The mysterious "Cloud"
Search

Pittsburgh Tech Guy

Phone: 412-256-8674

Email: pghtechguy@hotmail.com

Skype: pghtechguy on Skype

 

How to Backup your computer online for free

Welcome to the Pittsburgh Tech Guy!  Your local source for good, dependable technical support and information!  Keep up with the latest Tech news here!

Remember, all home computer analysis are free!

Sunday
Jun032018

How your web browser tells you when it's safe

Google last week spelled out the schedule it will use to reverse years of advice from security experts when browsing the Web - to "look for the padlock." Starting in July, the search giant will mark insecure URLs in its market-dominant Chrome, not those that already are secure. Google's goal? Pressure all website owners to adopt digital certificates and encrypt the traffic of all their pages.

The decision to tag HTTP sites - those not locked down with a certificate and which don't encrypt server-to-browser and browser-to-server communications - rather than label the safer HTTPS websites, didn't come out of nowhere. Google has been promising as much since 2014.

And Google will likely prevail: Chrome's browser share, now north of 60%, almost assures that.

Security pros praised Google's campaign, and the probable end-game. "I won't have to tell my mom to look for the padlock," said Chester Wisniewski, principal research scientist at security firm Sophos, of the switcheroo. "She can just use her computer."

But what are Chrome's rivals doing? Marching in step or sticking to tradition? Computerworld fired up the Big Four - Chrome, Mozilla's Firefox, Apple's Safari and Microsoft's Edge - to find out.

Safari

Apple's browser currently uses the traditional model of signage: It puts a small padlock icon in the address bar when a page is protected by a digital certificate and traffic between the Mac and site server is encrypted.

No padlock? That means the site does not encrypt traffic.

Recent versions of the browser, however, take additional steps in certain circumstances. If the user is at an insecure site - one not locked down with a certificate and encryption - and attempts tasks such as entering info into log-on fields or those designed to accept credit card numbers, Safari throws up a red text warning in the address bar that starts as Not Secure and then changes to Website Not Secure. Those hard-to-miss alerts debuted with the version of Safari bundled with macOS 10.13.4, an update issued March 29. (Mac owners running OS X 10.11 (El Capitan) or macOS 10.12 (Sierra) got the same functionality in the Safari 11.1 update on the same day.)

safari http 1 Apple

The Website Not Secure warning also should appear if the certificate is out-of-date or illegitimate.

Firefox

Mozilla's browser is on a path similar to Google's Chrome; it will eventually tag all sites sans encryption with a distinctive marker. But Firefox is not there yet.

firefox http 2 Mozilla

Currently, Firefox shows a padlock with a red strike-through line when the user reaches an HTTP page that contains a username+password log-on combination. Placing the cursor in one of the fields - by clicking in one, for instance - adds a textual warning that reads This connection is not secure. Logins entered here could be compromised.

Otherwise, tradition still rules in Firefox: HTTPS websites are marked by green padlocks in the address bar, while regular HTTP pages are unmarked.

Mozilla has committed to reversing the iconography, though. "Firefox will eventually display the struck-through lock icon for all pages that don't use HTTPS [emphasis added], to make clear that they are not secure," wrote Tanvi Vyas and Peter Dolanjski, a security engineer and product manager, respectively, in a blog post over a year ago. "As our plans evolve, we will continue to post updates, but our hope is that all developers are encouraged by these changes to take the necessary steps to protect users of the Web through HTTPS."

firefox http 1 Mozilla

The mark-all-HTTP feature is tucked inside Firefox, but it's not been enabled in the current production-quality browser, Firefox 60. Users can switch it on manually, however.

  • Type about:config in Firefox's address bar
  • Search for security.insecure_connection_icon.enabled
  • Double-click that item; the false under Value will change to true

You can test the change by entering an HTTP page into the address bar, like bbc.com.

Chrome

Chrome still uses the usual padlock to mark HTTPS sites and does not call out unencrypted traffic (HTTP), at least at a quick glance to the address bar. (Clicking the information icon in the address bar, the symbol of a lowercase i within a circle, at the left of the URL, displays a drop-down that does call attention to existing insecure connections, however.)

chrome http 1 Google

And since 2017, Chrome has tagged sites that transmit either passwords or credit card information over HTTP connections as Not secure using text in the address bar.

