Category: Technology

Security Theater – Alexa Edition

Amazon announced a new privacy feature where you can ask an Alexa device to delete the day’s recordings. Not like “at 23:59:59, delete everything from today” and not “delete everything for the past 24 hours” but delete everything from 00:00:00 to right now when I’m asking you to delete it. Curious how this works in a discovery scenario. How deleted is deleted? And what happens when the next hot-tub murder scenario Alexa records is immediately followed by “hey, delete my recordings for the day”?

I expect this is in response to the poor reception news of human audio reviewers engendered. Can’t say I was shocked to hear they have humans reviewing recordings … I’ve got the same basic thought about Amazon employees/contractors listening to my recordings as I relayed to employees who were concerned that we were reading their e-mail back when I actively maintained the e-mail system. (1) They’re not that bored and (2) I’m not that interesting. I expect there’s an algorithm that flags specific scenarios for review — hopefully every time the thing wakes up and hears “cancel” because that wasn’t the wake word it just heard, probably some percentage of instances where the response is “i don’t understand that”, some other flags, and some small percentage by a pseudo-random selection.

Amazon is probably paying these reviewers a pittance, but they’re still paying them something. And Amazon isn’t paying for someone to be entertained by my daughter singing to the speaker. Are there people posting links to funny and embarrassing recordings? Sure. I also knew people who worked in a call center that contracted out to credit card companies for customer support — people who got busted for extortion because they’d read through six months of account statements after every call. Find something that might be embarrassing/suspicious & call the dude (i.e. poor sap who had rung up for assistance with his account) and demand money not to tell his wife about the affair. Or his gambling. Or what he spends at S&M clubs. Of all of my data that’s out there, smacking into the wall and yelling “bugger” as I check the temp while running out the door just doesn’t rate.
That being said, I’d just as soon not have a company retain audio recordings every time I check the time or weather. But let’s be honest — who is really going to incorporate “oh, delete today’s recordings” into their night-time routine? Once or twice, whatever. Every single day? Not gonna happen. Which is, I expect, the point. Amazon can tout this option to give you control. But they know there’s no way people would opt in to have their recordings retained. And there’s probably a significant number of people who would go through the effort of setting up retention that would automatically purge recordings after 24 hours. But this sounds like a privacy feature but is too much of a pain to use. We’ll check to see if we can purge the daily recordings via an API call, and if not we’ll have a speaker in the house play a MP3 file each night. But that’s not normal user kind of stuff … so Amazon will lose a few days worth of recordings for people who check it out, all recordings for a few uber-techs or super-security-conscious folks. A statistically significant number? Probably not. Security theater.
Worst part, though … you cannot just delete the recordings by voice. Oh, no! You’ve got to enable the function. Because it would be awful if some friend was screwing around with my device and deleted today’s recordings!? I mean, I get not wanting pranksters/kids/pets to order merchandise — which is why you can add an ordering pin for your account . But if there were some API bug which allowed any random Internet user to delete my recordings (not retrieve, not listen to … just delete), I wouldn’t care. The small subset of “every random Internet user” that actually gets within voice range of my house!?! Not exactly somewhere worthy of high security.
Amazon’s self-serving “keeping your recordings extra safe” policy means logging into the Alexa website, going to settings, scrolling down to “Alexa Privacy” (granted a fairly obvious selection), being popped over to another page which you could have hit directly if only you’d known this is where it would send you, going to “Review Voice History” (not a fairly obvious selection) and enabling voice-sourced deletion. This is, conveniently, the same place no one ever went to blow away recordings before voice deletion was an option.

Did you know … Conditional Formatting can highlight data based on date?

As we are upgrading groups to Microsoft Teams, we need to be able to identify which activities need to be performed each week. While highlighting today’s date is a start, it is better to identify which tasks need to be performed in the upcoming week so we can plan ahead.

To accomplish this, I use a conditional formatting rule. It highlights all of the date values that fall between today and seven days in the future. How? In conditional formatting, you can use a formula to determine which cells to format. My selection rage is E2 through J20, so the conditional formatting formula is based off of the E2 cell.

The formula AND’s to IF functions. If the difference between the cell date and today is less than 8 (less than 8 days in the future) AND if the difference between the cell date and today is greater than or equal to zero (today or a future date), the rule evaluates to TRUE and the highlighting is applied.

=AND(IF((E2 – TODAY()) <8,1,0),IF((E2 – TODAY()) >= 0,1,0))

The result – every activity we need to plan for in the upcoming week is highlighted.

 

Using ZoneMinder v1.32.3 With OpenHAB2

I documented a temporary fix to return ZM_PATH_ZMS and ZM_OPT_FRAME_SERVER through the ./api/configs/view/<KEYNAME>.json API so ZoneMinder 1.31.45 worked with the OpenHAB2 binding. Upon upgrading ZoneMinder to 1.32.3, the binding was no longer able to communicate with our ZoneMinder server.

