Do you use social login? How about for remote access to your home WiFi router when you’re not at home? Unless you have good password practices and multi-factor authentication, I recommend you do NOT enable remote access of any kind, and maybe consider never using social login ever again.
I am very pleased with our Amplifi Mesh Wi-Fi System installation but have one security-related issue: For remotely logging in to the router from my smartphone, the remote-access, social login credentials are only ones from two providers: Google and Facebook.
While implementing social login is far easier for developers than building a custom login solution — and social login is often assumed by them to be the path of least resistance since these big companies can protect user credentials better than a smaller company — that “big company is more secure” assumption has been proven false and highly risky:
- KREBS: Facebook Stored Hundreds of Millions of User Passwords in Plain Text for Years
- WIRED: The Security Risks Of Logging In With Facebook
- MEDIUM: It’s time for brands to reconsider social login
- TOM’S GUIDE: 100 Million Quora Accounts Hacked: What to Do
Use of social login also assumes that the user has excellent password practices and/or uses multi-factor authentication, which is usually not the case. So if the user doesn’t implement those best-practices when it comes to protecting their Google or Facebook logins, then Amplifi’s parent company, Ubiquiti, may feel they are off-the-hook in the event of a breach?
I would argue that a blackhat hacker obtaining a social login email and password is trivial (e.g., I can name twenty-five friends and family that have had social accounts hacked in to).
Unless the user has implemented multi-factor authentication, then those social login credentials could be used to gain access to a home WiFi router that use social logins for remote access.
I’ve added this suggestion on the Amplifi community forum to ask the company to have a Ubiquiti-driven login with multi-factor authentication, and in it asked these questions:
- What is your position on security and privacy where it comes to enabling Google and Facebook to potentially monitor outbound traffic from an IP address?
- As such, do you have a security/privacy white paper that outlines how you use the Google and Facebook social APIs, and specifically what you allow Google and Facebook to monitor? (like router IP address).
While I appreciate that our Amplifi Mesh Wi-Fi System is focused on simplicity first and granular level detail on security and privacy second, I’d like to see a public/private key, encrypted, Ubiquiti-delivered remote access login (where I hold both keys) along with multi-factor authentication … at a minimum.
Wanted to show-off a bit with some new gear. I’ve been doing a bunch of tech-coaching for a guy I know and helping him with his website and, along with other client connections, I’ve increasingly been on webinars, online meetings, and Skype group calls. I was sick and tired of my crappy looking video, so I bought a green screen, some lights, and after a lot of goofing around to figure stuff out, it’s all up-and-running and working flawlessly.
For effective green screen video one needs good lighting and, most importantly, a high resolution camera. Unfortunately webcams don’t work (even though so many people insist they do), green-fringing is startling obvious when I’m superimposed over some image or video, so I invested a bunch of time in figuring out how to use my Nikon D500 DSLR as a very expensive webcam!
Here is my set up:
- Nikon D500 DSLR set in Live View with tweaked settings so it doesn’t automatically shut off after 10 minutes! With my lens, this is a $4,000 camera. If you do not have a good resolution camera, then a good mirrorless or DSLR model will set you back $1,000 – $3,000 or so.
- LED Lighting kit = $300 (at Amazon) These LEDs are very flexible. They are bi-color variable with a temperature range of 2300K – 6800K so it is easy to warm up or cool down the color temperature of the light. It also has a brightness range of 10~100%. Pretty dang good for cheap lights!
- Soft boxes for those lights = $80 (at Amazon) I had to have diffusing for these lights as they were just a bit harsh when maxed out in brightness.
- Elgato Green Screen = $160 (at Amazon) Though I’d like one a bit wider, this is the most perfect product of its type I’ve seen yet.
- Blue Raspberry microphone = $220 I own this one since it also works with iPhone and iPad.
Though I already had the camera and microphone, for just under $600 I added good quality green screen video capability. (NOTE: In the photos below you’ll notice a RODE microphone on top of my Nikon D500. I only use that when recording video in to the camera’s storage, usually for remote set ups).
Want to cut the cord with cable TV and go streaming only? Let me tell you about my cutting-the-cord adventure and suggest what you might do if you are considering a move to streaming television, and though the time is now, there are some caveats to be aware of before you get the metaphorical scissors out and start snipping.