But Google has scheduled several additional steps for this year that will move Chrome closer to a goal of overturning decades of visual signals that mark traffic encryption.

The changes begin in July with Chrome 68 - set to ship the week of July 22-28 - that will mark all HTTP sites with text that reads Not Secure preceding the URL in the address bar.

chrome http 3 Google

Users can enable Chrome 68's behavior with these steps in the current Chrome 66:

  • Type chrome://flags in the address bar.
  • Find the item Mark non-secure origins as non-secure.
  • Select Enable (mark with a Not Secure warning) and relaunch Chrome.
  • Optionally, choose Enable (mark as actively dangerous)instead to display the red icon, too.

chrome https sept Google

Next, Chrome 69 - slated for release during the week of Sept. 2-8 - the browser will drop the green Secure text from the address bar for HTTPS pages and show only the small padlock icon. Google characterized that as a step away from affirmatively noting a secure page, and toward a more neutral label.

chrome http 3 Google

Then in October, Chrome 70 will appear (during the week of Oct. 14-20), labeling any HTTP site with a small red triangle to indicate an insecure connection, along with the text Not secure in the address bar. Those signals show as soon as the user interacts with any input field.

Edge

In much the same way as Apple's Safari, Microsoft's lead browser has stuck with the HTTPS-is-marked, HTTP-is-not model.

Edge displays a padlock icon in the address bar when the page is protected by a digital certificate, and traffic between the Windows 10 PC and server is encrypted. If there is no padlock, the site does not encrypt traffic, relying on HTTP instead. To get the full story, however, users must click on the icon - an i within a circle - and read the text in the ensuing pop-up. "Be careful here," Edge warns. "Your connection to this website isn't encrypted. This makes it easier for someone to steal sensitive information like passwords."

edge http 1 Microsoft

Unlike Safari, Firefox and Chrome, Edge does not proffer special warnings when the user visits an HTTP site sporting important input fields, like those dedicated to passwords or credit card numbers.

Wednesday
May232018

How to port your landline number to Google Voice

google-voice-number-porting.jpg

It costs $20 to port your landline number to Google Voice -- but you'll have to move it to a mobile carrier before you can do that.

Screenshot by Rick Broida/CNET

Still hanging onto your home phone? Worse, still paying for it?

I suspect this is pretty common. It's a hassle to give up a landline, if only because that number you've had for so many years is "on file" at so many places. It's your home number -- and you need to keep that, right?

The number, yes. But the service? Well, that's another matter. By porting that number to Google Voice, you can keep your home number and actually make it a little more versatile. You can also stop paying extra for it -- probably.

How much is your landline costing you?

I know from an informal social media poll that some folks out there still have plain old telephone service (or a POTS) and are still paying anywhere from $30-$80 per month. Yikes.

Assuming you have reliable and speedy internet service, you could switch to a voice-over-IP (VoIP) phone system like Ooma. The Ooma Telo ($79.98 at Amazon.com) box plugs into your router and then delivers basic home-phone service -- with your same number -- for free. Ooma Premier adds a bunch of bells and whistles for $10 per month -- still way cheaper than most POTS options.

If your home number is bundled with your cable or internet, however, it might not be costing you that much. Or, to think about it another way, you might not save anything by unbundling it from your service plan. It's worth a phone call to find out.

Maybe you've been thinking about cutting the cord anyway? If you're ditching two out of your three bundled services, now you're probably looking at a lower monthly bill. (Not in the mood to haggle with your cable company? A service such as BillFixers, Billshark or Shrinkabill will do it for you -- for a fee, of course.)

Why Google Voice?

What's the advantage of moving your home number to Google Voice? For starters, it's free -- at least, it has been since 2009. Is there a chance Google could start charging for it? Absolutely, but you can cross that bridge when you come to it.

The key advantage to Google Voice is its versatility. You can route incoming calls to one or more other numbers -- like, say, every family member's mobile phone. That means you can receive home-phone calls even when you're not home.

You can also set up voicemail so that messages are transcribed to text messages or delivered by email. There's even a call-recording option, though it only works for incoming calls. 

OK, but does all this mean you can no longer use the cordless phone system that's been a household staple for all these years? Actually, it's possible to keep that hardware in the loop -- keep reading to find out how.

