Dec 5, 2014

If you haven't yet, you need to try Google Hangouts

For years I've been a pretty avid Skype user. Well, I guess I shouldn't say avid because it's not like I used it all the time, but whenever remote family members wanted some face time when I lived in California, Skype was the goto for that. Well things have changed for me recently.

I started dating a really great woman who lives in Grand Junction which is about an hour away from my home in Cedaredge Colorado (If you haven't heard of it, don't worry. Nobody has!). Well she and I have opposite parenting schedules at the moment which makes getting together a bit challenging at times. One thing we started doing to overcome that hurdle was having video chat sessions with each other.

The difference this time was that I wanted to try out Google Hangouts because it has been a long time since I've used Skype and frankly I don't remember my login information. I use my Google account all the time for blogging here at Bauer-Power as well as going on Youtube and synching my Google Chrome browsers. Also Hangouts runs in your browser and doesn't need any extra heavy software.

Here is a screen shot of me screwing around on Google Hangouts using their goofy effects feature:

My new girlfriend and I use it to chat in the evenings and see each other when we can't be together, but if you use it to talk to family it has a built in group chat feature. All you have to do is send out a link to the session and anyone with a Google account can join and you can talk to multiple people.

If you run a video podcast and post to Youtube like I used to do with Tech Chop, it also gives you the ability to live stream your conversations on Youtube and save it for later. Plus the interface is stupid intuitive so even your non-tech savvy grandma can probably figure it out.

The next time you feel like doing a video chat with someone, skip Skype and give Hangouts a try!

Do you use Hangouts? What do you use it for besides video conferencing with your friends? Let us know in the comments!

Nov 17, 2014

Apple Is Late to the Smartwatch Party

Apple and Samsung have been at it for years. Recently their grand battle seems to have deescalated as both sides dropped patent lawsuits in countries outside of the United States. They still claim that the other side is using their intellectual property but will be proving it in the public arena instead of civil court. Now the two giants are squaring off in the wearable technology wars. In September, Apple unveiled its Watch and Samsung already has five versions of its Gear. Which one is better may yet to be seen but with these two big players duking it out, we know that wearable tech is here to stay.

Apple Fever

The recent launch of the iPhone 6 paired with the new Watch wearable have made Apple common conversation for the technologically savvy. September 19th saw hordes of loyal Macheads lining up to get their newest addition to smartphones. The Apple Watch was unveiled at the same time to hopes that the official 2015 release will see a similar turnout. The Watch itself, running around $349, is a stylish piece of wearable tech that is iPhone 6 compatible. With the Watch, you can check Facebook, send messages and use a Siri style voice response control to navigate other simplified apps.

Legal and technical discussions aside, Apple has proven itself to be a marketing leader in technology. Their personal computer is number one in the market, iPods are synonymous with music players, and the previous version of the iPhone gained them one-quarter of worldwide smartphone market shares. Whatever the sales outcome, Apple’s marketing endeavors can only help the future of wearable tech.

First To Market

Apple has gotten a lot of flak by introducing functions that Android users have been using for a couple of years. The Samsung Galaxy S5 was released six months before the iPhone 6 with many of the same features that were hyped in the new Apple version. Likewise, the Apple Watch may be eclipsed by the fact that Samsung already has five versions of wearable tech in its Samsung Galaxy Gear line, all for a little more than half the price of the Apple Watch.

In a side-by-side comparison, Gear showed to be a little bigger than the Watch by about 15 mm. The common functionality is largely the same with social media and messaging on both devices. The aesthetics is one of the biggest differences with the Watch having an aluminum body compared to the plastic body of the Gear.

The Future of Wearable Tech

This new form of style technology has some heavy hitters in the arena. Add Google Glass to the mix and wearable technology looks like the new frontier in mobile devices. If we look at this from a marketing perspective, cultural shift with Samsung and Apple pumping money into advertising their products and Google actively soliciting novel uses for their device, this technology is up for grabs by the person with the best ideas. Medical engineers are already using it for physiological and psychological applications. Fashion designers are vying for ways to create a vision of the future that can be worn today. Wearable tech is not a climb to the top but a race to the edge of imagination.

Cloud Gaming Brings Sophisticated AI Characters

When looking at the future of video games, nothing captures the imagination like the possibilities of cloud computing. According to, standard Xbox performance clocks in at 150 to 200 milliseconds of latency, but when utilizing cloud processing, it could easily drop latency down to 60 milliseconds. Furthermore, with cloud technology, wholly new AI patterns could emerge as well as many other amazing developments. Here is a closer look at the cloud-backed future of AI in gaming.

