Windows 11 is now out of the Dev channel and into the Beta channel meaning that more of you now have access to be able to install or upgrade to a stable build of Windows 11.
Windows 11 is not production ready, yet, so it’s reasonable to expect some bugs or weird errors. One such bug I received was causing me a real headache and preventing me from even starting Windows fully. So what happened? Windows Explorer (explorer.exe) refused to completely start-up when booting into Windows. The Windows 11 desktop would load with my icons, however, I wasn’t able to launch any application and the Windows toolbar did not load at all.
Using Ctrl+Alt+Del, I was able to access the Task Manager, which confirmed my suspicion that the explorer.exe process was Not Responding. Ending the task didn’t correct the issue as Explorer.exe refused to restart upon termination. I also tried starting explorer.exe via the Task Manager after terminating it, to no avail. The process would continue to Not Respond.
In my instance, Windows 11 had downloaded some updates that I wasn’t aware of and hadn’t installed them yet. On the Ctrl+Alt+Del screen I was able to do a soft reboot of the device by clicking on the power icon, and then clicking on “Update and Restart”.
Fixing Windows Explorer Not Starting on Windows 11
Resolution
First, attempt to reboot the PC from Windows and look for artifacts of an upgrade such as the, “Update and Restart”, option.
Still not working? Boot the PC into safe mode to see if Windows loads properly. If it does then the issue could be related to a driver. Update your hardware drivers.
Still not working? From the Ctrl+Alt+Del screen, launch the Task Manager. Under the ‘Details’ tab locate explorer.exe, it will likely be Not Responding. End the task. If Explorer is functioning properly, it will automatically restart.
If Microsoft does one thing pretty well, it’s that they provide their developers with a number of tools and resources to explore and produce in the Windows eco-system. How many times have you needed to spin up a Windows 10 virtual machine, but didn’t have any available licenses and didn’t want to purchase one? Too many. That’s right.
Microsoft makes its Windows 10 operating system available as a virtual machine (with limited activation time that can be extended!) for developers to do what they do best, develop! Windows 10 Enterprise is available in one of 4 VM formats; VMWare, Hyper-V, VirtualBox, and Parallels. Not only does the VM give you a perfect Windows 10 environment, but it also comes with Virtual Studio 2019, Visual Studio Code, and Windows Subsystem for Linux already enabled with Ubuntu installed! Use the link below to head over to Microsoft for specific downloads.
This is part 1 of the Initial Setup of a Debian 10 server on Digital Ocean.
This is a complement to Initial Server Setup with Debian 10 over on the DigitalOcean tutorials page. The tutorial linked provides an excellent base setup for your to springboard off of on to your own customer setup. That being said, there are always settings, configurations, and utilities that will be helpful for almost any setup. Some of the information below comes from How To Secure A Linux Server and The Book of Secret Knowledge (this is one of favourite repos).
Note: I will do my best to introduce anything that we change so that you can understand what that change might affect. All setups are different so don’t install or configure anything that you don’t need or want. This will just lead to you forgetting about it, it becoming outdated and a security issue.
Text that is highlighted with purple text should be updated with your specific values.
Logging In
If you’re a Windows user then I recommend Solar-PuTTY as a Command Line Client. (Shout to Greg for the find). Otherwise you can use the built-in terminal on your MacOS or Linux OS. Here is how we connect to our server via command line interface (CLI).
justin@home:/$ ssh root@111.133.134.199
Replace the IP Address with the IP of your new server.
At this point you’ll either a) be asked for the password that you set for the root account or b) the server will be expecting an SSH key if you chose to use SSH keys for logging in. If correct, you’ll be logged in.
Creating a User and Granting Administrator Privileges
You should only use the root account in special circumstances. It’s recommended that you create a standard account that has the ability to elevate to have administrative privileges, when necessary. We’re going to create a secondary account called bastion and then we’ll add it to the sudo group.
justin@home:/$ adduser bastion
Adding user `bastion' ...
Adding new group `bastion' (1000) ...
Adding new user `bastion' (1000) with group `bastion' ...
Creating home directory `/home/bastion' ...
Copying files from `/etc/skel' ...