Why not Google Voice?

There's one important concern: You can't use Google Voice for 911 calls. So although you're keeping your number, giving up your landline means you'll need to use your mobile phone or some other method to dial emergency services.

Also, if you currently have a Google Voice number that you're using for other purposes, porting your landline will override that number. (If that's the case, it might be better to set up a new account with a new Google Voice number that you won't mind losing.)

Can you make the move?

There's a bit of a technical hurdle to moving your home phone number to Google Voice: The service can't port in numbers from landlines or VoIP services. (But you should still check Google's number-porting page to see if maybe your number is already eligible.)

It can port numbers from mobile carriers, though. So the trick is to first move your landline number to a mobile carrier, then move it to Google Voice.

By all accounts, the best way to do that is to buy a T-Mobile SIM card, create a new account, port the landline number to that account, then make your move to Google Voice.

Rather than walk you through each step of that process, I'm going to send you to Obihai's straightforward tutorial for porting a nonmobile number to Google Voice. And the reason I've chosen that particular tutorial is that Obihai also makes an inexpensive device you might find useful after the switch. See the next section for further details.

Once you get your landline number transferred to a mobile carrier, Google charges a one-time $20 porting-in fee. Before you perform that final step, you'll need to make sure your Google Voice number is linked to a phone number other than your landline. (You link numbers in the Google Voice settings. I recommend linking to your mobile phone, at least for now.)

OK, it's ported to Google Voice -- now what?

obihai-obi200.jpg

This Obihai adapter makes your Google Voice number accessible via your home phone system.

Obihai

After the porting process is complete, you'll want to return to settings and forward incoming calls to one or more other numbers. (This could include an office line, for example, but most likely you'll want calls to go straight to your cell, and maybe other family members' as well.)

Another option: Let calls to your landline number ring your cordless phone system, just like they did before. You can do this by installing an Obihai adapter such as the popular Obi200 ($50 at Amazon). It plugs into your router, much like the aforementioned Ooma, then your phone system's base station plugs into the adapter. Now you can do incoming and outgoing calls pretty much the same as always -- but without monthly fees.

Wednesday
May232018

Amazon is permanently banning customers that make too many returns

One of the many perks of shopping on Amazon is the company’s fairly lenient return policy. If you’re not happy with an item you purchased, you can typically return it without much hassle. But what you might not know is that if you are too trigger-happy when it comes to returns, you might end up with a lifetime ban without any warning at all.

The Wall Street Journal reports that multiple Amazon customers have received emails telling them that their accounts have been closed due to an overabundance of returns. In many cases, the customers were eventually able to restore their accounts, but that’s a surprisingly extreme measure for a company known for its great customer service to take. Imagine suddenly being shut off from all Amazon services just because you returned a pair of headphones.

“We want everyone to be able to use Amazon, but there are rare occasions where someone abuses our service over an extended period of time,” Amazon told the WSJ. “We never take these decisions lightly, but with over 300 million customers around the world, we take action when appropriate to protect the experience for all our customers.”

After reading some of the stories from affected customers in the piece, the primary concern seems to be less about the fact that Amazon is banning account, but rather than the bans often come without any heads-up. While Amazon does occasionally send out email alerts about return activity, not everyone receives them first.

Former Amazon managers tell the WSJ that accounts can be terminated for “behaviors including requesting too many refunds, sending back the wrong items or violating other rules, such as receiving compensation for writing reviews.” In most cases, algorithms will surface the problematic account, at which point the Amazon employee will decide whether or not action needs to be taken against the customer in question.

Being shut off from Amazon as a digital storefront is rough enough, but as Paul Fidalgo of Saco, Maine discovered, the ban can affect more than just your shopping habits. “It was dizzying and disorienting,” he said. “You don’t realize how intertwined a company is with your daily routine, until it’s shut off.”

Wednesday
May162018

How to Create an Anonymous Email Account

Not long ago, the sharing economy seemed to take over. Privacy was dead, and no one cared. But that was a pre-Snowden era. Now, for some, the need to go truly anonymous is more important than ever.

What do you do if you want to set up an email address that is completely secret and nameless, with no obvious connection to you whatsoever without the the hassle of setting up your own servers?