MY CORD-CUTTING ADVENTURE
When getting ready to sell our house in October of 2017 — we moved from Minnesota to southern California in mid-2018 — I had the following home theater gear:
- TiVo box as a tuner and DVR
- Sony BluRay player
- Pioneer A/V receiver
- Roku TV
- Bookshelf speakers.
In order to make our house look bigger and get rid of clutter, I boxed up everything but the AppleTV, bought a cheap Vizio sound bar (to replace the receiver and bookshelf speakers) and called Comcast to cut cable (which, by the way, we were paying over $100 per month for!) since we had an early version of DirecTV NOW and could stream local channels too. Comcast tried VERY hard to keep me, but I informed them that we’d sold the house and were moving to an area without Comcast…then it was no problem and they backed-off and let us do it.
I’d considered cutting-the-cord with cable TV starting in 2015, but the time was never quite right. But I continued to hunt around for the best deal and service, so when AT&T announced they were enabling AT&T Unlimited Plus mobile subscribers like us to get DirecTV NOW for $10/month and $5/month for HBO, we immediately signed up. Over time I’ve participated in beta releases as they tested out new features and have never looked back. The kicker though? AT&T just announced two new pricing and packages and are increasing the “grandfathered” subscriber’s price (like mine) to $20/month. Fortunately it still includes our favorite, HBO.
So today we only use our AppleTV….that’s it. The home theater gear mentioned above is still in boxes, nearly 10 months after we moved to California (and I’ll probably sell it). The AppleTV remote controls both the power/volume for the TV and the AppleTV itself, which makes my wife quite happy as we used to have five remotes to control everything in our old home theater.
Our minimalism approach to TV pleases us both and we’ll never go back.
After we cut the cord, we wanted to receive the programming we desired or found interesting, so today we also subscribe to Netflix; Hulu; AcornTV and CBS All Access. Our total out-of-pocket cost for our replacing of Comcast Cable (and we also receive more channels now than we did with Comcast) is:
- DirecTV NOW: $20 (we got the early adopter deal and it is now $50 per month for new subscribers)
- Netflix: $15
- Hulu: $12
- AcornTV: $5
- CBS: $10
- TOTAL: $62
Back in Minnesota we were paying about $120 for Comcast cable TV and $70 for internet (with 75mbps/down and 18mbps/up speeds — “mbps” stands for megabits per second) or $190 per month. (NOTE: We would, however, gain better pricing on our cable TV cost by going to the Comcast store every six months. They’d explore packages and get us a better deal on TV…so we were often paying $25-$40 less for TV than that $120 per month).
Here in California we are paying $62 per month for all our TV coming through DirecTV NOW, and those TV apps mentioned above, streamed to our AppleTV. We pay $90 for fiber internet with speeds of 300mbps/down and 30mbps/up for $152 per month (NOTE: my internet was only $54 per month, but I had to add an additional 500GBs per month since we were using close to the 1 terabyte ceiling of data per month!). I foresee being able to lower costs for those other TV apps as services become more robust and bundle them, so hopefully we won’t have to subscribe to a bunch of other TV-app-services forever.
After I switched from Google Chrome back to Firefox, I’ve never second-guessed my decision. Especially because I use Firefox Quantum: Developer Edition every day as well, but primarily it’s when something as cool and useful as Firefox Send debuts.
Mozilla, the non-profit behind the Firefox browser, just released Firefox Send and, even though I’d used the beta version some weeks ago, I tried the final released version just now.(Please note that the servers are slammed this morning so be patient as the Send app loads).
With Firefox Send you can share files up to 2.5 GBs in size through your web browser and they will be end-to-end encrypted to its destination.
To get started:
1. Go to https://send.firefox.com
2. In the upper right click “Sign in/up”
3. Create a Firefox account and activate it via the email sent to you
4. Go back to https://send.firefox.com and try uploading one or more files (up to 2.5 GBs, of course). You can choose to have the file(s) download expire after 1 – 100 downloads and/or by placing a time limit the download will be available of 5 minutes | 1 hour | 1 day | 7 days. Most importantly you can also protect the file(s) download with a password .
5. Once your up-to-2.5 GBs of file(s) are uploaded, you can copy the link to share with one or more people:
There is a power in getting away from our “shoulds” and I’d like to explain why it can be powerful for you too.
My wife and I would occasionally use Marriott points to spend a weekend night in a hotel, which often elicited a “wink-wink” or nod from friends and family. We’d feel like we were sneaking away, having an affair, and sometimes even felt a bit guilty that we weren’t being “productive” with our time.