In the OpenHAB2 log, errors indicated malformed JSON was received.

Caused by: com.google.gson.stream.MalformedJsonException: Use JsonReader.setLenient(true) to accept malformed JSON at line 1 column 7 path $
at com.google.gson.stream.JsonReader.syntaxError(JsonReader.java:1568) ~[?:?]
at com.google.gson.stream.JsonReader.checkLenient(JsonReader.java:1409) ~[?:?]
at com.google.gson.stream.JsonReader.doPeek(JsonReader.java:542) ~[?:?]
at com.google.gson.stream.JsonReader.peek(JsonReader.java:425) ~[?:?]
at com.google.gson.JsonParser.parse(JsonParser.java:60) ~[?:?]
at com.google.gson.JsonParser.parse(JsonParser.java:45) ~[?:?]
at name.eskildsen.zoneminder.jetty.JettyConnectionInfo.fetchDataAsJson(JettyConnectionInfo.java:352) ~[?:?]

Using a web browser to access <ZoneMinderURL>/zm/api/configs/view/ZM_PATH_ZMS.json, malformed JSON is returned.

Conf files are not updated when new packages are installed – an conf.rpmnew is created instead. The changes from the new config (zoneminder.conf.rpmnew) file need to be merged into the existing config file (zoneminder.conf). In our zm.conf file, I added:

ZM_DB_SSL_CA_CERT=
ZM_DB_SSL_CLIENT_KEY=
ZM_DB_SSL_CLIENT_CERT=

Reloading the page in my browser confirmed that the JSON response is valid.

When the ZoneMinder binding started, it successfully attached to our monitors and detected a motion alarm.

This does not negate the need for the original fix — config.php still needs to have the strcmp I added. When ZoneMinder is upgraded, /usr/bin/zmupdate.pl is run (I needed to run “/usr/bin/zmupdate.pl -f” to stop zmc from existing with return code 255), the values I added to the ZoneMinder Config table are removed — they need to be re-added.

 

Did you know … the Teams mobile client lets you configure you time?

Mobile access to the company’s communication platforms is convenient – and you can use Teams on your Android or iOS device. A training class or a trip out to a customer’s site no longer means you are disconnected from the day’s routine discussions. But sometimes I want to disconnect – watching my daughter’s gymnastics performance, my husband’s birthday dinner, listening to a band at the local club, painting en plein air at the local park. Oh, and certainly dark-o-clock when I’m sleeping. Configure “quiet hours”!

Tap the hamburger menu in the upper left-hand corner of the screen.

Tap “Notifications”

Tap “Quiet hours”

Move the “Quiet hours” slider to ‘on’

Select the times when you want Teams notifications to stop and resume. If you want to disable Teams notifications for entire days (regularly scheduled days off or temporarily for vacation days), tap “Quiet days”

Move the “Quiet days” slider to “On” and tap the days during which you wish to suppress notifications.

Return to the menu and you will see that quiet hours are scheduled.

During quiet hours (or days), the notifications logo will indicate that notifications are disabled and tell you when notifications will resume.

The hamburger menu on the Teams app will also indicate that notifications are temporarily suspended.

 

Did you know … you can use Microsoft’s Whiteboard in your Teams meetings?

Microsoft Whiteboard, in Teams, is currently a public preview. Like other previews available in the Office 365 ecosystem, there will be glitches and things that don’t work properly. If something isn’t working quite right, turn off the preview and verify the problem persists before reporting an issue. You can submit feedback directly to Microsoft through their UserVoice site, but previews are not supported by Microsoft.

Now that the warning bit is out of the way – we’ve been using the Whiteboard for a week and the only oddity I’ve encountered occurs when both a Whiteboard and desktop are shared simultaneously. You must keep minimizing the Whiteboard to view the shared desktop.

How do you use a Microsoft Whiteboard in your meeting? When you are in a meeting, click on the “Sharing Tray” in the meeting tool bar.

In the “Whiteboard” column, select “Microsoft Whiteboard”

A whiteboard will be opened and shared with everyone on the call. To draw on the Whiteboard, select “Inking mode”

Click on a pen (or the eraser) along the right-hand side to select a pen color.

Draw on the screen. Click on the blue check-mark to leave inking mode. To close the whiteboard, click “Stop presenting”.

After the meeting, how do you access the Whiteboard? Visit https://whiteboard.microsoft.com – the Whiteboard will be stored for the person who initiated the Whiteboard in the meeting. To share it with others who had attended, click the ellipses on the Whiteboard preview.

Select “Invite”

Select “Create sharing link” and paste the link into the Teams meeting chat.

Team members can use the link to view the Whiteboard.

Whiteboards from Teams meetings are also available through the Whiteboard app. The app expands on the basic Whiteboard functionality available in Teams or online. In the app, you can select text ink and convert it to more readable text. Use the lasso tool to select a region of text ink.

