go to sections menu

The Technology blog and podcast

This is for the technology blog and podcast Commentary, articles, and podcasts

header picture for Ingegno theme

You are here: Home [0]

Go to contents or to navigation menu

More about multi-factor authentication

Earlier, I penned an article that talks about passwords. While I didn’t put the NCSAM tag on that blog post, NCSAM is in its title.

If you missed that blog post why not check it out?

Today, we’re going to talk about two-factor or multi-factor authentication. Both are pretty much the same, and is explained well in a Sans blog post from last year’s NCSAM.

As we tend to do, we like to share great blogs like this one, so we’re going to do just that.

With this blog, you’re going to learn more about why people are recommending us to use what is now being called passkeys. Its basicly authentication like we do already with your device. You just need to use your favorite biometric available from what I understand.

Would you like to learn more from those who know more than I do about this type of MFA? What is Phishing Resistant MFA? is the article title and I feel that we should share it.

Feel free to pass it along if you have learned something. Sharing is power!

Comments (0)

Is it a good idea to share passwords? Not so fast

Dad said I could use his Amazon account. Someone else said to cancel my Amazon account and use theirs. Kim and others say not to share passwords, although providers have said it isn’t a good idea.

Now, enter Disney. Like Netflix, Disney is going to follow in their footsteps. Starting November 1, 2023 in Canada, they’ll be cracking on password sharing. We talked about Netflix in the past, and something has to give.

Disney has lost 11 million in revenue according to the article, and some of that is because of sharing passwords.

Disney says they’ll enforce the password sharing rules they set out, and I’m sure its possible.

Read the full details in the article titled: main region which gives all the details on how this is going to work.

Comments (0)

Today in the Kim Komando Newsletter

Today on the Kim Komando newsletter, it talks about malware being put in to your chat GPT, Bing or Bard sessions. Its more to happen with Bing, as Malwarebytes reported, one ad was quite nasty. Yes, even the scammers want to know you’re human, so they put up those captchas on a page and then redirect you elsewhere. I’ve seen it on something I didn’t think was malicious.

You may be able to find a link to this through Kim’s site but I don’t have one in the newsletter.

Trust me, you don’t want malware on your device, and while we disabled hardly click on ads, these pop up within the chat.

Comments (0)

Epic Games eliminates staff, Bandcamp

Epic Games has been talked about through the years on this blog and podcast series. According to Epic Games is eliminating 16% of its workforce and selling Bandcamp from CNBC, this is going to be very interesting.

Here’s the boost that came across my desk with the link to the article.

Celeste, AKA DJ Celrock!: Boosting Joe Ortiz (joeo10): If you’re using #Bandcamp, I would strongly advise getting two external hard drives depending on your size and download your purchased #music ASAP since the new owners are a marketing B2B company and I know where this is eventually going. https://www.cnbc.com/2023/09/28/epic-games-is-eliminating-16percent-of-its-workforce-and-selling-bandcamp.html

I would not be surprised if Songtradr is going to push the #enshittification button on it. https://www.songtradr.com/blog/posts/songtradr-bandcamp-acquisition/

Songtradr acquires Bandcamp is the press release.

According to the press release, they intend to keep Bandcamp from Within the music industry. I guess we’ll see what happens with that.

Hopefully, Epic can figure themselves out now that they don’t have to worry about Bandcamp.

Comments (0)

Comedy bit: “This Phone is Sneezing!”

Hello everyone,

From time to time we start busting up laughing. But this one is too good. Did you even know that a phone could sneeze? We’ve heard the kitty, the horse, but did you really hear this from podcast 162 aired on the 27th of September?

If not, download this 3.1mb file where we took the clip and even what Nick probably never heard either.

I’m leaving this up for people to get any time they want a great laugh. Thanks for listening!

Comments (0)

Progress, the makers of Moveit, discloses maximum sevarity bug

This can’t be good for the makers of the software that has been given a lot of coverage through the past year with multiple vulnerabilities that have lead to compromise of data.

I can’t blame them for all of it, they have patched the software, but users are responsible for updating it. This vulnerability that Bleeping computer is talking about is in the SFTP (Secure file transfer protocol) portion of the program. They call it WSFTP, but I don’t know what the W stands for.

