Google Play Music: Saving to SD card

Having switched from Amazon MP3 to Google Play Music, the most annoying omission in Google’s offering is the inability to save music tracks to SD card instead of internal storage.

Since version 5.1 of Play Music the capability is actually there, although the feature has not yet been exposed via the user interface. Here’s a neat trick you can use to switch it on manually.

First you’ll need to make sure you have the latest version of Google Play Music, then download and install the free Apex Launcher app from Google Play.

After Apex Launcher has been installed, fire it up and you’ll see a new and hopefully fairly empty home screen (don’t worry, your existing home screen has not been lost!). Tap and hold on the home screen, select Shortcuts and then Activities.

Scroll down until you come to Google Play Music, then tap on it to expand to a list of activities. Scroll down until you come to .ui.SDCardSelectorActivity, tap on it and you should find a new Google Play icon appear on the Apex home screen.

Tap on this new Google Play icon and you’ll be presented with a ‘Download Storage Location’ dialogue box. Simply tap on ‘SD card’ and you’re done!

You can now uninstall Apex Launcher if you wish.

Although the switch has been made, it only applies to music that you ‘Keep on device’ from now on, so you’ll need to unpin and pin all your previously downloaded albums again to move them to SD card.

I’m guessing Google will expose this new capability in a future update, but for the time being this is a very welcome workaround.

In case you’re interested, the saved files are stored on your SD card in the Android/data/com.google.android.music/files/music folder.

Smart bins are watching you

timthumb

It’s intriguing how news stories can bubble under the surface for a while and then explode into the public eye, with significant consequences for everyone involved.

Today’s example is the case of the Renew London waste recycling bins, which have been appearing on City of London streets since January 2012. As well as being a regular waste bin they are equipped with a large screen on each side for displaying digital advertising.

Up until recently that’s all we thought they did, until an article in Quartz magazine brought a darker side to the public attention.

Up to a dozen of these smart bins have been secretly scanning for passing mobile devices and storing this data to compile a database of the movement of individuals around the City of London. All of this was done without consent, although the trial details have been published on the Renew London web site.

How do they do this you might be wondering? Every device capable of using Wi-Fi has a permanent hardware (MAC) address which uniquely identifies the device and often even the make and model. If your mobile device has Wi-Fi enabled then your unique MAC address is broadcast periodically when your device scans for access points.

The Renew London smart bins can listen out for these signals and record the MAC addresses that it ‘sees’. According to the published trial data they captured nearly a million devices on just one day in June!

They would probably still been doing this if it wasn’t for the sensationalist claims from the Renew London CEO Kaveh Memari, who went a little too far in explaining just what his technology is capable of.

Memari said he was working on a proposal for a bar that would install five tracking devices: one by the entrance, one on the roof, one near the cash register, and one in each of the bathrooms. That would allow the bar to know each person’s gender (from the bathroom trackers), how long they stay (“dwell time” is the official metric), and what they were there for (a drink outside or a meal inside). And targeted advertising for the pub could follow those people around London on Renew’s omniscient recycling bins.

It would seem that the City of London Corporation was not aware of exactly what Renew London had been up to and the adverse publicity has caused them to swiftly deal with the situation.

THE collection of data from phones and devices carried by people passing sophisticated waste bins in Square Mile streets should stop immediately, says the elected City of London Corporation, which provides local authority services to the global business district around St Paul’s.

A spokesman said (Monday): ‘We have already asked the firm concerned to stop this data collection immediately and we have also taken the issue to the Information Commissioner’s Office. Irrespective of what’s technically possible, anything that happens like this on the streets needs to be done carefully, with the backing of an informed public.’

The bombproof waste and recycling bins, which also carry TV screens with public information, were installed as a way of re-introducing waste bins to City streets.

‘This latest development was precipitate and clearly needs much more thought – in the meantime data collection – even if it is anonymised – needs to stop,’ added the spokesman.

An official statement from Mr Memari has also confirmed a cessation of the ‘trial’:

During our initial trials, which we are no longer conducting, a limited number of pods had been testing and collecting annonymised and aggregated MAC addresses from the street and sending one report every three minutes concerning total footfall data from the sites.  A lot of what had been extrapolated is capabilities that could be developed and none of which are workable right now.  For now, we no longer continue to count devices and are able to distinguish uniques versus repeats. However, the process is very much like a website, you can tell how many hits you have had and how many repeat visitors, but we cannot tell who, or anything personal about any of the visitors on the website.  So we couldn’t tell, for example, whether we had seen devices or not as we never gathered any personal details.

Future developments will, however, not just depend on technology, but also, most importantly, on people being comfortable with interactive technology – much as has happened over the course of the weekend on the internet.

This is a somewhat less ebullient statement than one of Memari’s previous quotes:

“The chances are, if we don’t see you on the first, second, or third day, we’ll eventually capture you,” he said. “We just need you to have it on once.”

What can you do to protect yourself from this gross invasion of privacy? Disable Wi-Fi (and Bluetooth) if you aren’t actively using it when you’re out and about. Doing this will help save your battery too. You can also register your MAC address and opt-out of data collection via the Presence Orb web site.