New password: <Enter Password>
Retype new password: <Re-enter Password>
passwd: password updated successfully
Changing the user information for bastion
Enter the new value, or press ENTER for the default
Full Name []: Bastion
Room Number []:
Work Phone []:
Home Phone []:
Other []:
Is the information correct? [Y/n] Y
You’ll be prompted to set and confirm a password on the new account. You can optionally add information such as a Room Number and Home Phone to the account.
justin@home:/$ usermod -aG sudo bastion
The usermod command allows us to modify existing accounts. We use the -a switch to append to the account, and the -G switch allows us to to select the Group(s) in which to append to the account. Members of the sudo group (superuser do) are able to run commands with the security privileges of another user. By default, it’s the superuser account.
Now we can append sudo to the beginning of our commands when logged in as bastion. Commands that make system changes, including software installs and uninstalls require elevated privilege that a standard account normally wouldn’t have.
Setting Up The Uncomplicated Firewall
A basic firewall goes a long way. Uncomplicated Firewall or UFW is a simple software firewall for Linux. Let’s install it, and then add a firewall rule for SSH so that we can still access it remotely.
justin@home:/$ apt install ufw
justin@home:/$ sudo apt install ufw
justin@home:/$ sudo ufw app list
justin@home:/$ sudo ufw allow OpenSSH
justin@home:/$ sudo ufw enable
Command may disrupt existing ssh connections. Proceed with operation (y|n)? y
Firewall is active and enabled on system startup
Once you’ve enabled UFW with that last command it will present you with a warning about losing your current SSH connection. As long as you allowed the OpenSSH app on line 3 above, you’re good. You can use the command sudo ufw status numbered to see the currently listed rules.
justin@home:~# sudo ufw status numbered
Status: active
To Action From
-- ------ ----
[ 1] OpenSSH ALLOW IN Anywhere
[ 2] OpenSSH (v6) ALLOW IN Anywhere (v6)
Copying Existing SSH Keys
SSH is attacked all the time. It’s very, very common. If you’ve setup your accounts with SSH keys already, then you may wish to skip the next couple of sections. If you’re going to use the same SSH Keys that you created for your root account, read on.
SSH keys on the root account are stored at ~/.ssh/authorized_keys on your server. If you plan on using the same SSH keys on your bastion account you can simply copy this file over to your bastion account home directory and update the permissions of the .ssh folder recursively. (When copying from your root user, login as your root user)
If you don’t have any SSH keys currently, or wish to create a new set a SSH keys for this new bastion user, we’ll use PuTTY Key Generator to do that. The image below shows the sequence of buttons you’ll press.
First, click the generate button. The Key window asks you to move your mouse around the blank Key area, randomly. This provides a pseudo-random input, kind of like an initial password to create the SSH key with. Once that’s done it will generate a key!
The Key fingerprint and Key comment are already filled in. A Key passphrase adds an additional layer of security to your SSH Key by requiring a passphrase every time that it’s used. The passphrase is optional, but may secure your SSH keys from being used, if they are ever stolen.
Copy the text in the ‘Public key for pasting into OpenSSH authorized_keys file’ field to a Notepad. Click Save public key and Save private key to save the respective key(s) to your computer. The file extensions don’t matter in this instance, however, you may wish to use the following extensions on your key files:
id_rsa.pub (Public Key) id_rsa.key or id_rsa.ppk (Private Key)
Keep these safe and secure. Make sure that you keep backups.
Create a third-file called authorized_keys and paste the text that you saved in Notepad, previously.
Uploading SSH Keys
The easiest way to copy SSH keys to your server is by using the ssh-copy-id command, however, ssh-copy-id isn’t available on Windows. I’ll show you the ssh-copy-id way of uploading your SSH public key to your new server, as well as the scp command (Secure Copy).
SSH-copy-id
The ssh-copy-id command is by far the easiest method of moving your SSH public key from your local machine, to your new server. It handles all of the dirty work for us. Dirty work that you’ll see in the scp command below it.
justin@home:/$ ssh-copy-id -i ~/.ssh/authorized_keysroot@111.133.134.199
justin@home:/$ ssh-copy-id -i ~/.ssh/authorized_keysbastion@111.133.134.199
# We can also not utilize the -i switch and ssh-copy-id will attempt to find your keys for you, automatically.
justin@home:/$ ssh-copy-id bastion@111.133.134.199
The ssh-copy-id command requires very little input. I’ve given it a path to my SSH public key, and then I finish the command with my root login @ my new server. You’ll be prompted for your password after pressing enter. Once it completes your public key will be dropped in the ~/.ssh/authorized_keys file for the user that you logged in with. This example is uploading a public key for the root user.