This goes beyond just encrypting messages. Anyone can do that with web-based email like Gmail by using a browser extension like Secure Mail by Streak. For desktop email clients, GnuPG (Privacy Guard) or EnigMail is a must. Web-based ProtonMail promises end-to-end encryption with zero access to the data by the company behind it, plus it has apps for iOS and Android.

But those don't hide who sent the message.

Here are the services you should use to create that truly nameless, unidentifiable email address. But be sure to use your powers for good.


First Step: Browse Anonymously

Your web browser is tracking you. It's that simple. Cookies, and so-called unstoppable "super cookies" know where you've been and what you've done and they're willing to share. Sure, it's mostly about serving you targeted ads, but that's not much consolation for those looking to surf in private.

Your browser's incognito/private mode can only do so much—sites are still going to record your IP address, for example.

If you want to browse the web anonymously (and use that private time to set up an email), you need not only a virtual private network, but also the Tor Browser, a security-laden, Mozilla-based browser from the Tor Project. If you don't know about Tor, it's what used to be called The Onion Router; it's all about keeping you anonymous by making all the traffic you send on the internet jump through so many servers, people on the other end can't begin to know where you really are. It'll take longer to load a website than it would with Firefox or Chrome, but that's the price of vigilance.

The free Tor Browser is available in 16 languages, for Windows, macOS, and Linux. It's self-contained and portable, meaning it'll run off a USB flash drive if you don't want to install it directly. Even Facebook has a Tor-secure address to protect the location of users—and let users get access in places where the social network is illegal or blocked, like China. An estimated 1 million people use it. There is also a version for getting Tor access to Facebook on Android devices.

Tor is not perfect and won't keep you 1,000 percent anonymous. The criminals behind the Silk Road, among others, tried that and failed. But it's a lot more secure than openly surfing. It took law enforcement agencies with a lot of resources to get those bad guys.

Second Step: Anonymous Email

You can set up a relatively anonymous Gmail account, you just have to lie like a bathroom rug. That means creating a full Google account, but not providing Google your real name, location, birthday, or anything else it can use when you sign up (while using a VPN and the Tor Browser, naturally).

You will eventually have to provide Google some other identifying method of contact, such as a third-party email address or a phone number. With a phone, you could use a burner/temp number; use an app like Hushed or Burner or buy a pre-paid cell phone and lie through your teeth when asked for any personal info. (Just know that even the most "secure" burner has its limits when it comes to keeping you truly anonymous.)

As for that third-party email, there are anonymous email services you can use, so why use Gmail at all? The Electronic Frontier Foundation (EFF) says it's smart to use a different email provider from your personal account if you crave anonymity—that way you're less likely to get complacent and make a compromising mistake.

Note that you also should use an email service that supports secure sockets layer (SSL) encryption. That's the basic encryption used on a web connection to prevent casual snooping, like when you're shopping at Amazon. You'll know it's encrypted when you see HTTPS in the URL, instead of just HTTP. Or a lock symbol shows up on the address bar or status bar. The big three webmail providers (Gmail, Yahoo Mail, and Outlook.com) all support HTTPS. Get the HTTPS Everywhere extension for Firefox, Chrome, Opera, and on Android, to ensure that websites default to using the protocol.

https-everywhere2

That's great for web surfing, but neither HTTPS nor VPN is enough to stay hidden when emailing. You know that.

Pseudonyms in email (like anonguy55@gmail.com) aren't enough, either. Just one login without using Tor means your real IP address is recorded. That's enough for you to be found (if the finder can get your provider to give up some records). It's how General Petraeus got nailed.

The point is, once you've gone this far, there's no reason to go back. Use a truly anonymous web-based mail service; here are some of the best.


Hushmail

Hushmail

Recommended by the EFF and others, Hushmail's entire claim to fame is that it's easy to use, doesn't include advertising, and has built-in encryption between members. Of course, to get all that, you have to pay for it, starting at $49.98 per year for 10GB of online storage; a free version offers 25MB of storage. Access it on the web or iOS.

Businesses can use Hushmail starting at $3.99 per user/month for nonprofits (going up to $5.99 for small businesses and $9.99 for legal and healthcare entities), plus a one-time $9.99 setup fee for everyone (though then you need to obfuscate your info for the Whois database).

