Back to coding

From September, when I got Scrum Master cert, I got involved into 2 PowerApps projects. I had the autonomy to define my role in those projects so I decided to be Scrum Master of 1 project to apply the new knowledge, and to be coder for the more complex one, which I believe my teammates will struggle with.

In 3 months, I spent most of my time for the projects, and more for coder role because I had to built the framework for the first project and help my teammates through out the project timeline. 13 years since I left the university, I was back to coding work. My feeling was quite good, I was back to the time struggling with bugs, feeling happy after working a problem out, typing hours and hours without time awareness – it was really like I was a student.

And finally my 02 projects were completed successfully, delivered what my product owners expected. I felt a bit bad when they didn’t win any prize from the company contest, but anyway, we worked really hard and learnt many things from SCRUM project management and PowerApps coding.

Posted in Working Diary | Tagged ,

How “free” wifi hotspots track your location

My post in the company Cyber Security Yammer group.

How “free” wifi hotspots track your location

The price for “free” Wifi hotspot

Nowadays, “free” Wifi hotspot can be found everywhere, in shopping malls, restaurants, cafes, airports etc. This of course helps people get online easier, which becomes a vital demand in modern life. But nothing is “free”, this convenience often come with a price: your personal data and privacy.

When you use “free” Wi-Fi, there’s a good chance it’s managed by a third-party provider—which gets you online in exchange for your valuable sign-on data. The sign-on information that hotspots require will vary, but often includes your email address, phone number, social media profile, and other personal information. All can be used to target you with advertising and gain insights on your habits. That’s probably not a surprise to most Wi-Fi hotspot users. But what might surprise you is that some hotspot providers are taking data collection a step further, and quietly tracking millions of users’ whereabouts even after they’ve left an establishment.

Read the Captive portal

When you connect to public Wi-Fi, you’ll usually be greeted with a sign-in form, also known as a “captive portal.” This is where you provide personal information and consent to terms of service to get online. If you read the portal carefully, you will notice most of the hotspots providers say “by clicking ‘go online,’ you agree to our terms of use and privacy policy,” with the “terms and policy” may allow them to track your location over time. Some will say more explicitly “you agree to provide this device’s location” next to where you can tick a box to consent.

What distinguishes location-based marketing hotspot providers is that the personal information you enter in the captive portal—like your email address, phone number, or social media profile—can be linked to your laptop or smartphone’s Media Access Control (MAC) address. That’s the unique alphanumeric ID that devices broadcast when Wi-Fi is switched on.

You’re followed by your MAC addresses

The hotspot providers often say that this location-tracking function brings benefit to users: users is one-click access to Wi-Fi anywhere under that provider’s coverage after the first establishment. But that’s not the only way it can be used.

MAC addresses alone don’t contain identifying information besides the make of a device, such as whether a smartphone is an iPhone or a Samsung Galaxy. But as long as a device’s MAC address is linked to someone’s profile, and the device’s Wi-Fi is turned on, the movements of its owner can be followed by any hotspot from the same provider.

Analyzing MAC signals from mobile phones can be valuable for retailers and others to calculate wait times, understand peak versus off-hours, or assign staff. However, location data is highly sensitive when linked to an individual over time and across venues. This can reveal a detailed profile of someone’s daily habits. Where they shop, where they live, and what places they frequent at certain times could be laid bare by this data.

How to protect yourself from being tracked by ‘free’ Wi-Fi

If you’re concerned about data being collected by free Wi-Fi hotspots, there are some simple steps you can take to protect your personal information.

  • Don’t use “free” Wi-Fi: The most obvious solution to protecting your data from free Wi-Fi networks is not to use them at all. Alternatives include using the data services from your cellular provider.
  • Disable Wi-Fi when you’re not using it: Enabling Wi-Fi lets these hotspots track you (and also drains your battery faster).
  • Read the privacy policy: It’s tempting to skip reading the privacy policy, but if you take a few minutes to do so, you can learn how the Wi-Fi service is collecting your data and where it might end up. Keywords to look for are “MAC address,” “location,” “collect,” and “share.”
  • Opt-out of location tracking and delete your data: Location analytics companies let you opt-out of location tracking and delete your data, though some opt-outs are easier than others. How to opt out can be found in a privacy policy. You’ll be given a chance to review the policy before you sign into a captive portal, or you can find it on the hotspot provider’s website.
  • Randomize your MAC address: Since version P, Android has added a feature that allows you to randomize your smartphone’s MAC address to improve privacy. This lets you generate a new MAC address for every Wi-Fi hotspot you connect to, effectively stopping these companies from tracking you. You can switch on MAC randomization under Developer Options. There’s no need to go through a similar process on iPhones and iPads running iOS 11 and up, which automatically randomize their MAC address when scanning for Wi-Fi. “Because a device’s MAC address now changes when disconnected from a Wi-Fi network, it can’t be used to persistently track a device by passive observers of Wi-Fi traffic, even when the device is connected to a cellular network,” according to Apple’s iOS Security Guide. However, Apple also says “Wi-Fi scans that happen while trying to connect to a preferred Wi-Fi Network aren’t randomized,” meaning a hotspot a device has connected to previously will be able to detect the device’s actual MAC address.
  • Don’t sign in with social media: It may be convenient and quicker to sign in with Facebook, Twitter, or LinkedIn, but it’s also ideal for data harvesters. Your social profile, especially your Facebook “likes,” reveals a wealth of information about you.
Posted in Security