SCP (Secure CoPy)
Unlike ssh-copy-id, the secure copy (scp) command is available on both the Windows Command Prompt, and PowerShell. Also, unlike ssh-copy-id, the scp command will completely overwrite your authorized_keys file with the contents of your public key.
Here is a third example of copying SSH keys to your server using the SSH command. This is the most explicit way of copying your SSH keys as you are going to be piping several simpler commands together.
By default, the SSH service allows everyone to attempt to connect to it, and to attempt to login with a username and password. Since we’re now using SSH Keys for all of the potential remote users on our server there are several configurations that we now must do in order to secure SSH.
Disable Root Logins Using Passwords
Disable Password Authentication
Change the default SSH port
All of our the configuration for the SSH service is contained within /etc/ssh/sshd_config. Open that file with nano or your favourite editor and change the following settings. I’ve placed a comment character (#) next to the old setting.
# PasswordAuthentication may not be listed in your sshd_config file. If it’s missing, simply add the configuration line to the end of the file. # PasswordAuthentication yes PasswordAuthentication no
After you save ssd_config, you’ll want to allow traffic to the new port before restarting the SSH service.
justin@home:/$ ufw allow 2222/tcp
justin@home:/$ service ssh restart
You might be wondering why we’re changing the default SSH port? SSH is a commonly attacked service with the default port being 22. Servers and computers connected to the Internet are constantly being scanned to find out if this port is open. Changing the port doesn’t prevent attacks, but it adds an extra layer of difficulty as an attacker would need to identify the correct port and adjust their attacks appropriately. It’s not worth the effort to focus on one such server.
We’ll be digging into some more in depth system settings in part 2.
I highly recommend DigitalOcean if you’re looking for discount VPS.
You’ve probably heard of Signal lately; on the news, on Facebook, or somewhere else on the Internet. My sister “tried” to use it, but only ended up missing a bunch of text messages from me. So this post is for my sister and anyone else interested in securing their text messages.
Why Would I Want Secure Text Messages? Are People Really Reading My Texts?
These are two of the most common questions that I get about this. A lot of you Apple users just love your iMessage. Guess what?!? Signal is, for all intents and purposes, the same thing as iMessage except for the following very big differences:
It’s available on both iOS and Android, as well as your Desktop (Windows, Linux and MacOS).
The messages, photos, videos, and even the calls sent between users are only viewable by those users.
It’s Open Source. This means that the software code that was used to create it is freely viewable on the Internet, and anyone can contribute to the development of the program.
Getting Started with Signal
Getting started with Signal is easy. The application is available on both the Play! Store on Android and the App Store on iOS. Once you’ve set it up on your mobile device you can install it on your desktop computer to send messages to other Signal users.
When you first open Signal you’ll need to go through a basic registration where it will validate your phone number.
That’s it! You’re done.
You’ll want to send future texts using the Signal app so don’t forget to update the shortcuts on your phone screen. You may also need to make Signal your default SMS app, which it will prompt you to do when you launch the app.
What If My Friends Don’t Have Signal?
The Signal app allows you to send messages to everyone, even if they don’t have the Signal app. The only issue is that the messages between you and those people will not be secure, and functionality like video calling won’t work.
I was migrating some WordPress websites this weekend on to our new Website Hosting platform at Rogue Security. Normally I wouldn’t do a lot of it manually, but was having an issue with one of the websites and realized it would be easier to install a fresh copy of WordPress. Well, while configuring the wp-config.php I was at the Authentication Keys block, and hidden in the comments of that block is a link to the WordPress Salt Generator.
/**#@+
* Authentication Unique Keys and Salts.
*
* Change these to different unique phrases!
* You can generate these using the {@link https://api.wordpress.org/secret-key/1.1/salt/ WordPress.org sec$
* You can change these at any point in time to invalidate all existing cookies. This will force all users $
*
* @since 2.6.0
*/
define( 'AUTH_KEY', '<random-characters>' );
define( 'SECURE_AUTH_KEY', '<random-characters>' );
define( 'LOGGED_IN_KEY', '<random-characters>' );
define( 'NONCE_KEY', '<random-characters>' );
define( 'AUTH_SALT', '<random-characters>' );
define( 'SECURE_AUTH_SALT', '<random-characters>' );
define( 'LOGGED_IN_SALT', '<random-characters>' );
define( 'NONCE_SALT', '<random-characters>' );
What is a Salt?
