4. Who on earth over looked the fact you could use the face unlock without your eyes open! It doesn’t take a lot to think about the abuses including spouses with trust issues.

Finally over the last few days Google rolled out a fix which requires your eyes open if you enable it! Only 5 moths later

It was the first thing I did when I installed the update. Till that point I’ve been enabling lockdown mode when going through sensitive areas like airport security

My last pebble smart watch… again?

Broken pebble

Today my pebble 2 smartwatch broke while playing with the diabolo in the garden. The screen came straight out the frame. Not sure why but I did put it back but found the screen was dead.

As I thought my smartphone was still connected to the watch via bluetooth and was responding to the button presses and battery charge.

However without a screen I’m forced to use my very last pebble smartwatch. The Pebble time kindly donated from Ahmed, who got a Apple watch. This is why although I did say the previous pebble was my last, I luckily had this backup. However this is the last. Lets hope the hybrid smartwatches are better than Fossil’s attempt.

Broken pebble with last one

Sharing is caring with plex server

My current plex stats over 90days
The last 90 days on my plex server

I always expected an increase in my plex server usage from my friends as the UK enter the Covid-19 lockdown. Especially when I heard all the streaming services dropping back to SD  To be fair its not been as big a demand as I expected but its noticeable compared to last few months of 2019.

Most popular clients

The most popular clients seem to be Chrome & Chromecasts (not sure if Chromecasts sometimes report themselves as Chrome). Thankfully the Xbox has dropped because that client requires everything to be transcoded unlike Tizen which will happily if theres enough bandwidth send the original file and not require any transcoding.

plex concurrent users

I have however hit 3 concurrent streams again, keeping an eye out to see if I can hit 4 or even more. No idea what it would do to my AMD based Plex server? I do have the Intel Xeon based HP Z800 which I recently bought a Nvida Quadro K620 GPU hoping to get hardware accelerated streaming finally working on the HP Z800.

Thats a task for Easter maybe…

Update 13/4/2020

4 concurrent users finally

I noticed my plex server finally reached the 4 concurrent users over the last weekend.

New kid on the block Joplin for notes

Joplin clientsI have a bit of history with note taking apps, having started with Evernote back when I had a Windows Pocket PC and moving to a bunch of different apps till I finally settled on Standard Notes.

Its really good and been using the listed feature for a my gratitude diary. However I checked out Joplin recently and quite like some of the features.

Evernote import works perfectly, meaning I get my rich evernotes back complete with attachments, Actually the way it handles attachments is a lot closer to Evernote. Syncing is done in a number of different ways including Dropbox, Webdav, etc and all done with encryption meaning its using the service as a file container like how I use keepass right now.I had tried to setup a standard notes sync server in the past but didn’t really put the effort in.

Standard note uses markdown which is good and quick but I like Joplin’s hybrid of markdown and html. This pushed further with web clippers in Firefox and Chrome. Making Joplin extremely useful for capturing online resources.

I like both but will find it tricky to use both although I noticed for example Joplin is really painful to use on my ereader, while standardnotes is super smooth. They are build for different purposes but working what do with each is a bit of a dilemma right now. Currently I have my evernote backup and standardnotes in Joplin thanks to export/import. Of course theres lots of duplicate notes which I really need to go through and delete, as I already imported my evernote into standard notes previously.

/e/OS: The beauty of open source

/e/os on a phone

I was quite impressed with the /e/OS project. I hadn’t really heard of it before but as I’m considering the balanced of google service and data in my life; especially with the plans to move UK citizens data/accounts outside the EU.

Taking the AOSP Android Open Source project and removing all the google parts is quite impressive. A real testament to the power of open source.

The interview with itsfoss is a good read, starting off with the question of what and why

Why did you create this Eelo or /e/ project in the first place?

Gael: In 2017, I realized that using Android and iPhone, Google and many mobile apps was not compatible with my personal privacy.

A later study by a US University confirmed this: using an iPhone or and Android phone sends between 6 to 12 MB of personal data to Google servers, daily! And this doesn’t count mobile apps.