How It Works

Cloud gaming can be a little hard to understand because it is somewhat different from standard consumer cloud computing, which focuses primarily on data storage. Instead, cloud gaming is when cloud servers run a game, then stream a video of gameplay to you and your controller inputs into the cloud network. This way, the remote server farm does the graphical and memory intensive processing while you receive video and audio on your screen at home.

More Power

One of the most promising and exciting areas cloud gaming technology opens up is the ability to create huge, detailed and seamless virtual worlds and characters. Because you can offload the burden of complicated processing tasks like weather, physics and AI behavior, developers can create games that no single consumer console could handle. It's exciting to imagine what a game like “Skyrim” could be like if the processing burden of controlling an entire country worth of non-player characters could be transferred from the console's hardware to a server farm. The availability of digital downloads also shows the power of cloud technology. Dragon Age: Inquisition, set to be released November 18, can be downloaded online despite the game having an incredibly large map and over 80 hours of gameplay.

Burgeoning AI

The capabilities of cloud-based gaming are apparent in modern titles like “Forza Motorsport 5.” These games offload nonplayer character AI to the cloud, which allows for sophisticated artificial behaviors. For example, “Forza Motorsport 5” utilizes what Microsoft refers to as the “Drivatar” system. This system uses data analytics performed serverside combined with cloud processing to create ever-evolving opponents based on the player's driving behavior. Not only does this make the AI smarter and more realistic but it also makes it capable of making realistic mistakes just like the real players. And, nothing beats the thrill of playing against an intelligence that can make judgment calls, both right and wrong.

Gameplay Experience

In "Titanfall," which was PS4's best selling game several months in a row, server-farmed power will mean an evolving gameplay experience. Not only can “Titanfall” be patched at any time without disrupting the player experience but the dozens of infantry units and Titans being thrown at the player all have their behavior and reactions controlled by powerful servers. As GameSpot reports, the new frontier defense mode pits multiple players against waves of up to 200 AI-controlled enemies, each one with the power of the cloud backing their intelligence.

This is especially interesting when you consider that the world of “Titanfall” is heavily populated with grunts that are AI controlled as well as pilots that are player controlled. This can change your game strategy when the line between AI and human intelligence is blurred. For example, a common player tactic is to avoid detection by behaving like a grunt. However, as the AI becomes more strategic and intelligent, this tactic will not be as useful and players will have to come up with a new strategy. Overall, this makes the games more challenging and creative.

Nov 14, 2014

TDSSNIClient initialization failed with error 0x80090331, status code 0x80. Reason: Unable to initialize SSL support.

The other day our business intelligence guru came to me because she couldn't login to our test Microsoft Dynamics GP 2013 environment for some reason. After some digging I found it was because the SQL Server 2014 service wasn't running. When trying to manually start the service I got the following error in the event logs:
TDSSNIClient initialization failed with error 0x80090331, status code 0x80. Reason: Unable to initialize SSL support. The client and server cannot communicate, because they do not possess a common algorithm.

This was caused because I was testing encryption changes on the server using IISCrypto a few days earlier. I wanted to configure the server to only support TLS 1.1 and TLS 1.2 using only AES Ciphers. IIS Crypto looked like this:

Well I guess Micorsoft SQL 2014 doesn't like that too much, so I had to change it back to enable TLS 1.0 as well as Triple DES and RC4, so IIS Crypto looked like this:

After I applied that change in IISCrypto and rebooted the SQL server everything started up again as it should.

Do you know how I can better lock down SSL when it comes to SQL? I want to turn off the weaker protocols and ciphers. If you know how to do it, or have a link on how to make it work let me know in the comments!

Nov 12, 2014

More FREE stickers when you ask for your FREE Ubuntu stickers!

As many of you all know I've been giving out FREE Powered By Ubuntu stickers for a few years now. A lot of that has to do with my love of that operating system and Linux in general. I receive requests from all over the world for them. It's nice to know I'm doing my part to spread Ubuntu!

Well, I want to add to that! Now when you get your Ubuntu Stickers you will also be getting both of these stickers as well!

These stickers are 4.25" x 1.38" so they are small enough to fit on the back of your smart phone if you wish. Or if you are like me and you like to put stickers on the back of your laptop, they are perfect for that as well!

Not only am I a big fan of Linux, I am a big fan of privacy and encryption. I'm hoping to spread that love along with my Ubuntu stickers.

What do you think? Let me know in the comments!