Click on the magic wand

Voila, more legible text!

Click the hamburger menu in the upper right-hand corner of the screen for additional options — including “Export” which will create a PNG or SVG image from your Whiteboard data.

Did you know … Teams displays an alert when a new Planner task is assigned to you?

You will now be alerted in Teams when Planner tasks are assigned to you – this is another step toward making Teams the single hub for collaboration. Task assignment only creates activity when the Planner is a tab in one of your Teams spaces. If you create a Planner board that does not appear as a tab in a Teams space, new tasks assigned on that board will not create activity in Teams. To start getting Teams alerts for a board, just add it as a tab to a Teams space.

You’ll see an alert in your “Activity” feed

And in “Chat”. The card contains the task title, the name of the individual who assigned the task to you, the Teams space where the Planner is stored, and a link to view the task.

Click “Open Task” and you’ll be brought to the Planner board within the appropriate Teams space. The task will be open and ready to edit.

* If you have the mobile Planner app installed, you will receive push notifications in addition to seeing the task in your Teams activity.

 

Did you know … e-mails can be sent to a Teams channel?

I’ve mentioned before that we can send e-mails to a Teams channel – forward a message in my mailbox to a channel so we can discuss it. But did you know Teams channels can receive e-mail from outside of our Exchange Online environment too?

That doesn’t mean you’ll be seeing advertisements for low cost (and dodgy) prescription drugs or entreaties from the purported prince of far-far-away show up in your channel conversations. Until someone gets an e-mail address for a channel, it doesn’t have one.

To associate an e-mail address, click the ellipsis next to a channel name and select “Get email address”

Copy the SMTP address. If you want to control which domains can send e-mails to the channel, click “advanced settings”

By default, anyone can send e-mails to the address. Simply select the appropriate radio button for the restrictions you want. “Only members of this team” lets members forward messages from their personal mailbox for discussion.

Selecting “Only emails sent from these domains” allows you to enter the list of domains from which you want to receive messages. Click “Save” to save your changes.

Send an e-mail message from an approved domain. Voila – a message from my home domain delivered to the Teams channel.

You can have monitoring systems, vendor ticketing systems, all sorts of e-mail sources deliver messages right into your Teams channels.

 

Did you know … you can add Teams channel meetings to your calendar?

Holding a meeting in a Teams channel allows channel members to attend if they have time and are interested in the meeting – it also lets Team members access meeting artifacts easily.

But when you schedule a meeting in a channel, only direct invitees see the meeting in their calendar. This is great for people who aren’t going to attend, but I end up joining the call ten minutes late because I didn’t see the meeting when I check my calendar to see what’s coming up.

But you can add a channel meeting to your calendar – if you decide to attend the meeting, click the ellipses on the meeting item and select “View meeting details”

Click “Add to calendar”

Voilà! Now the meeting appears in your calendar.

 

Did you know … you can open files in VSCode over SSH!?

The plug-in is a preview and you need to use VS Code Insiders to install it … but you can open files and folders directly from a *n?x server via SSH. This is a great way to circumvent Samba quirks (changing the case of a file name, filemode differences between the Samba share and the local files causing all files to be marked as changed, etc) – and can even eliminate the need to load file sharing servers like Samba in the first place.

Once the plug-in is installed, a “Remote – SSH” icon appears in the left-hand menu bar. There is a single configuration option for a file containing host definitions. You’ll want to set up key-based authentication and include the path to the authorized private key in your host config.

Right-clicking a host will allow you to open a file or folder within the current VSCode window or launch a new window.

One caveat – you are running git commands from the context of the remote machine … this means you’ll need a user name set up there or your commits show up with the local logged on username and username@hostname address.

 

Did you know … you can open Teams files directly from Office 365 Applications?

While you can go into a channel, select the files tab, and open a file from within Teams … that’s a lot of clicking just to open a file in another program. But you can open files stored in Teams (or any other SharePoint document repository) directly from Office 365 programs. How?

Open an Office 365 program – Word, Excel, PowerPoint, Visio. Click on the “File” ribbon bar and select “Open”. SharePoint Online document repositories, including those used by Teams, are listed under “Sites – Windstream Communic…”.

You may already have SharePoint sites listed. To add a new site, you just have to follow it.

Select the SharePoint site that matches your Team name. Click “Documents”

You’ll see a folder for each channel in your Team. Click the channel where the file is saved.

Navigate to the folder where your file is stored, then select the file. It will open directly in the application. When you save the document, the SharePoint document is updated.

Tip: Frequently used documents can be pinned for quick access. After you have opened the file, it will appear in the most recently used list. Click the little push-pin next to the file and it will be pinned to the top of the recently used file list. The Excel files and Word documents that I use frequently can now be opened without navigating through the file structure to find them.