So I looked for reasonable alternatives to iPhone and Android phones but didn’t find any. Either I found options for hobbyists, like Ubuntu Touch, that were not compatible with existing apps and not fully unGoogled either. Or there were alternative ROMs with all the Google fat inside, and no associated basic online services that could be used without tweaking the system.

Therefore, an idea came to mind: why not fork Android, remove all the Google features, even low level, such as connectivity check, DNS…, replace default apps with more virtuous apps, add basic online services, and integrate all this into a consistent form that could be used by Mum and Dad and any people without tech or expert knowledge?

I’d be interesting in what apps run on the operating system, as Google really have embedded Play services into everything now. When I first got my recent e-reader, it came with its own app store till you enable play services. That store was super small but it doesn’t have to be that way if you look at F-droid for example.

If I still had my Nexus 5x, I would likely give /e/os a try. I could run it on my Nexus 5 I guess but the screen is maybe too broken.

I have been thinking, following my use of Firefox multiple account containers use. Maybe something of a mashup of Blackberry’s Android profiles (anyone remember this?) and Firefox containers.

This certainly feels like a design challenge which could be massively beneficial to many, and showcase the beauty of opensource

Hey google, read me this page out for me?

I won’t lie, I’m pretty impressed again with Google when it comes to text to speech and speech to text. Like Robby, my use of Google Assistant may also sky rocket.

My regular, daily use of the Google Assistant is likely to skyrocket with this new feature that was just rolled out: the ability to read any web page aloud. Whether or not this sounds awesome to you in this moment, just go with me for a second as we unpack what is going on here and why it will likely be incredibly useful for many.

At its most basic, this new feature does exactly what you expect. It allows the Google Assistant to simply read web pages aloud to you in a natural-sounding voice with a nice cadence. Pauses for commas and periods are dictated the way you’d expect and the decidedly-digital voice sounds very natural. The Assistant reads off the title, the author, and then begins to read through the entire article, highlighting each word spoken along the way.

But it gets better. Way better. When you start a reading session, the entire thing happens in a dedicated media player that gives you options to play/pause, skip ahead or back, and change the playback speed from 0.5x all the way up to 3x. On top of that, the player behaves just like any other media player in that it provides the ability to continue playing when the screen is locked and gives you a rich notification with playback controls as well. This allows you to start up the reader for a long article and go about doing something else while the Assistant reads the entire thing to you. I will 100% start using this for my daily walks or when driving to ingest news that I would otherwise put off in hopes of finding time to read later.

Even better is the fact that websites don’t need anything special in place to take part in all this. No extra code, no tags, no meta data: the Assistant can read any web page unless the web developer for that site has included the proper meta tag that disallows this. I’m sure there are fringe cases where this would be needed, but I’d assume most sites you visit will be readable by the Google Assistant out of the box.

Its very impressive, and my only issues are not being able to read text out of other apps like wallabag or tiny tiny rss. Not being able to playlist a number of pages for reading. Also using Chrome is a bit of a pain (I tried to do this in Firefox for example)

 

Is the pixel 4 worth it?

My Google Pixel 4 battery stats

I was reading through my feed and saw this review of the Pixel4 4 moths later.If I was to write a review of the Pixel 4 months later, I would have some choice words to say. Many more than what I originally wrote.
BatteryThe Pixel 4 battery is weird. For example I’m on 43% and it will last till 9:30am tomorrow morning. However a few weeks ago I looked at my phone and noticed it was on 5% and I have no understanding why?
Generally I only charge it when I’m sleeping, but its only been 4-5 months. I think it might be one of the only phones I might need to replace the battery of in 18 months.There is hope of a ultra low power mode, which if its like Doze could be a game changer.SoliI have to echo the reviewer, as its sums it up and I turned it off except when using the Face ID.

For several years, Google has been working on Project Soli: a radar-based sensor system allowing a device to sense gestures with utmost precision. Fancy videos of the system in action show how virtual dials and buttons can be controlled effortlessly by the snap or flick of a finger. No touching the phone required.