Great question! a salt is random data/characters that is used as additional input for one-way hashing algorithms. Yeah, that was a lot so here is an example. When you create a new account on Facebook you must enter a username and password. After submitting that information, Facebook store the username in the database as it’s written in plain-text that is human-readable. However, Facebook takes the password that you entered and adds a salt to it, encrypts it using a hashing algorithm such as MD5 of SHA256 and then they store it in the database. It doesn’t matter how or where the salt is placed in the password.
A hashing algorithm will produce the same output given the same input. In other words, every time I use the SHA256 algorithm with my name as the input, it’s going to produce the exact same output. My Python script below shows that.
No matter how many times I run this script with my name as the test_string it will never generate a different string, unless I change the hashing algorithm, of course.
The salt doesn’t change your password, it changes how your password is stored. Remember how my name will generate the same hash every time I check it? Well so will your password. If a malicious actor knows the hash of your password, it can still be just as useful as the actual password, more so if it hasn’t been salted prior to encryption.
WordPress Salt Generator
The WordPress Salt Generator is a simple page for generating a complete set of secret keys for your WordPress installation. If you’re using it for WordPress security purposes then you simply load up the page linked to above, and copy the generated keys into your wp-config.php file. These keys are also automatically generated during a standard installation so you only really need to do this if you are doing a manual install. If you don’t fill them out, they will be automatically generated for you during the first run.
Other Uses
So, how else might they be useful?
The page generates 8, 64-bit strings that are pseudo-random. You could easily connect to this page with a little Python, parse the data and have a quick subset of secret keys that can be used for just about anything. Need some quick licenses created? Pull up the page, copy a key. You have yourself randomly generated license keys (just make sure you check for duplicates).
Do you like complex passwords? I do. Some of my passwords are actually 64 random characters so this is perfect for that.
You may have just setup your new Ubuntu Server setup, or perhaps you have a Virtual Private Server on Digital Ocean that sets up with the default UTC time zone. Regardless of your reasoning you should always have your server(s) and user(s) system time set with the appropriate time zone, and preferably synced entirely for devices that exist on the same network, check out the Cybersecurity Breakout below for more info on that, or skip it for find out how to set the time zone in Ubuntu.
Please note, these instructions should apply to most, if not all, Debian-based operating systems.
Cybersecurity Breakout
Cyber attackers have found every way feasible to successfully infiltrate their targets. This has included the use of date/time based attacks that attackers can use to create behaviour, often undesirable, in software, such as the creation of a race condition. Your Windows and MacOS computer has settings that you can configure to either manually or automatically set your time zone. Depending on your network, you may even have a device (like a router) that actually has a built-in time server known as a Network Time Protocol (NTP) server
The timedatectl Command
The timedatectl software controls your system’s date and time. It has a variety of commands, but we’ll only be touching the few that are relevant to our query. Check out the man pages for more. Without further ado, let’s get started.
How-To Set Time Zone in Ubuntu via Command Line
The following instructions assume that you already have command line access to your Ubuntu device.
Total Time Needed :
15
Minutes
Steps to Setting The Time Zone In Ubuntu Via Command Line
Step 1 – Check Current Time Zone
You probably already know that the time zone is incorrect, but you need proof. Using the status command, you can find out how your current time is configured. (Running the timedatectl software without any commands will produce the same output.
bastion@server:~# timedatectl status
Step 2 – Set A New Time Zone
The timedatectl software has a command called set-timezone that can be used to modify the time zone of your Ubuntu server without having to modify any files. You’ll need the appropriate time zone format for the time zone that your device exists in. Make sure that if you’re device is in Toronto, then is gets the America/Toronto time zone even if you live in Phoenix, Arizona. You’re setting the time zone for the device, not yourself. You can find a list of time zones on the Ubuntu man pages.
The set-timezone command will update the time zone as found in /etc/timezone. After running the set-timezone command you can review that file to ensure the proper changes were made.
Setting your time zone is now done, but you may also wish to have your time synced with an external service like we mentioned previously. Not a problem, timedatectl, can help us with that too. the show-timesync, and set-ntp commands will help us here.
bastion@server:~# timedatectl show-timesync
show-timesync provides you with details in regards to your current time sync configuration. You’ll want to confirm that you have servers listed under SystemNTPServers.
bastion@server:~# timedatectl set-ntp true
The set-ntp command turns time syncing with your NTP server, on.
Congratulations, you’re done! You don’t need to reboot for these changes to take effect, however, I always recommend you do so when making system changes.