Nov 5, 2014

4 High-Tech Solutions to Keep Tabs on Your Kids

Back when you were a kid, all your parents had to worry about was you sneaking out or speeding when driving. With all of the advancements in technology have also come more worries like cyber-bullying and identity theft. Here are some apps that can act as mother's helpers to make sure the kids aren't getting into trouble.


The MamaBear app is an all-in-one monitoring app that monitors your child's location, social media accounts, check-ins and can even let you know if your kids are speeding when driving or riding. The options available with this app are robust and you can set various parameters and receive alerts when those parameters are broken (like when a curse word is posted on his Facebook page) or met (when your son arrives home from school). The app is free for iOS and Android users and there are paid levels of membership that offer more in-depth monitoring features (pricing ranges from $4-$5 per month). Setup is simple; you just install the MamaBear app on your phone, then install it on your child's phone and then customize the settings to create your monitoring parameters.

This app is ideal for younger kids who are getting their first taste of independence, rather than teens, since it requires the app to be on your child's phone and a rebellious teen could uninstall it to quickly disable monitoring. It's also designed for two-way communication as much as it is monitoring, allowing kids the option to "check in" with you using emoticons or emergency alerts, which is especially helpful for kids who are beginning to walk to or from school on their own.

Lifelock Junior

With clean credit scores and no credit history, children are ripe targets for identity thieves looking to score big. Your innocent child could be unknowingly sharing sensitive personal information online, making him a target for online predators. Instead of taking the alarmist approach and banning social media and Internet usage, instead get proactive and use an identity theft protection service. Identity theft protection giant Lifelock offers a service designed specifically for kids. Lifelock Junior monitors usage of your child's social security number, credit history and regularly searches file-sharing networks for leaks of sensitive personal information. You'll be alerted immediately if the system detects any issues. Lifelock Junior costs around $5 per month per child and is available as an add-on with their adult protection plans.


If you're looking for a way to monitor your angsty teen in a way that's a bit more covert than a service like MamaBear, TeenSafe is for you. With TeenSafe you can read your teens texts (even the deleted ones), view Internet browsing, search history and monitor location, phone calls and contacts. Best of all, you child doesn't even have to know that you're monitoring his or her phone. TeenSafe uses your child's Apple ID to access all of the information on the phone, so without a visible app, they'll be none the wiser. You can view all activity from your computer by logging into the monitoring portal, which you can access from any computer at any time. This service, a bit more expensive than its competitors at $14.95 per month, it's impossible to put a price tag on the peace of mind that comes with it.


Want to know what your son's doing on his iPad? iKeyMonitor acts as your eyes and ears when your kids think you're not looking. This spy app enables invisible iPad monitoring to give you access to your kids' iMessages, WhatsApp messages, browser history and it even takes periodic screenshots to show you what they are doing. All of this information is sent to you regularly via email in the form of usage logs. Pricing starts as low as $8 per month when you purchase a 12-month license of the iKeyMonitor software.

Nov 4, 2014

I resurrected my Facebook page

After over a year of being without Facebook I've finally broken down and resurrected my personal Facebook account. I know I promised that I wouldn't do it way back in July last year, but things have changed.

Namely the fact that my wife of 14 years decided she didn't want to be married anymore right after we all moved to a small one-horse town in Cedaredge Colorado where there is NO CHANCE of meeting anyone my age.

I don't want this post to sound bitter, because I'm not really. I've had over ten months to come to terms with my situation. So the reason I reactivated my account comes down to two things really:
  • Nobody uses websites out here for their businesses, they all use Facebook
  • I thought it would be nice to connect with old friends again since I have very few in this small country town
Now, my initial concerns with privacy are still valid, so I've decided I'll go ahead and just change how I use Facebook. I won't post a minute-by-minute play-by-play of my life. I'll merely use it to keep in touch with people. I've also decided to lock it down a bit. Simple right?

Anyway, if you follow Bauer-Power and used to be friends with me on Facebook look me up and let's be friends again!

Nov 3, 2014

Protect your employees from POODLE with this simple Group Policy

By now you have probably heard about POODLE which looks like it will kill SSL 3.0. If you haven't here is a description from US-CERT:
The SSL 3.0 vulnerability stems from the way blocks of data are encrypted under a specific type of encryption algorithm within the SSL protocol. The POODLE attack takes advantage of the protocol version negotiation feature built into SSL/TLS to force the use of SSL 3.0 and then leverages this new vulnerability to decrypt select content within the SSL session. The decryption is done byte by byte and will generate a large number of connections between the client and server.
Microsoft has announced that they will be making a hotfix available that disables SSL 3.0 for Internet Explorer in the registry. You can do that yourself though via group policy be making the following setting:
  • In Group Policy Manager create a new Group Policy Object called TLS Settings
  • Browse to Computer Configuration > Policies > Administrative Templates > Windows Components > Internet Explorer > Internet Explorer Control Panel > Advanced Page > Turn Off Encryption Support
  • In the Secure Protocols Combinations drop down box select: Use TLS 1.0, TLS 1.1 and TLS 1.2 and click Apply
After making that change, your clients will only be able to use TLS 1.0 and above and will be secured from any type of downgrade attacks that take advantage of protocols less than TLS 1.0.