But the power lay in getting away from our “shoulds” at home and it felt incredibly liberating to escape them. When at home there are always seemed to be a laundry-list of shoulds just hanging over our heads:
- ”I should be fixing __________”
- ”Laundry needs to be done and we should do a few loads”
- ”That closet needs to be cleaned out and we should do it soon”
- …and so on.
Often I couldn’t even walk through my own house without seeing all the shoulds and both of us rarely gave ourselves permission to just hang out, relax, and table the shoulds for a set period of time.
Don’t get me started on all the “work shoulds” too. Like you, we would usually need three or more days of a one week vacation to begin to forget all the shoulds at work. When working day-in and day-out (including weekends since we’re self-employed) meant that shoulds could be done any time and they were always out there waiting for us to do them!
But every time Michelle and I have been able to leave our shoulds behind — and felt free to think, talk, watch movies, goof around, hold hands, explore and play — we have always come back refreshed and renewed…and have been better people, more relaxed ones, and eventually more productive because of leaving them behind, if only for a short time.
Give it a try. Put yourself in situations where you are removed from your own shoulds (and couldn’t do them even if you wanted to!). I guarantee you’ll feel the freedom too.
One of THE most amazing technologies on the Mac ever, was a software “stack” builder called HyperCard, created by a guy named Bill Atkinson (whom I met in Chicago in 1987 just after HyperCard was launched). Now a developer, Josh Deprez, has created this ‘virtual’, 9-inch, Macintosh (running System 7.0.1) with a “Disk 1” loaded in to it. Inside that “disk” is a Hypercard stack.
What’s HyperCard? Here is a brief explanation from the entry on Wikipedia:
HyperCard is based on the concept of a “stack” of virtual “cards”. Cards hold data, just as they would in a Rolodex card-filing device. Each card contains a set of interactive objects, including text fields, check boxes, buttons, and similar common graphical user interface (GUI) elements. Users “browse” the stack by navigating from card to card, using built-in navigation features, a powerful search mechanism, or through user-created scripts.
Fun to play with this virtual machine and the stack, but also to remember me how far we have come when it comes to computing and devices! The machine I spent most of my time using HyperCard on was my beloved Macintosh SE/30.
Having that machine enabled:
- My daughter to learn about computers (we always played Cosmic Osmo when she was a toddler along with SoundEdit so I could change her voice to a chipmunk-like voice)
- My wife and I to launch Marketing Directions, Inc. and her business The Trend Curve™. The first newsletter I created was built on that SE/30 and Aldus PageMaker, the first wildly successful page layout program.
I’m posting this since I’m becoming increasingly concerned about the growing negative attitude toward immigrants. Unless you are a native American, everyone else is an immigrant (though it could be argued that, since Columbus ‘discovered’ America, we were conquerors). Be nice, kids and adults.
According to a 2008 Hakes auction, this superhero item was released as a school book cover in 1949 and was distributed by the The Institute for American Democracy Inc.:
Always thought I was mostly German because my paternal great-great grandparents emigrated from Germany in the mid 1800s. But my own research, including the 23andMe results you see in the photo, show I’m more than 50% Irish and British because both sides of my ancestry had roots in what’s now the United Kingdom.
The more I learn about DNA, the more certain I am that we are all connected. There are humans living today, with whom I share DNA, in a whopping 67 of the 195 countries in the world (including China, Nigeria, India and more). Of course, the ancestors of all of the people with whom I’m connected here in the United States were immigrants. Just sayin’ for all the “immigrant haters” that might read this post.
Today I reached out to a woman I’m connected with on 23andMe since we share 3.5% of our DNA and are considered second cousins.
It turns out our maternal grandmothers were sisters! That’s opened up a new discussion about family history that I’ve just begun to explore.
Yes, there are some geneticists debating how precise these geographic disbursed results are, but virtually everyone I’ve connected with so far prove to me that it’s pretty dang accurate.
As an aside, there is a very interesting piece over at Harvard University’s blog called “Science in the News.” The post is an opinion piece about How Science and Genetics are Reshaping the Race Debate of the 21st Century if you are at all interested in how our learning about our connectedness is continuing to provide fact-based evidence against prejudice and racism.
As I’ve been dubbed “Mr. Security” by my friends, family and clients (I pay significant attention to, and use, cybersecurity, privacy and software measures) but my pleadings with them to be secure often are ignored…until they get hacked. Then they plead with me to help them out and get their digital life on track. Usually it’s too little, too late, and the work to recover is enormous.
