The iCloud solution: link storage to hardware

iCloud logo

There’s been some speculation recently about what, if anything, Apple is going to do with iCloud at WWDC next month. Here are the main complaints:

5 GB isn’t sufficient for anything

Yes, it’s free (gift horse, mouth, yeah, yeah) but the idea behind iCloud is that you’re supposed to be able to run your email, calendar, reminders off one account along with backups of all your iOS devices. 5 GB isn’t enough to store my email, let alone backups for the apps on my iPhone and iPad.

Upgrading still isn’t enough

Even if I wanted pay extra to back up a 64 GB iPhone, Apple doesn’t offer an iCloud storage option over 50 GB. And we’re supposed to back upmultiple devices to iCloud?

It’s too expensive

Google just dropped the price of it’s Google Drive storage by more than half. Now, you get 15 GB free and if you need more, it’s dirt cheap:

Google Drive Pricing

(Prices are per month)

Compare that to iCloud which only works with Apple devices:

iCloud storage pricing

Apple doesn’t even offer an equivalent of Google’s lowest paid tier. If it did, at their current rate it would cost close to $200 per year compared to Google’s $24 per year.

For about the same amount as Apple’s 55 GB, you can get 100 GB on Dropbox:

Dropbox Pro Pricing

Different business models: services vs. hardware

Google sells hardware to support its services and Apple has services to support its hardware sales; the business models are very different. However, that doesn’t mean Apple can ignore providing reliable cloud services and rely on others (their competition) to do it for them. Quality issues aside, how can Apple (a hardware company) compete with the likes of Google and Dropbox (software/service companies)?

Tie services to hardware

Here’s my proposal: give every iOS device owner 2x the capacity of their device(s) in iCloud storage.

16 GB iPhone? 32 GB iCloud storage.
Also have a 32 GB iPad? Add another 64 GB for a total of 96 GB.

This would give users enough space to completely back up each of their devices and have room left over for apps to use. It also makes buying a more expensive iPhone/iPad more compelling because you aren’t just getting more storage on the device, you’re also getting 2x the storage in iCloud.

Of course, what I’d really like to see is them blow everyone out of the water and offer something like 500 GB for free for everyone. I don’t think that’s going to happen. At best, if Apple decided to tie iCloud storage to hardware, I’m guessing they’d give you the same capacity of your device + the 5 GB they offer now for free with options to upgrade.

What do you think they’ll do? What do you think they should do?

P.S. A word on lock-in

Currently, iCloud isn’t the type of service that makes me think, “I could never leave Apple because my life is in iCloud.” Because iCloud is so limited in so many ways (including capacity), I use cross-platform applications and services instead (Flickr to back up all the pictures taken on my iPhone, YouTube to share videos, Google Drive for all my documents). Does iCloud offer all those features? Yes. But I can’t use them because, for example, sharing four family videos takes up a gig of my iCloud space.

Why is that important? For each service I use that’s not iCloud, makes it that much easier to try something other than an iPhone.

How to create a safe, memorable password in 5 minutes – UPDATED

Konami Code

With all the (well-deserved) hubub about the Heartbleed SSL security flaw which impacts 2/3 of the Internet, I thought I would share my method of generating safe, memorable, unique passwords.

There are only four steps. Don’t over-think them. This process should take less than five minutes.

How to create safe, memorable, unique passwords

Step 1. Pick a number. Any number. (Except that one.)

The year your favorite state entered into the union, numbers that spell out something funny on a phone keypad, your ideal outdoor temperature, whatever. Just make sure it isn’t easily associated with you. No phone numbers, addresses, SSN, birthdays, etc.

I’ll use the year Oregon was founded: 1859

Step 2. Pick a phrase

It could be a famous quote, song lyrics, or something funny your family always says. I’ll stick with the patriotic theme and go with “One nation under God.” Now, shorten/abbreviate the phrase:

1nuG
OnuG
onuG

I’ll go with the first one since it includes a number: 1nuG

Step 3. Identify the service

Pick a phrase that includes the name/type of service this version of the password will be used for. Then shorten it:

I heart [service] = I heart Facebook = IhF

[Service] is the best = Facebook is the best= Fitb

I always use [service] = I always use Chase Bank = IauCB

I’ll go with the first example: IhF

Step 4. Pick something that can rotate

It can be anything that’s sequential and easy for you to remember: colors of the rainbow, ages of your kids, cities along a specific route, etc. This is so you can easily create a new password when you need to without going through the whole process again.