Note that Hushmail has turned over records to the feds before, and its terms of service state you can't use it for "illegal activity," so it's not going to fight court orders. But at least it's honest about it up front.


Guerrilla Mail

Guerrilla Mail

Guerrilla Mail provides disposable, temporary email. Technically, the address will exist forever, and never be used again. Any messages received at the address, accessible at guerrillamail.com, only last one hour. You get a totally scrambled email address that's easily copied to the clipboard. There's an option to use your own domain name as well, but that's probably not keeping you under the radar.

Guerrilla Mail is the perfect way to create an email address to sign up for a different, more permanent-yet-anonymous email address, or to send a quick, anonymous email instantly—no signup required. You can even attach a file if it's less than 150MB in size, or use it to send someone your excess bitcoins. Coupled with the Tor browser, Guerilla Mail makes you practically invisible. It's also available on Android.


Mailinator

Mailinator's free, disposable email has a slick interface, but you probably don't even need it. Whenever you're asked for an email, just make up a name and stick @mailinator.com at the end. Then visit the site, enter the name, and you'll see if it's received any messages. No signup though you can sign in with a Google account.

Here's the problem. If someone else comes up with the same name, then you both get access to the messages received. There are no passwords. There's also no sending possible. Its FAQ states if you get an email from Mailinator, it's a guaranteed forgery. This one is for quick service signups only, and only with the most obfuscated, obscure you can come up with. Of course, you can pay $29/month if you want to get a 10MB storage inbox that is private just for you.


Hide-Your-Email.com

Hide-Your-Email.com

You don't get interfaces as simple as this very often. With no signup required, you enter the email name you want for an @pidmail.com address you can hand out. The messages sent to it immediately show up. It's that simple, though it's not for sending messages. You can reserve the address of your choice with a password, again at no cost to you.


Email On Dek

Email On Deck

There's a two-step process to getting a free email for receiving messages at Email On Deck, but only because step one is a CAPTCHA to make sure you're a human being, not a web-based robot. It randomly assigns you an obfuscated email address (like "cynthia@l7b2l48k.com"). You can click a button to get assigned another, but they're all temporary. You don't want to use this service if you plan to ever use the address assigned beyond, say, an hour or two.


TorGuard Email

TorGuard

TorGuard is another global VPN service, which goes for around $9.95/month to start. The service also provides a separate Anonymous Email, with service from free (10MB offshore storage) all the way up to $49.95/year for unlimited storage. They all have secure G/PGP encryption of mail and no ads. For more, see PCMag's full review.


TrashMail.com

TrashMail.com isn't just a site, but also a browser extension for Google Chrome and Firefox, so you don't even have to visit the site. Create a new email from a number of domain options, and TrashMail.com will forward it to your regular address for the lifespan of the new address, as determined by you. The only limit is how many forwards you can get; to go unlimited, you pay $12.99 a year. The site provides a full address manager interface so create as many addresses as you like to stay anonymous and ubiquitous.


ProtonMail over Tor

ProtonMail

Maybe saving the best for last: ProtonMail is a nice service with servers in Switzerland (a country that appreciates secrecy) that provides fully encrypted messages. Anyone can get an account for free that holds 500MB of data and up to 150 messages per day, or pay 4 euros per month to get the advanced features.

Encryption is one thing, but anonymity comes with the ProtonMail's specific support for Tor via an onion site it set up at protonirockerxow.onion. It also provides full instructions on how to set up Tor on your desktop or mobile phone. Having anonymous users is so important to ProtonMail, it doesn't require any personal info when you sign up. It even supports two-factor authentication.

Wednesday
May162018

Please stop calling me!....(Telemarketers)

There are all sorts of reasons to block a number: an ex who won't stop calling, in my case, telemarketers who can't take a hint, scammers, or an aunt who wants to check in and see why you're still not married.

When your phone has buzzed one more time than you can take, you know it's time to block that number. But how? Here are the steps to take by popular operating systems and carriers.

Do Not Call
The first thing to do to reduce the number of unwanted calls coming to your phone is to put yourself into the National Do Not Call Registry. On the site, you can register your phone number or check if your digits are already there. On DoNotCall.gov, you can register up to three phone numbers at once. You'll also need to include an email address, as you'll need to confirm your registration. You can also call 1-888-382-1222 from the phone you want to register.