It’s interesting to note that since this story broke the Renew London bin screens have been conspicuously devoid of any advertising. Evidently advertisers don’t want to be associated with this trial either.

Renew London waste bin


Dumb binUpdate: 12-Feb-2015

London’s ‘smart’ bins have been unceremoniously decommissioned, as you’ll see in this photo.

The RenewLondon.com domain name was sold in June 2014 and it now resolves to an accounting blog.

The former Renew London business seems to have disappeared without a trace, disproving the theory that where there’s muck there’s brass!

Corrupted SMS on Android

For a couple of weeks I have been receiving strangely composed SMS from a friend. It was as if two totally separate conversations were being mixed together into one long message.

At first I thought my friend might have been inebriated when he sent them (not unusual for him!) but as the messages continued to come through in this strange fashion I wondered if perhaps he was suffering from a split-personality.

Eventually I called him up and we compared messages. It turned out that the messages I was receiving on my Android device bore little resemblance to the messages he was sending. At first I thought this could be due to a corrupt SMS database on his iPhone, but after some searching I came across an Android bug report which perfectly described the issue I was experiencing:

» Issue 17769: Multipart SMS getting mixed up with old messages

The first post on this thread is dated June 2011, so the problem has been around for quite a while! I was pleased that I wasn’t alone in experiencing the issue, but what was the cause and how could I fix it?

Another Android bug report – Issue 28697 – had the answers:

Under certain circumstances, SMSDispatcher can incorrectly construct multi-part SMS messages, resulting in a corrupted message being dispatched to the applications. The corrupted message contains parts from previously received multi-part SMS messages instead of the corresponding parts from the newly received message.

In this more recent report, the author Ian Payton has identified the problem to be partly due to the way in which multi-part SMS is implemented, and partly to how Android processes multi-part messages.

If you want all the details then head on over to Ian’s detailed explanation, but the quick version is that an Android device can sometimes end up with orphaned SMS which it doesn’t know what to do with. These are usually the result of a message being retransmitted by the network because it did not receive a delivery acknowledgement from your device. This can occur if you are in patchy cellular coverage for example.

The SMS protocol uses an internal reference number to help reassemble a concatenated message, but this reference is not unique and if you have one or more of these orphaned messages on your device then in some circumstances the message parts can get mixed up to erroneously construct a new Frankenmessage!

This has the effect of your being presented with a message which is made up of some of the new message and some of an old message which has been hanging around in limbo on your device.

That’s all very well, but how can you fix this situation?

Ian has kindly written SMS Multi-Part Cleaner, a small Android application which finds all the orphaned SMS on your device and allows you to review and delete them manually. Alternatively you can download the very similar Orphaned Texts app from Google Play.

If you are prone to patchy cellular coverage and frequently receive long SMS then you be advised to run this application every few weeks to check for orphaned messages.

Printing to a Samsung ML-1210 on Mac OS X

Although Samsung stopped providing official Mac OS drivers for the ML-1210 laser printer long ago, it is still possible to use this venerable old laser printer with the latest Mac OS X.

First download the latest Open Source Samsung-GDI for Mac OS X and GPL Ghostscript for Mac OS X packages from The Linux Foundation.

Next you’ll need the Foomatic-RIP package, but don’t download the latest version!

You need to use Foomatic-RIP version 3.0.2 (dated 30th January 2008), otherwise your print-outs will include a top margin which you can’t remove. Fortunately the older working version is still available from OpenPrinting.org.

Open each downloaded disk image in turn and run the installers. When all three packages have been installed you are ready to add the printer.

Connect your printer using an appropriate USB cable. Now go to Mac OS X System Preferences and select ‘Print & Scan’. Click on the ‘+’ button and a new ‘Add Printer’ window will open.

Assuming your printer is connected you should see ‘Samsung ML-1210’ already in the printer window. Click on that printer name and then open the drop-down list of printer drivers next to “Print Using”. Select ‘Samsung ML-1210 Foomatic/GDI’ and then the ‘Add’ button.

Your printer has been added. Legacy printer revival achievement unlocked!

Gmail attachments not working?

I’m assuming you’ve found your way here because you too are having difficulty viewing image attachments in the Gmail app for Android?

I found that thumbnail previews of images were displaying fine, but when I tapped to view the full image the progress bar would scroll around indefinitely.

In my case the problem was caused by Android’s Download Manager, and the solution was relatively simple.

Go into your Android Settings screen, select Apps, swipe to the ALL tab and scroll down to Download Manager.

Tap on Download Manager and then Clear data.

Download Manager

Exit the settings, go back into Gmail and hopefully you should now find that attachments are working again.

The Mac App Store’s Dirty Little Secret

appstore_download

Apple’s Mac App Store is promoted as a simple solution for installing and managing third party apps on your Mac. On the face of it this would indeed appear to be true, but The Mac App Store is hiding a dirty little secret!

Apple makes some grand claims on their web site:

Thousands of apps. One simple way to get them.

With the Mac App Store built into OS X Lion, getting the apps you want has never been easier. No more boxes, no more discs, no more time-consuming installation. Click once to download and install any app on your Mac.