The Pixel 4 and 4 XL are the first two phones to ship with Google’s radar-based system – and it’s bad on so many levels. First of all, its use is extremely limited. With a wave over the screen you can skip songs, mute alarms, or play with your Pokemon live wallpaper. That’s it, really.

To make things worst I turned off active edge and other sensing things as its just not important for me. Weirdly enough every few times I pick up my Pixel4 it vibrates.

Is it worth it?

Well its a good phone but a lot of the features have made it down to the Pixel 2. The Cameras are great but should I have waited for the Pixel 5 or 4A? I do feel I maybe should have replaced the battery on my Pixel 2 and maybe waited…

And where the **** is my Chromebook, Google?!pixeloffer chromebook statusI’m pretty annoyed about the Pixel4 chromebook offer. It was meant to come a little later after buying the Pixel4 but its been 4-5 months!

Getting on the self-hosted train again

Map of the fediverse.space

A long time ago, accessing cubicgarden.com meant accessing my direct server sitting in my home. I use to run Blojsom on top of Resin server. I was self hosting from my 512k ADSL line with 256k up (remember how fast that use to be to!?)

There were a lot of problems I grant you that but it mainly worked ok, although I didn’t like the sysadmin side of it all, as I was using Windows 2000 as the operating system. At some point I decided to switch to wordpress only because PHP hosting was cheaper than Java, although I got some incredible breaks during my time. In 2014 I moved my blog to WPengine thanks to dotBen

That was a while ago and since then I have massively upgraded my connection speed to 1gigabit up and down thanks to Hyperoptic and upgraded my server quite a bit (6 core AMD with 16 gig of memory). The first thing I did was installed Plex server.

Since then I have been slowly adding more services to my server. I guess the most noteworthy ones being tiny tiny rss, icecast2, plex and zerotier vpn (which I’m considering changing to wireguard with the recent announcements). Tiny tiny RSS is useful as I don’t like what feedly and others are doing with my data. Zerotier VPN is very cool and very much like the old and forgotten Hamachi. Because it uses internal ip addresses (non-addressable?) any device I have it connected with can access those addresses like they are on a internal network. This ultimately means I can access all my services including tiny tiny rss without opening up ports on my firewall and exposing it to the internet.

Anyway I’ve been thinking about adding more services to my server including Wekan (alternative to trello), Pixelfed (feiverse instagram), wisemapping (web based mindmapping tool), wallabag (alternative to instapaper), standardnotes server, mastodon (fediverse twitter), funkwhale (fediverse spoitfy), language tool (alternative to grammerly) and matrix (powerful alternative to slack).

Doing it under Ubuntu isn’t a problem as theres lots of tutorials and theres plenty which use Docker to manage everything.

But there is issue it seems when installing multiple services on top of each other. Most of the tutorials require a Apache or Ngnix then some SQL database. The tutorials are written like you are running just one service alone and things become more tricky when you have services using certain ports, etc. Trying to move the ports, database tables is sometimes tricky to follow.

Right now, I’m focused on doing one service at a time or really getting to grips with Docker which was meant to make this easier to deal with???

Ok so why selfhosting (and there is a lot of self-hosting services as I found here) and all the hassle?

I found something which sums it up nicely from a different but connected context.

Decentralized, peer-to-peer networks are evolutionarily superior to the bastardized corporate ‘sharing economy’ platforms like Uber and Lyft. Their billion-dollar budgets won’t save them from the inevitability of the blockchain-based peer-to-peer economy.

The decentralization revolution is here.

On buying the Fossil hybrid HR watch

fossil hybrid HR smartwatch face

During the seasonal period “I bought” a Fossil hybrid HR smartwatch. It was meant to replace my pebble smartwatch but it never came. I made the decision to give it a try after trying it on in the Fossil store in Manchester.

I found it online also found a discount code from Fossil for first time purchases. Ordered it and expected to come back home after xmas to a little present from myself. The Fossil invoice said it takes 4-5 business days

However after lots of chasing weeks after, I finally got a reply saying they had cancelled the order (without telling me) because they were completely out of stock for that model. It was frustrating  but they finally offered me a discount when it comes back into stock. However the discount was for less than my original discount.