According to the FTC, which runs the registry, your phone number will be added to the registry within 24 hours, but it will likely take up to 31 days for sales calls to stop. If they persist in calling, you can file a complaint.

Operating Systems

iOS
Note: If you block someone from sending you texts, FaceTime, or voice calls, they will be automatically blocked from doing all three things.

Block a Call on iOSTo block a number that called you, go into the Phone app, select Recent. Find the number and click the I in the circle next to it. You'll get a screen with information about the call and actions to take, scroll down to Block This Caller.

If you're blocking someone in your Contacts lists, go to Settings > Phone > Call Blocking & Identification > Block Contact. That will bring up your contact list, and you can scroll through and select those you want to block. You can also get there via Settings > Messages > Blocked > Add New.

If a number texting you is not on your Contacts list, iOS 10 requires you to add it to your Contacts list before blocking it (tap the number/image on top of the screen > Create New Contact). Then follow the steps above. If you have an older version of iOS, tap the I in the circle at the upper right of the screen, then select Block This Caller > Block Contact.

If you think they'll sneak a peek at you with FaceTime, then go to that app, find the last FaceTime conversation you had with them, and click the I in the circle next to it. You'll get a screen with information about the call and actions to take; scroll down to Block This Caller. If it's someone in your Contacts, go to Settings > FaceTime > Blocked > Add New, and select the name or names to block.

In related news: If you think you've been blocked, signs include being sent directly to voicemail for calls, never seeing the "Delivered" message appear under your iMessage, and having your text turn green (as opposed to blue). These things can also happen if the person you're trying to contact does not have a connection, so don't freak out right away. But if it's been awhile and you're still not getting through...

Android
For Marshmallow or Nougat, open Dialer, go to your recent calls list, find the number you want to block and select Block/Report Spam. (If you don't want to report the number as spam, you can uncheck the box.) Then tap Block.

For Lollipop, go to the Phone app and select Call Settings > Call Rejection (ouch) > Auto Reject List. Type in the number or search for it, select it, and you're done.

If you use Messenger for messages, tap the name or number that sent you the message on your message list and select Block/Report Spam. (If you don't want to report the number as spam, you can uncheck the box.) For Contacts, go into Messenger, select Menu > Blocked Contacts > Add a Number and enter the number you want to to block.

Windows
To block calls and messages, go to Settings and then Call+SMS Filter, accept the Terms of Use and Privacy Policy if you have not already, then switch Block Calls to On. Now go to the Phone app, hold down the number you want to block, and hit Block Number, then OK.

Phones

Most HTC Phones
To block calls, open the Phone app, select Call History, tap the number, then select Block Contact or Block Caller.

Most LG Phones
To block calls, open the Phone app, select Menu > Settings > Call Reject > Reject Calls From and add numbers.

Most Samsung Phones
To block calls for numbers that have called you, go to the Phone app and open the Log. Select a number and then More > Block settings. There you will be able to select Call Block and Message Block. If the number is in your contacts, open the Phone app, select More > Settings > Call Blocking and add the number or numbers you want to block.

Carriers

AT&T
AT&T gets very specific when it comes to blocking numbers and wants you to do so on a device-by-device basis, so you're better off sticking with the instructions above that are specific to your OS or phone.

Sprint
First sign in to your Sprint account, then choose My Preferences, go to Limits and Permissions, then Block Voice, and select Block Only the Following Phone Numbers for Inbound and Outbound Calls. Enter the number or numbers and then select Add Number and Save.

T-Mobile
Go to the Home screen, select Phone > Contacts. Navigate to the contact you want to block and select Block. If you want to block callers via T-Mobile's site, you can only do so if you have a family plan. Sign in to your account and then select Tools > Family Allowance > Access Family Allowances. Go to Allowed Numbers and choose Never Allowed and put in up to 10 numbers you want blocked. Make sure to click OK and Save.

Verizon
You can block five numbers on each Verizon account that you have. The block lasts for 90 days. Log into the Verizon website, go to My Account > Manage Verizon Family Safeguards & Controls. Go to Call & Message Blocking Feature, select Add Now, and add up to five numbers. If you want or need blocking to be permanent, sign up for Verizon FamilyBase, which gives you blocking and parental control over your devices for $4.99 a month.