Keep your apps up to date.

Since developers are constantly improving their apps, the Mac App Store keeps track of your apps and tells you when an update is available. Update one app at a time or all of them at once, and you’ll always have the latest version of every app you own.

That sounds wonderful – but it’s a lie!

Some developers aren’t happy with providing free app updates to existing customers, so they publish updates as a discrete new app. This means that existing customers aren’t able to receive the update without purchasing the app all over again. Even worse the developer sometimes removes the legacy app from the App Store entirely, so it’s not available if you want to re-install it.

Buy, download and even re-download.

You can install apps on every Mac authorised for your personal use, and even download them again. This is especially convenient when you buy a new Mac and want to load it with apps you already own.

Again, not true!

If a developer decides to withdraw an application that you previously purchased from the App Store then it’s gone and there is no mechanism to download it again.

Not Available

I discovered this anomaly after I tried to install an app that I ‘owned’ onto a new Mac. After a bit of head scratching it was apparent that the developer had published a new version of the app just a few months after my purchase. Since I couldn’t re-download my purchased app I took it up with Apple Customer Support..

This is their email response:

I certainly understand how recent difficulties might have been frustrating for you. If I were in your situation, I would definitely feel the same way.

We do want that your experience with iTunes to be pleasant, however, I regret to inform you that your request has been denied. In accordance with the iTunes Store Terms of Sale that you agreed to when you created your iTunes Store account, all sales on the iTunes Store are final. This policy matches Apple’s refund policies and provides protection for copyrighted materials.

Please review the iTunes Store Terms of Sale for more information:
http://www.apple.com/legal/itunes/ww

As mentioned earlier, the iTunes Store is not responsible for the loss of purchases and encourages customers to back up their hard disks regularly. If an item needs to be replaced, you can restore your purchases from the backup and avoid the need to purchase replacement copies of titles from your collection.

Additionally, please make back up copies of your new purchases on a regular basis.

Apple’s recommendation then is that you keep a backup of your purchases! This contradicts The Mac App Store’s advertised capability of facilitating the re-download of apps you already own.

To conclude their email Apple went on to firmly slam the door in my face:

Again, I apologize for any inconvenience you have experienced. Any additional emails from you regarding this issue will not receive a response from iTunes Store Customer Support. Thank you for understanding.

That was not the response I was expecting from Apple’s renowned customer service.

What value are Apple adding to justify taking 30% of the sale price? Not much in my opinion. They aren’t future-proofing your purchases and in my experience their customer support isn’t great either. If you’re given the choice, my advice is to purchase apps direct from the developer instead.

Apps Publishing Security Policy

BSkyB has become the latest high-profile victim of a security blunder which has caused them to suspend all their Sky Android applications from the Google Play app store.

The hackers would appear to have used a combination of phishing and social engineering techniques to compromise a trusted computer and steal corporate login details for third-party sites such as Google and Twitter.

The storefront for Sky’s Android mobile apps was defaced, with the app descriptions changed and screenshots replaced.

Sky Go defaced

To make a bad situation even worse for Sky, one of their official Twitter accounts was also compromised and the hackers used it to draw more attention to their handywork.

skyhelpteam

Fuelled by the ‘official’ Twitter misinformation, customers were led to believe that the apps had also been tampered with, although this has been subsequently denied by Sky on their Help Forum:

We have temporarily removed our Apps from the Google Play store following a security alert.

All Sky Apps were unaffected and any Sky Android apps previously downloaded by customers are safe to use. There is no need to remove them from your android device.

As soon as we have restored the apps on Google Play we will post up an update.

In a related security breach, Twitter has locked access to @SkyHelpTeam, which is why we are currently unable to tweet from this account. However, help and info is available via @SkyHelpTeam1Facebook and here on the Sky Help Forum.

The tweet that was made from the @SkyHelpTeam twitter, in the early hours of Sunday morning, advising customers to unistall their apps was NOT an official tweet from Sky. Twitter security immediately detected this vogue messaging and locked account as part of agreed standard security process.

Sky have suffered this humiliation as a result of sloppy security practices. With a robust security policy the damage from this attack could have be limited or prevented entirely.

My recommendations for an apps publishing security policy:

  • Use a dedicated Google account for the Google Play Developer Console, not an account used for other Google services. Do not divulge the email address of this account.
  • Enable 2-Step Verification on your Google account and use Google Authenticator to login. Make sure that you properly sign out of your Google account when you have finished each session.
  • Only use a bookmarked https link to access the Developer Console. Never click on links contained in emails or on other web sites.
  • Tightly limit access to the Developer account. Only permit access to those directly involved with apps publishing, usually just the Apps Manager and their deputy.
  • Wherever possible use discrete private keys to sign each application – see the Signing Strategies section of Android Developer Tools. This limits the damage should the private key for an individual app be compromised.
  • Store your signing keys securely, preferably using a hardware-encrypted USB flash drive (such as an IronKey). Physically store the keys in a locked safe.
  • Use a standalone computer for code signing and never connect it to a network. Treat all networks as untrusted, even your corporate LAN.
  • Have a well rehearsed contingency plan to ensure business continuity if the worst does happen.