You should care deeply about your digital life and its security, especially since the risk of getting hacked is exploding! The World Economic Forum in its 2018 report (PDF) said blackhat hackers are gaining the upper-hand in cyber warfare…and they are coming after you…and even the experts can’t keep up:
“Offensive cyber capabilities are developing more rapidly than our ability to deal with hostile incidents.”
Here’s the good news: if you haven’t yet been hacked it’s likely you will at some point, so lets get you cyber secure NOW!
I was delighted this morning to discover this Security Checklist, “An open source checklist of resources designed to improve your online privacy and security. Check things off to keep track as you go.”
The Security Checklist is very comprehensive, easy to follow, and one you should look at and implement as quickly as possible. It gives you the “why” and specific resources to use for each category, making this pretty brain-dead-simple to follow and implement:
- Password Manager
- Create a strong device passcode
- Use two-factor authentication
- Set up a mobile carrier PIN
- Encrypt your devices
- Freeze Your Credit
- Use 184.108.40.206 for DNS resolution
- Use a VPN
- Cover your webcam
- Use a privacy-first web browser
- Use a privacy-first search engine
- Review app permissions on your devices
- Review your social media privacy settings
- Educate yourself about phishing attacks
It seems that everyone is ordering products (and food) online and expecting fast and good delivery of those ecommerce orders. But let me say that, in practice, our experience is that so much of the delivery process breaks down and we have NOT seen it work well.
Plus I’m scratching my head over how the economics of this shipping of everything — and its efficiency…or lack thereof — impacts profitability.
Here are a few examples which all happened in the month of December:
- THIRD-PARTY DELIVERY SERVICE: My wife orders a home office desk from Wayfair with “white glove” service (they bring it in, set it up, and place it in the room of your choice). It arrives a couple of weeks ago damaged (the corner of it was smashed) but Wayfair makes good on it and sends a second desk. When it arrives the driver doesn’t even bother to bring it in since it also is damaged! She’s now waiting for a third desk and Wayfair has lost their ass on this order.
- UPS: I order a Herman Miller chair for my home office. It arrives but is the wrong color and is sent back.
- THIRD-PARTY DELIVERY SERVICE: A heavy area rug (with dirty packaging) arrives from Hayneedle and one guy is on the truck. He tries to bring it in the house and damages three walls in our brand new house.
- UPS: I order shoes directly from Hoka One One and paid extra to ensure delivery on 12/31/18. Everything is confirmed (over-and-over again by texts and emails) but UPS doesn’t bother to show up until January 2nd. No explanation but I did get a refund on the shipping from Hoka.
- THIRD-PARTY DELIVERY SERVICE: We buy a high-end, 65″ Sony OLED TV from Best Buy. Geek Squad installers are booked for weeks so I reluctantly agree to have one of their “licensed and bonded” 3rd party installers deliver, mount and set up the TV. We pay extra for the service. One guy arrives and I ask him, “How can one guy mount this TV?” He responds, “I figure you or your son can help me lift it up.” I make him get a second guy, he waits outside for an hour, both the guys are pissed off (and make sure I’m aware of it), and basically slam the job together as fast as they can. Yes, this is being escalated to Best Buy Corporate.
- DOMINOES: Yes, this last one is a bit bizarre, but my son and I order a pizza from Dominoes for lunch yesterday and online it states it will arrive in less than 30 minutes, guaranteed. 45 minutes later Alex calls and is told “We’re super-busy and it will be there in about 20 minutes.” An hour and a half after ordering the pizza arrives. It is cold and looks like it drove around in the delivery car upside down. The Dominoes guarantee states you can get your money back if you take the uneaten pizza back to the store within one hour (the store is 20 minutes from our house) and have the receipt (it was a charge so the driver took the receipt). So the “guarantee” is basically bullshit (Our Guarantee: If you are not completely satisfied with your Domino’s Pizza experience, we will make it right or refund your money).
Must admit we’ve had many other deliveries that went well like a sofa we’d ordered, but the overall experience of delivery is not good. Perhaps it is the holiday season and more orders than usual, but that means operations people don’t have their act together and have planned poorly.
Today’s article about Target scaling up to delivering everything they sell seems exciting, but the promise of fast delivery doesn’t hold up to the reality.