Sticking with my Oregon theme, I’ll do cities down the 101 highway.

Example: Astoria.

Put it together

Taking my results from Steps 1-4 and adding a symbol between them, my new Facebook password would be:

1859.1nuG.IhF.Astoria

Using the same methodology, I can then use a similar (but not identical) password for my other accounts, too. Here’s an example of what my Twitter password could look like:

1859.1nuG.IhT.Astoria

Whenever you need to create a new password (every six months, a Heartbleed-type security bug, etc.) you can just swap out the rotatable element. The next time I need to reset my password, my new Twitter password could become:

1859.1nuG.IhT.Seaside

The result

There you have it. A very long (21-character) password that uses symbols, numbers, and letters (upper- and lower-case), is unique for each of your accounts, and is easily updatable. It’s pretty easy to remember, too. By the time you go through and update all your passwords for your different services you’ll have it down pat.

Bonus: if anyone nefarious ever looks at it, it’ll seem like complete gibberish.

Adapt as needed

Take the process and make it your own: change the order of the steps, do a shorter version (some sites limit the number of characters in your password), or pick entirely new steps. Tweak what you need to make it work for you.

Need a hint?

Instead of jotting down the actual password on a sticky note next to your computer (NOT SAFE) you can write down the mental process you used to generate the password.

THIS: Oregon, patriot, service, road trip.

NOT THIS: 1859.1nuG.IhF.Astoria

That should do it. Like it? Find a flaw in the method? Let me know in the comments.

 

 

BONUS PRIZE!

Mac user? Here’s a simpler way.

Apple will generate and securely store unique passwords for all the sites you go to online using iCloud Keychain. All you have to do is remember a single master password. It syncs from your desktop to all your iDevices so…yeah. Not a bad option if you use Safari and don’t want to be bothered with tracking a bunch of passwords.

 

UPDATE

LastPass

Through a series of fortuitous events, yesterday I was introduced to LastPass. After listening to an hour-long podcast about it, I’m convinced it’s super secure and a good place for my passwords. I changed nearly all my passwords yesterday with the LastPass password generator which creates and stores crazy-long/complicated/awesome passwords and stores them in a vault that only you have the key to.

How secure is it? Why would you trust LastPass with your passwords? Because even they don’t have your password. Everything is hashed (encrypted) multiple times using 256-bit SHA security on your machine, then it’s sent to their servers. That means if one of their employees is compromised by a secret, still-in-existence underground arm of the KGB, or if some teenager in China manages to get to your information on their servers, they won’t see your username and password. They’ll see something like this:

256 SHA Hash

I may to a follow-up post on it later. Either way, you should check it out and give it some consideration.

Image courtesy of Pixel Fantasy.

The S is for security

Courtesy of iMore.com
Courtesy of iMore.com

Word on the street is Apple is going to have a fingerprint scanner in the home button of the iPhone 5S. My thoughts on the subject:

Hardware security

Of course, Apple could use the first iteration just to unlock the phone and down the road turn on additional security features such as using your iPhone as a key to unlock your computer (if your iPhone is close enough to the computer, and you have it unlocked, you won’t have to type in the password on your desktop).

Apple could create an API so apps could require fingerprint verification before use. Instead of (or in addition to) typing in your username and password on your mobile banking app, the app would ask iOS for a fingerprint verification. Scan your fingerprint, the OS ID’s you, and it tells the app, “Yeah, that’s him (or her).” Your biometric information never leaves the phone and is never given to a third party.

Eventually, your phone could become a key to making payments online. If you’re trying to purchase something on Amazon through Safari, it will ask for you to scan your fingerprint on your phone (probably through a low powered Bluetooth connection). Once you verify, it allows the transaction to go through.

This makes your phone more important than ever: it becomes your wallet/key to every digital thing you do. Fingerprint security is good, but if you’re prone to leaving your phone in cabs there are some software features in iOS 7 that should give you (some) peace of mind.

Software security

In iOS 7 you can remotely lock your phone and require your iCloud login credentials to re-activate it. Without said credentials, you can’t disable Find My iPhone and the phone is essentially bricked and therefore useless to would-be thieves. A very nice form of theft deterrent.

The history of S

With the iPhone 3GS the S stood for speed. With the 4S it stood for Siri. With the 5S, I think it’s going to stand for security. It might not do much at first, but this is going to be Apple dipping its toe into the water of mobile and online payments. When it does a cannonball into the market with the iPhone 6, $700 per share is going to look like a bargain.

P.S. Gold? Ugh. I hope not.