I think I would be more annoyed if I hadn’t read this updated review of the smartwatch. I realised one feature the Fossil didn’t have was the ability to reply to messages or emails. Its something I use on my pebble a lot and seeing the message is useful but sending an acknowledgement of some kind is pretty essential.

Like the Motiv ring, being an early adopter can be troublesome and in this case its time to wait and see what others do in the hybrid smartwatch space.

A little tale of my motiv ring

My Motiv ring on my hand

I really enjoyed having my Bluetooth Motiv ring really, it is great except a little while ago it started to not sync properly. Reporting the wrong battery percentage, syncing inconsistently, asking to be upgraded and just being a general annoyance.

I complain back to Motiv and they tried to diagnose the problems I was having with the ring. After a few days they asked if I was playing volleyball with the ring on? I said yes and they suggested using the other hand when playing volleyball. This sounds fine but the problem I have is being ambidextrous in something’s like sports is I switch hands all the time.

I explained I bought the ring for the whole point of wearing it during sports because my pebble watch can not really be worn while playing volleyball.

They suggested a replacement ring however their UK/European supplier has changed and they couldn’t issue a replacement over the winter period. I’m thinking Brexit might have something to do with this? Anyway cutting a long story short, I was completely refunded and I get to keep my current faulty ring. Good stuff from Motiv and I may consider getting a replacement once I see what happens in the near future (maybe a second version will support a few more knocks?)

In the meanwhile, I relooked at the Oura ring 2 but frankly its a lot more and there are some serious flaws in the Android app (no google fit, export, etc).

I’ll stay put and keep wearing the Motiv ring till its completely useless, as its still capturing data and the app is still syncing with google fit.

Dropping Rescuetime for ActivityWatch

Activity Watch logo

I tend to weigh up different systems and applications I use every once in a while. Especially weighing up the benefits to me.

One such application is Rescue time.

I used it in the past and over the last few months reinstalled it again. However this time I tried to automate the reports out of the free account and pretty much failed. The only way I could really do it is if I paid for the pro account at the cost of (a discounted) $6.75 per month.

So enough I thought… A little look around alternative to and decided to give Activity Watch a try.

ActivityWatch is an app that automatically tracks how you spend time on your devices.

It is open sourceprivacy-firstcross-platform, and a great alternative to services like RescueTime, ManicTime, and WakaTime.

It can help you keep track of time spent on different projects, kick bad screen habits, or just understand how you spend your time.

Its pretty good and doesn’t drain my laptop while watching my laptop. Of course being local and under my control only, I don’t really need to worry so much about whats collected. You can of course limit things as you go, turn off tracking or just delete the data any time.

I have it on my Dell XPS laptop and on my work phone and its good except one thing. Currently there is no sync server, so each device has its own server. But they are working on this… Once they do, I’ll likely install it on my server and put the client on more of my devices.

The other thing I’m hoping for is to see more use of the stopwatch activity watch bucket (buckets are the pools of data collected). Since Project hamster is currently being rethought and I like to track my work progress alongside my activity.

As a whole the project has a lot of potential and worth the wait I hope for the features expressed above.

After all that hunting for new headphones, Bose make good

Black Bose on ear headphones

After all that time trying to get new headphones, after the problems with my 4 year old Bose on-ear headphones… I contacted Bose Support on Twitter and after a long direct message conversation they agreed there might be a problem with the battery.

I sent it to them earlier this year and just before xmas, they sent me the Bose triple black on ear headphones, as they didn’t do my original on the ear ones anymore.

IMG_20191229_121624

Not a bad result for 4 years of headphone use. Very glad I registered my headphones with Bose after coming back from Tokyo, just wish I contacted them earlier and saved myself all that hassle. Thanks Bose support for everything.

I’ll keep my other ones but really happy to not have noise cancelling as default now. Not ideal for walking the streets of the UK.