Oct 29, 2014

It's time to re-key your SSL certificates if they're signed with SHA-1

Google announced back in September that they will be the major catalyst for killing off SHA-1 around the world. In their blog post they talk about their plan to gradually "sunset" SHA-1 because of how weak it is.

From their blog:
The SHA-1 cryptographic hash algorithm has been known to be considerably weaker than it was designed to be since at least 2005 — 9 years ago. Collision attacks against SHA-1 are too affordable for us to consider it safe for the public web PKI. We can only expect that attacks will get cheaper.

That’s why Chrome will start the process of sunsetting SHA-1 (as used in certificate signatures for HTTPS) with Chrome 39 in November. HTTPS sites whose certificate chains use SHA-1 and are valid past 1 January 2017 will no longer appear to be fully trustworthy in Chrome’s user interface.
That's right, starting next month if your website is using an SSL certificate that was signed with SHA-1 and is good past January 2017, then users that browse to it with Google Chrome will start getting browser warnings! Thanks Google!

That means you need to have your certificates re-keyed through your SSL provider using a certificate signing request (CSR) with a SHA-256 signing hash if you don't want people to get browser warnings.

If you use IIS, even in Windows 2012 R2, it will still generate a CSR with SHA-1 only. So you need to use OpenSSL to generate your CSR. Linux has it built in, but if you are a Windows server user you can download a Windows version.

To generate your SHA-256 CSR run the following:

openssl req -nodes -sha256 -newkey rsa:4096 -keyout PrivateKey.key -out CertificateRequest.csr

You will prompted for the usual information, and this will create your private key and your CSR to send to your SSL provider. Once your new cert is issued you should be good to go if you have an Apache server or Nginx.

If you are a Windows IIS user you may want to create a p12 file with your certificate and private key all in one file so you can easily import it with the Certificates MMC snap-in. To create the p12 file run the following command:

openssl pkcs12 -export -in SignedKeyFromCA.cer -inkey PrivateKey.key -out SignedKeyPair.p12

You will be asked for a password to protect your key and you'll have to remember that password when importing it into Windows.

That's it, once that is done and installed you can check to make sure you did everything properly with SSL Labs.

Oct 22, 2014

I'm switching back to OpenSSL on my Ubuntu Apache Servers

Many moons ago I posted about how I switched from OpenSSL to GnuTLS. That was because I wanted to mitigate against The BEAST attack, and at that time the version of OpenSSL that came with Ubuntu didn't support TLS 1.1 or TLS 1.2.

Well, in the latest Ubuntu releases OpenSSL does support it, but the funny thing is that something is wrong with GnuTLSPriorities in Ubuntu 14.04. For some reason, the string doesn't work anymore and I can't so simple things like disable SSL 3.0 which you need to do to mitigate against the new POODLE vulnerability.

I decided to switch back to OpenSSL, and in order to be PCI compliant and get an A+ rating on I also added the following to my /etc/apache2/sites-enabled/default-ssl.conf file:
SSLCipherSuite AES256+EECDH:AES256+EDH
SSLProtocol All -SSLv2 -SSLv3 -TLSv1
SSLHonorCipherOrder On
Header always set Strict-Transport-Security "max-age=63072000; includeSubDomains"
Header always set X-Content-Type-Options nosniff
You need to be sure that you have headers enabled for the above to work.

Once all of that is done you should be good to go!
[Code via]

Oct 1, 2014

Alternative To Truecrypt and Bitlocker For Full Disk Encryption

Cryptographically secure pseudorandom number g...
 (Photo credit: Wikipedia)
We all know that the original creators of Truecrypt jumped ship and instead of passing on the source code decided to make the latest version that will only decrypt, but not create new encrypted volumes. They also spouted some nonsense about how it is no longer safe.

Well, a new group has taken over the project but we don't know when they will have a new release out. Because of that some people don't want to use Truecrypt anymore and are looking for alternatives.