Wednesday
May162018

iCloud v. Google One

Apple’s Worldwide Developers Conference is right around the corner, and we all have our lists of things we’re hoping to see: better Siri, a modular Mac, cheaper HomePod, Face ID on the iPad Pro. But there’s one product in desperate need of an update that would instantly generate an extended applause break from the keynote crowd.

No, I’m not talking about the Mac mini. I’m talking about iCloud.

iCloud has been a bone of contention for Apple users ever since its debut at WWDC 2011. A replacement for the MobileMe paid service—which replaced .Mac, which replaced iTools—iCloud was supposed to be the free online storage we all wanted. Like the services of yore, it included backup, email, and online storage starting at 5GB and going up to a terabyte or more for a monthly fee.

[ Further reading: The best TV streaming services ]google one Google

If you pay for Google Drive, Google One is the new home for your files.

That was fine back in 2011. But while Apple has added things like iTunes Match, Photo Library, and Keychain to iCloud to build it into a fuller-featured service, it still lags in comparison to the online storage offered by Google and Dropbox. And now Google is beefing up its own paid storage plans in an effort to put even more distance between it and iCloud. And it’s getting harder and harder to defend iCloud.

iCloud everywhere

Anyone who already pays for a Google Drive account will be automatically upgraded to Google One, bringing a smattering of additional features for the same (or less) money. That includes “one-tap access to experts” and “access to extras from other Google products, like credits on Google Play or deals on select hotels found in Google Search.” And Google promises more benefits over time. Google has also added family sharing to match Apple’s own Family Sharing feature. That means for just $3 a month, five family members can get 40GB of storage a piece. And if they want even more space, two terabytes costs $10 a month on either service. In fact, the two services are remarkably similar when it comes to monthly cost:

iCloud

  • 50GB: $0.99
  • 200GB: $2.99
  • 2TB: $9.99

Google One

  • 100GB: $1.99
  • 200GB: $2.99
  • 2TB: $9.99

But pricing and freebies aren’t the main appeal of Google One. It remains to be seen what Google will add to the service in the way of freebies, but as it stands, Google One is everything iCloud isn’t, namely an extension of your phone, PC, or Chromebook. It’s a way to access all of your files wherever you are. It doesn’t matter what device you’re using or even what platform—all of your files, photos, and video are accessible wherever you go. Even on a Mac, it offers a great way to keep your files and photos synced at all times.

icloud photos Apple

iCloud does a fine job with photo syncing, but it could do so much more.

Google One isn’t just a simple rebranding of Google Drive, it represents a philosophy of convenience that used to be ingrained in Apple’s products too. iCloud Drive is available on Windows, but where’s the Android app?  Apple’s iOS backups are far better than they are on Android, but on the Mac, iCloud backups are little more than syncing of your services. I understand that 5GB is far too little space for a full PC backup, but why not offer iCloud Mac backups as an option for paid accounts?

With its new One plans, Google is sending a message to its users that there is no better place to store your files. That’s not the case with iCloud. Power users maybe able to use it to its full extent, but from its lame free tier to its value-poor subscription plans, Apple offers little incentive for the average user to upgrade for any other reason than to stop receiving out-of-space alerts.

Adding value

Google is putting convenience first. I understand that Apple needs to sell way more iPhones than Google needs to sell Pixel phones, but developing iCloud into a full-featured, standalone cloud service isn’t going to push anyone over to Android. If anything, it’ll get some Android users to switch.

Even if you ignore the fact that Google offers three times the free storage space that Apple does (15GB versus 5GB), the real difference between the two plans is that iCloud doesn’t give any real incentives for upgrading to a paid plan. Back when iTools turned into dot-Mac, I was happy to pay $99 a year for a full suite of services, including Backup for all of my devices, iDisk, and a cool email address. Now I groan a little each time I get my monthly email from Apple informing me that it has charged my account $3.

I recently convinced my dad to pay $1 a month to increase his iCloud storage to 50GB, but it wasn’t an easy sell. He wanted to know why he needed to pay just to have enough space to back up his three iOS devices. It’s a good question. I eventually won the argument by breaking it down to pennies a day, but there should be a better answer. Here’s hoping that Apple provides one at WWDC.