The full article is titled Progress warns of maximum severity WS_FTP Server vulnerability for those who need to read about it. This is definitely unfortunate, as I know that they’ve been through a lot lately.

I urge those who use this software to update. I know the article is a few days old, but we must push this out. Make it a great day.

Comments (0)

NCSAM week 1: How about them passwords?

How about your passwords? Since the beginning of time, passwords have been the cornerstone of the Internet. From those that used Dos, to those that use Windows, we all have passwords.

I want you to know that Dos in this case was the operating system used before Windows, developed by Microsoft. DOS can also mean denial of service, but we’re not talking about that term at this time.

I’m not going to give you actual passwords, but I want to give you examples of what we used early, and what might be recommended today.

When I started, I had a number/letter combination. Note, that all of the letters may have been lower case, but I’m using upper case here so the sighted can see it clearer, although readers will still have it pronounced.

So, let’s say that my password was 2FRO8MI9. I was able to use it where I needed it, and I didn’t have to worry about it much.

Even when I personally went to Windows, I didn’t have any reason for me to change my habits.

As I’ve learned by reading early security newsletters from the now defunked about, things needed to change including using AntiVirus which I did do once I moved to Windows that supported it.

This isn’t necessarily dealing with AntiVirus, but know that it can do much more than virus scanning, it can assist with the threats of today including Ransomware.

So what has changed between then and now?

I recently read that your typical 12 to 20 character password may not be enough. Passwords today must not contain words from the dictionary unless it coincidently is a word as part of a passphraise. We’ll talk about passphraises later. For now, just know that we are learning that it must be 32 characters or longer.

I don’t want to necessarily recommend people go longer than they have to. I know folk that don’t like these new rules, their (codes) work fine for them, but with the numerous breaches, we can’t take that chance.

Your phone comes with a password manager. I recently reset a password I needed to as I didn’t remember what it was. I let the phone create one and I went along my way.

Here is what they recommdend.

  • Upper and lower case letters
  • numbers
  • Symbols
  • length of at least 12 characters

“Jared,” you’re writing, “How am I supposed to do that?” There are password managers out there like Lastpass, Keypass and One Password.

These password managers are three of quite a number out there, see what works for you. You can make them do words and things, but make the password long and harder to guess.

Passwords today should have something like AfRo$2!9pmfG as an example of a 12 character password. “But Jred, you’re making it hard for me!” That’s the point! The point is to make it hard for you, and he actor who wants your bank password to get it.

You can Use a passphraise too. If the sentence is: “This password advice is full of shit. I’m going to have to do something to you!” You can use some combination of letters and symbols to make something unique that you can remember. You know that’s the phraise sentences, so make that unique to you!

Some letters can be used in different ways like s for dollar sign, the letter I for exclamation, and there may be others. You’ll figure out your own way of doing things

I hope that these things are of value and may make you more cyber secure this year. Don’t forget to turn on that multi-factor authentication if available!

Comments (0)

The Security box, podcast 162: Second week of open forum

Hello folks,

Just recently, the RSS feed got the podcast, and now its time for the blog to get it. Don’t have RSS? No problem! Here is the 148.3mb copy for you to have.

We hope you enjoy the program as much as we have putting it together for you, and we’ll see you for week 1 of NCSAM!

Here are the show notes.

Welcome to the security box, podcast 162. On this edition of the podcast, we’ll run through the blog and list, anything else on audience insights and more. This is week 2 of the open forum. Hope you enjoy the program!

Comments (0)

News Alert, Senator Diane Feinstein dead at the age of 90: actors will take advantage

While I normally don’t post news items like deaths of people, shootings and the like, we’re going to start NCSAM really soon and this could be something that you might want to talk about as your strategy.

Actors will stop at nothing to get their wares out on the Internet. Twitter, now known as X put multiple items on my phone about this from multiple different accounts. Its now the top story on KNX.


Why am I posting this to the tech blog? Simple. Actors will come out telling you that you could learn about this important figure’s death by clicking on a link. The link could be something like dianefeinsteinexample.click (don’t go there) as an example.