This one caught me a little off guard. I was working on updating a client WordPress site this morning; it had 2 themes that we hadn’t removed that needed an update. Instead of deleting them, I chose to update them. Without thinking I clicked away to another part of of the WordPress administrator area and ended up getting stuck with the following on every load and reload of the page. I even restarted NGINX in a desire to find a quick fix.
I’ve now learned that WordPress has a built-in maintenance mode that it kicks itself into during updating of plugins and themes. We would rarely ever see a reference to it as updates typically go very quickly, and without a problem. Except when they don’t. Luckily, the WordPress developers built a very simple mechanism for driving this maintenance mode that anyone with access to the WordPress website files can access.
How To fix wordpress stuck in built-in maintenance mode
In order to fix this error you must have access to the underlying WordPress website files. You may have access to these files via File Transfer Protocol (FTP) or through your Web Hosts Control Panel. The solution to this problem is to delete the .maintenance file from the root folder of your WordPress install, in other words, the top most directory on your web host with WordPress files.
Total Time Needed :
5
Minutes
Steps to remove .maintenance file from wordpress
Step 1 – Navigate to your WordPress Directory
Login to your Web Hosting Control Panel, FTP Client, or SSH Client and navigate to the top-most WordPress directory that is hosting your website. On my web host, my files are located at /<server_directories>/roguesecurity.ca/public_html/.
Step 2 – Delete .maintenance file
Look for a file called .maintenance (The period before the word is required). Once found, simply delete this file from the directory. Once you delete this file, return to your web browser and clear your browser cache, and reload your website.
Congratulations. That’s it! If your website is still displaying a maintenance mode message after deleting this file, double check that you’ve cleared your browsers cache. You can also try a different browser. If it works in a different browser then we know the fix worked, and the not working browser will correct itself over time.
My friend Randy was always on me about using the command line more, and I’m glad that I listened to him. A command line interface (CLI) are often times so much more powerful then its graphical user interface (GUI) cousin, with less errors. I’ve leaned more towards using the command line for technical work as oppose to the GUI and that includes administration within Windows. Sometimes I’ll use the built-in CMD, and other times I’ll use PowerShell.
Mapping a network drive in Windows through the command line interface is not hard and anyone willing to take one step at a time. Without further ado, let’s dig into it.
How to Map a Network drive in windows from the command line
You may wish to map a network drive in Windows via the command line if you are having issues mapping it via the GUI, or if you prefer to take control of your setup and learn a few things while you are at it. Perhaps you’re adding a new network storage device and testing out different configurations. You’ll very likely want to single-pane view of the command line interface.
Total Time Needed :
10
Minutes
Steps to Map a network drive in windows from the command line
Step 1
In Windows search, located in the Windows Taskbar, type ‘cmd’ (without the quotes). The Command Prompt app should pop-up in the start menu. You will want to then click, Run as administrator, in order to launch the command prompt window with the appropriate privileges.
Step 2
At the command prompt, which will display a flashing white cursor when the command prompt window is selected, type in the following command to view current mapped drives.
C:\Users\User>net use
Make a note of any drive letters that are already in use. This information will be located in the Local column. You can’t map a new drive to a drive letter that is already in use. If you’d like to delete a mapping to re-use the drive letter, you can use the following command:
C:\Users\User>net use <driveLetter>: /delete
for example, the following command would delete the mapping to drive letter S.
C:\Users\Justin>net use s: /delete
Step 3(a) – Drive Mapping (no credentials)
Now we can map our network drive. You only need to select one way of mapping your drives from the 4 that I’ve outlines here, (a) through (d) below.
C:\Users\User>net use <driveLetter>: \\<path>\<to>\<network>\<share>
The below command will map a network share that is located at \\Storage\Media\Movies to a new drive with the drive letter L.
C:\Users\Justin>net use L: \\Storage\Media\Movies
Step 3(b) – drive mapping with credentials
If you configured your shared drives to required a username and password, we can modify our command by adding the /user: switch.
C:\Users\User>net use <driveLetter>: \\<path>\<to>\<network>\<share> /user:<username> <password>
The below command will map a network share that is located at \\Storage\Media\Movies to a new drive with the drive letter L, using justin as the username, and supersecurepassword1 as the password.
C:\Users\Justin>net use L: \\Storage\Media\Movies /user:justin supersecurepassword1
Step 3(c) – drive mapping with persistence
You probably don’t want to have to keep mapping or logging in to your new drive every time that you boot up your computer. That’s where the /persistence flag comes in.
