Google Chrome, lack of transparency and security with keychain passwords.

Did you know that when you login to Google Chrome, it pre-fills the OSX Keychain with all your saved passwords?

And when you sign out of Google Chrome, it helpfully removes those passwords? Wrong! No it doesn’t!

This is a major problem if you’re using someone else’s machine temporarily. A work machine perhaps? My job requires me to move around from office to office, and usually I use my own MacBook. Some occasions call for using a different machine.

Moving passwords into the keychain

I’ve recently been at an agency which asked me to borrow a MacBook for two weeks, and as expected Chrome pulled down my passwords for me. Handy, until I worked out they were actually being stored in the keychain for anyone with admin rights to see. Simply change my password and Voilà! You’re into every password I’ve saved in Chrome, plain text for all to see.

The only way to rectify this isn’t the expected “Sign out of Chrome”. Doing so will still leave all your password in the keychain. You’ll need to head into the keychain, locate all your password and delete them.

The problem is Chrome never notifies you of this, and it can cause issues with security and privacy. It’s another addition to the issue over plain text passwords being accessible with only a couple of clicks. I was shocked a year or so ago when someone at Technophobia showed me all my passwords when I handed them the machine to fix an issue. His words were “be careful in future”.

Thanks Chrome!

Your iPhone is watching you.

You may remember a couple of years back that iPhones were secretly tracking your every move. This data was susceptible to attacks through a hidden file that iTunes copied to your computer when you synchronised it. Apple quickly addressed the issue and removed the exploit. I actually like to have my location tracked. I turned it on with the Google app for iOS and I even uploaded that original iTunes file to an open data project. The only caveat is, I like to know it’s being tracked, and I like to know what it’s being used for.

The iOS7 secret

iOS7 is tracking your every move. It’s recording key locations you visit in your life and it’s using those to improve its mapping facility. It knows where you live and it knows where you often visit. Question is, did you know? I certainly didn’t.

Yeah but the little location icon pops up in the top right corner, correct?”

Certainly, apps like Google Maps, Google and anything which uses your GPS location trigger the icon in the top right.. But it’s a little more shady for Apple’s latest option hidden way down in the location settings of your phone. You’ll probably never notice the little icon ever appear.

Settings > Privacy > Location Services > System Services (bottom) > Frequent Locations

Yes it’s all likely innocent, yes it’s likely private data but, hiding it under a general “Enable location services” when you first setup your phone is a little sneaky. And hiding it under 5 difficult menus is just wrong.

For example, the Google app drops the icon in the bottom left corner, and is open about how and why they track your information. And you have to opt in to that specific feature.

Google's method

Microsoft’s horrible user journey

Disclaimer: I understand it’s being replaced with Skype, and praise the lord!

A lot of people wonder why I use Mac software/hardware so religiously, and it has nothing to do with following the herd and has everything to do with usability and design. While OSX might not be the pinnacle of usability (finder is horrendous), in my opinion I couldn’t manage with their Microsofts legacy method of design. It’s been something which has annoyed me for years.

I’m going to avoid explaining why I was downloading MSN messenger but the fact of the matter is I needed to for my Mac, don’t ask. Continue reading Microsoft’s horrible user journey

Android experimentation #TPInnovationDay

So, one of my last hurrahs at Technophobia was #TPInnovationDay. It’s what used to be known as a “fedex” day. A day where you set off with an idea in mind, and deliver it before the end of the day. The original spirit of the day came from Atlassian, an award winning company which is bursting with ideas and great values. It seems to produce great results by letting employees loose on an idea and challenge them to the max. The spirit of fedex day is to deliver something within 24 hours. Atlassian now calls these Ship It days. Continue reading Android experimentation #TPInnovationDay

Moonsync, what is it?

This is a year and a half’s worth of work.

I recently launched the main website for Moonsync and it’s gone down extremely well. Moonsync is a project me and a colleague Ian Kelly have been doing in our spare time. It started off as a general idea Ian came up with which has now developed into a full scale platform for Android devices.

Think iCloud for Android, but better. Dear Apple:

One of the main gripes I have with iCloud, being an iPhone/Mac/iPad user is its fragmentation of services. The photo galleries I’ve created on my phone using the app, can’t be viewed easily online.

  • Why aren’t they on!
  • Why can’t I share photos and galleries easily from my iPhone?
  • Why does iOS6 copy that functionality of iPhoto for iOS?
  • Why can’t I send an iMessage from
  • Why do I have to download Messages and have a Mac? Continue reading Moonsync, what is it?