While the page could look like a news site, there’s something you should think about. With the example mentioned above, have you ever been there and have you heard it advertised to learn about the Senator and what might be going on with her?

Here’s what you could do.

  • Check the domain. Each domain has a registration date. Icann whois lookup and whois search are two different sites. If the domain is just days old, just be a little suspicious.
  • Wikipedia might be another good site to check for facts. With people like Diane, there may be a page on her. It might be a little torn up right now as news is just coming out and it will be updated as info is known, but its a start.
  • Searching the person’s name will in most cases come up with the actual page of what she’s done. Look at the URL to make sure you’re where you want to go.

Just searching Diane Feinstein gives twitter results and live news updates. Your search engine may vary.

Use reputable web sites for news like KNX MSNBC CNN and others that you are more familiar with.

Don’t rely on email or text messages to give you your news like this important news that is going to go around the country. Use reputable sites and services you trust.

Thanks so much for reading, do make it a great day! Stay safe out there!

Comments (0)

Amazon to charge for Alexa services one day?

I won’t say one way or another whether Amazon will charge for its services. But I did see this article talking about something I also received by email. That is, Amazon will now discontinue Alexa Guard and charge for emergency services.

But I don’t know if anything will be able to have conversations with us, seeing how Chat GPT apparently get things wrong and has started to get dumber. This is coming from technology expert Kim Komando, this isn’t me saying this about chat gpt.

With that said, I have tried Be My Eyes AI, and I used it for a very specific reason. It recognized that it was the same person and it gave me enough to get what I wanted.

I also saw a doctor about my concerns too, so I just didn’t rely on this alone.

No price is given on Alexa generative AI, and the person mentioned in the article will be leaving Amazon at the end of the year to take another position.

Other executives from the September 20th presentation pretty much said the same thing.

From Ars Technica, the article is titled Amazon wants to charge a subscription fee for Alexa eventually.

I guess we’ll have to see what happens, and whether this eventually comes true. It’ll be interesting to see how this space works out. I guess Siri can already do this with this latest update to 17 if I’m not mistaken, so we’ll see how Amazon will work in the future.

Comments (0)

I’ll be putting this one up … 55 percent of people have been scammed

I spotted this while browsing Kim Komando’s site as the articles section hasn’t been updated as of late. 55% of Americans have been scammed – Keep yourself safe online and offline is the article that I spotted and its quite interesting.

Tell your story, report it if necessary, and be safe.

I think this article has some good things in here. Be aware.

Comments (0)

Do Cars need to know about your sex life? Here’s the podcast

Hello folks,

Earlier, I blogged a post telling car companies they needed to get their act together. For those who need that blog post, here it is. It talked about research that Mozilla did in their “security not included” series.

The gist of this is that car companies are the worst for security, although Tesla does mention that you can opt out although the car won’t work as it supposedly should otherwise.

Two days ago, MalwareBytes released a podcast about this. Its a 43 minute listen and it will be provided to you here. It will probably be talked about in upcoming podcasts along the network, althought this blog post we link to was discussed at the time.

Want to have a 60.1mb file? Here is the 60.12mb file of the podcast from Lock and Code discussing the topic of cars. If you know anyone who drives, pass this blog post along. We need to get the word out on how bad this is.

The file will be available for 20 weeks. Enjoy!

Comments (0)

Here’s news about IOS 17.0.2

On Saturday, I was talking about IOS 17.0.2 to some folks, and at that time, it was only available to IOS 15 phone owners. The JRN’s Terry Ring indicated that someone he knew didn’t have any trouble transferring data from one phone to another.

In the article I’m publishing today, IOS 17.0.2 is available for all phones that have 17 compatibility. I hope that this article is of value to folk.

Its titled Apple releases updated iOS 17.0.2 build for all iPhones to fix data transfer bug and comes to us from 9to5mac.

The Mix’s Tim Appleby boosted this one, thanks Tim!

Comments (0)

Important breach notification, Soni Playstation, 900 colleges and healthcare

This is massive and a large notification. I saw this in a breach notification from Kim Komando, and here’s the article on it titled Data breach warning: Sony, 900 colleges, health care org and more targeted.