One I'm trying out now looks promising. It is called DiskCryptor. Here are the features from their page:

·         Support for encryption algorithm AES, Twofish, Serpent, including their combinations.
o   Transparent encryption of disk partitions.
o   Full support for dynamic disks.
o   Support for disk devices with large sector size (important for hardware RAID operation).
·         High performance, comparable to efficiency of a non-encrypted systems.
o   Support for hardware AES acceleration:
o   AES-NI instruction set on new Intel CPU;
o   PadLock extensions on VIA processors.
·         Broad choice in configuration of booting an encrypted OS. Support for various multi-boot options.
o   Full compatibility with third party boot loaders (LILO, GRUB, etc.).
o   Encryption of system and bootable partitions with pre-boot authentication.
o   Option to place boot loader on external media and to authenticate using the key media.
o   Support for key files.
·         Full support for external storage devices.
o   Option to create encrypted CD and DVD disks.
o   Full support for encryption of external USB storage devices.
o   Automatic mounting of disk partitions and external storage devices.
·         Support for hotkeys and optional command-line interface (CLI).
·         Open license GNU GPLv3.

The one thing it is missing that I used a lot with Truecrypt is the ability to make encrypted file containers which are great for keeping files encrypted over shared file storage like Google Drive. For full disk encryption though it works like a charm.

A thing that I liked about Truecrypt was you could easily install it on a Linux Live CD so you could perform offline maintenance if you needed to with an encrypted volume. Well you can't create a Linux Live CD for DiskCryptor, but you can create a WinPE live disk with it!

So far it looks good, and I boot up time doesn't appear any more impacted than it did with Truecrypt. For now, I think this one might be my choice for the best alternative.

What are you using for full disk encryption since Truecrypt went belly up for the time being? Let us know in the comments.

Sep 30, 2014

No Renewal? No Problem: 3 Ways to Keep Your iPhone Fresh

After a long wait amid considerable rumors, on Sept. 9 Apple announced the new iPhone 6 and its first-ever phablet, the iPhone 6 Plus. Mashable reports that the iPhone 6 will have a 4.7-inch screen and the Plus will have a 5.5-inch screen. They both will have the same internal specs, but the Plus will have a higher resolution of 1920 x 1080.

The iPhone 6 came out Sept. 19 for $199, $299 or $399, depending on the amount of GB, which is great for any of us hanging onto our carrier's upgrade renewal. But, for late purchasers of the iPhone 5S or 5C, there isn't much hope for a new iPhone 6 on launch day, unless you're willing to pay the hefty non-subsidized price.
For all those living in contractual limbo: Don't fret. Sure, maybe you can't have the iPhone 6 with the rest of the Apple fanatics on day one, but you can take a few tips and tricks to keep your current iPhone kicking until your next upgrade.

A Clean Start

If your phone is slow or unresponsive, there's a good chance nothing is wrong with the hardware. Think about all the pictures, emails, texts and apps that build up on your phone over the months. Even a device as new as the iPhone 5 can get bogged down by an overabundance of content (and let's face it, do you really need all those pictures of your cat in that weird Christmas sweater?).
Take a leap of faith and wipe that phone clean. It's time for your phone to look and act like it came right out of the box. Of course, save your important pictures and emails to your desktop first. And don't worry about your paid apps, because they are 100 percent re-downloadable for free. Follow these step-by-step instructions from Apple's support forum (but don't restore your iCloud backup—remember, this is all about new beginnings).

The iPhone's New Clothes

Now that your phone is fresh on the inside, it's time for a fresh look on the outside with a new case and screen protector. The best thing about iPhone cases is there are thousands of designs to choose from. Some are just plain protective shells, and others double as wallets or battery packs. Think about getting a matte screen protector, too, as they reduce glare and hide fingerprints.

Go the Distance

Clean on the inside, clean on the outside—your old iPhone isn't looking so old anymore. But remember, it still needs to last until your next upgrade. There are a couple final details to ensure your phone will go the distance.

First, get yourself a protection plan in case your iPhone decides to take a fall. Even the best cases can only do so much to protect against cracked screens and water damage, and just the right angle can destroy any phone. Protection plans are typically about six dollars a month and ensure you don't pay full price for a replacement.

The second method is to purchase a decent cleaning kit to keep all the dirt and grime off your phone. iKlear makes a decent kit and will give your phone that polished look you see in the Apple Store.
After that, just ride out the contract wave with your "new" phone, and the iPhone 6 will be in your hands in no time.

Twitter Delicious Facebook Digg Stumbleupon Favorites More

Design by Free WordPress Themes | Bloggerized by Lasantha - Premium Blogger Themes | stopping spam