C:\Users\User>net use <driveLetter>: \\<path>\<to>\<network>\<share> /persistence: {yes|no}
Here is how the Microsoft Documentation describes the /persistence flag: (It) Controls the use of persistent network connections. The default is the setting used last. Deviceless connections are not persistent. Yes saves all connections as they are made, and restores them at next logon. No does not save the connection being made or subsequent connections. Existing connections are restored at the next logon. Use /delete to remove persistent connections.
The below command will map a network share that is located at \\Storage\Media\Movies to a new drive with the drive letter L, and maintain persistency across each reboot.
C:\Users\Justin>net use L: \\Storage\Media\Movies /persistent: yes
Step 3(d) – Complete drive mapping
In a perfect world you will want to have properly credentialed shares and any user that connects will do so with their own username and password, with persistency. Here is how we bring it all together.
C:\Users\User>net use <driveLetter>: \\<path>\<to>\<network>\<share> /user:<username> <password> /persistence: {yes|no}
The below command will map a network share that is located at \\Storage\Media\Movies to a new drive with the drive letter L. The connection will use justin as the username, and supersecurepassword1 as the password. Finally, the connection will be persistent so that user, justin, won’t have to login to the drive every time they log in and out of their Windows account.
C:\Users\Justin>net use L: \\Storage\Media\Movies /user:justin supersecurepassword1 /persistent: yes
That’s it! Once you’ve completed the steps you should be presented with a success message, and have your new drive mapped in Windows.
I hope you found this how-to helpful. If you did I’d love to hear about it. Leave a comment below!
If you haven’t heard of Minecraft you may want to check and make sure that you are not under a rock. All three of the kids in my household enjoy playing Minecraft, but I really don’t like them joining some of these random online servers. With some research it wasn’t difficult to put together a nice, safe, alternative that we host ourselves.
Server Info
VPS Specifications
We currently have a VPS setup on Digital Ocean with the following specifications:
In order to run the Minecraft server (and keep it running) we employ some additional software that was pretty easy to install.
PaperMC
There are plenty of different servers available for Minecraft Java. We went with PaperMC due to its stability and its mods compatibility with Bukkit and Spigot.
Crafty Controller
We’re also using an open source, secure by default software called Crafty Controller for the administration of our Minecraft worlds. I love the app, although I’m having some issues with keeping my world from crashing. I suspect this is because I setup the world outside of Crafty. I’ll create a new server and move over the save, eventually.
Plugins
We’re not doing much with plugins yet as I don’t take much time to set them up properly, but here are the plugins that we currently have running on our server.
Essentials
LuckPerms
Multiverse-Core, Multiverse-Inventories, Multiverse-NetherPortals, and Multiverse-Portals
Vault
WorldEdit
Dynmap
Epic Quest
In total, it costs us about $15 a month to operate a pretty custom Minecraft server with very little maintenance.
You too, will never have to spend a dime on apps with a little bit of time and a little bit of patience. By completing surveys in the Google Opinion Rewards app, you’ll be able to collect Google Play Store credit (or actual moola if you’re an iOS user) that will be completely usable for everything available in the Play Store including apps, books, movies, and in-app purchases. No more buying Robux for the kids!
So How, Exactly, Does It Work?
Google collects our data. Yeah, sorry to be a downer, but this is one occasion where we can get some value back out of that data. Our Android phones collect location data, search data, and even videos that we watch on YouTube. This data is sent to Google where they use it to provide you with better and more personalized services (except when they don’t, I recommend reviewing the privacy and security on your Google Account every year.)
You’ll be receiving surveys based on that data so an example might be that I receive a survey because my location was set close enough to a Home Depot, and Home Depot contracted with Google to obtain opinions from its customers.
Getting started
installing and setting up google opinion rewards
Step 1
From your mobile device, open the app store and search for Google Opinion Rewards. Install the app once you find it.
Step 2
After installing the app, run it and you’ll be asked to login to your Google account, as well as fill out some basic information. You’ll also want to have Location History turned on in order to take the most advantage of opportunities.
Step 3
Wait for surveys. The app will notify you when you have a survey available. Most of the surveys that I’ve done have come from locations that I’ve visited. So start living your life.
Conclusion
I’ve been using this method to not pay for Android apps for many years now. I’ve earned more than $100 in Play Store credit sinceI started doing these surveys back in 2016. That’s money that I didn’t have to spend, while providing a little bit of Dopamine for my beautiful brain. Isn’t it satisfying getting to itch that Dopamine scratch without wasting all of your money? It’s a literal two-for-one!