We need to do our part as I’ve continually said numerous times through these podcasts.

Its not enough for us to sit back and let the world go by. We must be aware of what is going on with these breaches.

Check out the article for complete details. Its the same info I got in the breaking news newsletter.

Comments (0)

Could Trans Union be in the cross hairs of another potential breach?

I heard this on the Cyber Crime network through their podcast, apparently they’re in the crosshairs of yet another breach. They, in this case, is Trans Union.

Searching this out, I found an article from Security Week, they’re flat out denying it, saying that the formatting is different than their data, and one thing mentioned is that the data goes back to March of 2022.

If this breach is true, and I’m not the expert to say it is, its yet another breach that will go in to the “Why did it take too long” department of us citizens being notified.

The article for this is titled TransUnion Denies Breach After Hacker Publishes Allegedly Stolen Data and was the first article I spotted on the matter.

I don’t know about you guys, but if this breach is true, they should pay a penalty just like L.A. Care Health had to. No company hould be immune for blatent breaches. For their defense, they did say in the article that it didn’t match their database, but who is to say you changed your database from that time to now? Just putting it out there.

If you’re a concerned citizen like I am, we should start asking questions. Serious ones.

Comments (0)

Google maps doesn’t update much?

I had some Kim Komando minutes to catch up on.

Seems like Google hasn’t updated maps in awhile in awhile. I’m not talking about the application itself, I’m talking about the maps themselves.

She tells a story of a guy who used the maps application to get him around town, somewhere he’s never been before.

The road has been reported to Google as it had been washed out and the car went in to a ravine. Google was notified about this road prior to this accident, and the minute indicates that there could be other updates they missed.

One thing to note that I didn’t mention that was in the minute, was that the visibility was poor that particular day.

I don’t think it mentioned a city where this took place.

Be careful folks. Be as aware as you can.

Comments (0)

Mark Cuban lost quite a bit … you can too

With many ways to be threatened, you must be as safe as possible. I’ve talked through the years of tech and the new series TSB about how I’ve been taken advantage of by various things.

If Mark Cuban searched for something and got bitten, you can too. As I said on Saturday, this type of thing can happen to you, me, and our hosts and supporters.

There have been stories out there that indicated that security experts, those who dole out info get hit. Its human nature.

In this three minute read, you’ll learn what happened to Mr. Cuban and ways you can protect yourself if you use crypto currency.

The title of the article is called Steer clear of cryptocurrency recovery phrase scams and if you’re in to Crypto, please read this one.

I’m passing this along to you, so you’re aware of what’s going on. Stay safe!

Comments (0)

Mixin suspends withdrawls and deposits after getting hacked

Bloomberg is reporting a short article about this company titled Mixin. Apparently,, the breach was caused through a third party cloud provider.

You’re welcome to read the article Defi Project Mixin Network Suspends Services After $200 Million Crypto Hack for complete details. If you use this, you should be aware.

Stay safe!

Comments (0)

Podcasts in a different language

Spotify, the rebranded Ancor platform this podcast is using, is looking to use Open AI and other partners to translate podcasts from English in to other languages.

The article, coming from the Verge, indicates that this is in a limited capacity and names are given to whom is given the tech in the beginning.

While I don’t know these folk, this could get interesting when it rolls out, as podcasts like TSB could in theory be translated in to other languages.

I guess we’ll see how it goes. I’d consider this beta for now.

Spotify is going to clone podcasters’ voices — and translate them to other languages/

Comments (0)

X, formerly known as twitter, now is offering the ability to use government identification for paid accounts

According to an article by the Verge, X can now get governmental ID as part of verification. The company, who is based in Israel, can hold on to this data for at least 30 days.

I’m still not convinced about paying for such a service, seeing that we don’t know what real benefit it’ll give us.

X can now ask users for government IDs to verify their paid accounts/ is the article and you can do with it as you wish.

Brian Krebs boosted this one.

Comments (0)

Older Posts »

go to sections menu

navigation menu

go to sections menu