SCRUM Master Certification

ThaoCertificate

I failed the first time and passed the second time, after retaking the mock exam many times and review the materials carefully. Nice experience.

Posted in Working Diary | Tagged

SCRUM Master Training

I’ll attend Professional SCRUM Master class next week in Kuala Lumpur. Time to upgrade my portfolio. To prepare, I’ve studied a pathway in Degreed, and did the Scrum open asssessment.

Here are some good references:

This ScrumCrazy blog has a lot of useful information about Scrum.

Posted in Working Diary | Tagged

Enhanced IT Disposal app

I created my first PowerApps in this post, to help me in building IT disposal assets list. It’s a very simple app with very basic PowerApps functions.

Then in this Jul I joined the PowerApps Hackathon contest organized by the company. I built an app to provide customer details for the Sales team while they’re traveling to customer meetings. Even though I didn’t have any prize in this contest, I learnt a lot in PowerApps, from designing to development. After the contest, I applied what I’ve learnt to enhance my IT disposal app, with new updates:

  • New appearance theme
  • Revise source code, apply naming convention
  • New features:
    • Select Country and Site
    • Build and manage Disposal list for many sites. This is helpful for IT persons who manage many sites. I applied what I learnt about using Collections in this function, it worked very well.
    • Send Email with the list of items in the selected site.
    • Help screen

Some screenshots:

Posted in Programming, Working Diary | Tagged

PowerApps Hackathon

I registered for my TMV team to join the PowerApps Hackathon contest on 18-19 June 2019. Our app named Customer X-Ray. Some information about the app:

Problem Description

Currently it is very difficult (especially for Sales community) to check the real-time status of our clients (current credit limit, applicable payment terms and open/ overdue balance). This is an information that Sales community does not have access to or it takes time to obtain it. Management and Sales are actually blindsided when they are visiting a customer and discussing/ negotiating an opportunity or contract because they don’t have this useful an critical information on hand which can make the difference in the negotiation process.

Why do you think the app will solve the problem?

The proposed solution is to have a mobile app developed. The Sales community (and anyone else in need) can install the app on their mobile and with one click they can get the full picture of the client that they are visiting or negotiating with.

They can instantly see their current assessment (credit limit and payment terms), current open balance, outstanding balance and remaining credit not consumed.

The data can be directly fed from Sales system which is updating daily.

The app will deliver notifications to the user’s mobile when a client in their portfolio has breached the credit limit ceiling, when the credit limit for a client has been upgraded or downgraded, when different payment terms have been applied. Continue reading

Posted in Programming, Working Diary | Tagged

MS OneDrive – Work with files in Files On-Demand

Saw this tip today and I think it’s really handy to save space on your machine, actively.

Turn on Files On-Demand in OneDrive

  1. Select the white or blue OneDrive cloud icon in the Windows notification area.

    OneDrive SyncClient with blue cloud and white cloud icons

    Note: If you’re on Windows 10, your computer already has the OneDrive desktop app on it, but you’ll need to turn on Files On-Demand in OneDrive settings.

  2. Select Settings OneDrive settings with gear icon .
  3. Select Settings > Save space and download files as you use them.

When Files On-Demand is on, you’ll see new status icons next to each of your SharePoint files. You can now copy or move files from your computer to SharePoint Online right from your file system.

Conceptual image of an online only file

Online-only files
Save space on your device by making files online-only.

These files are only available when you’re connected to the Internet, but don’t take up space on your computer.

Conceptual image of a locally available file

Locally available files
When you open an online-only file, it downloads to your device and becomes locally available.

You can open a locally available file at anytime even without Internet access.

Conceptual image of an always available file

Always available files
To make a file always available, even when you’re offline:

  • Right-click it and select Always keep on this device.

To change a file back to an online-only file:

Posted in Software Tutorial | Tagged