The Technology blog and podcast
This is for the technology blog and podcast Commentary, articles, and podcasts
More about multi-factor authentication
Earlier, I penned an article that talks about passwords. While I didn’t put the NCSAM tag on that blog post, NCSAM is in its title.
If you missed that blog post why not check it out?
Today, we’re going to talk about two-factor or multi-factor authentication. Both are pretty much the same, and is explained well in a Sans blog post from last year’s NCSAM.
As we tend to do, we like to share great blogs like this one, so we’re going to do just that.
With this blog, you’re going to learn more about why people are recommending us to use what is now being called passkeys. Its basicly authentication like we do already with your device. You just need to use your favorite biometric available from what I understand.
Would you like to learn more from those who know more than I do about this type of MFA? What is Phishing Resistant MFA? is the article title and I feel that we should share it.
Feel free to pass it along if you have learned something. Sharing is power!
Comments (0)
Is it a good idea to share passwords? Not so fast
Dad said I could use his Amazon account. Someone else said to cancel my Amazon account and use theirs. Kim and others say not to share passwords, although providers have said it isn’t a good idea.
Now, enter Disney. Like Netflix, Disney is going to follow in their footsteps. Starting November 1, 2023 in Canada, they’ll be cracking on password sharing. We talked about Netflix in the past, and something has to give.
Disney has lost 11 million in revenue according to the article, and some of that is because of sharing passwords.
Disney says they’ll enforce the password sharing rules they set out, and I’m sure its possible.
Read the full details in the article titled: main region which gives all the details on how this is going to work.
Comments (0)
Today in the Kim Komando Newsletter
Today on the Kim Komando newsletter, it talks about malware being put in to your chat GPT, Bing or Bard sessions. Its more to happen with Bing, as Malwarebytes reported, one ad was quite nasty. Yes, even the scammers want to know you’re human, so they put up those captchas on a page and then redirect you elsewhere. I’ve seen it on something I didn’t think was malicious.
You may be able to find a link to this through Kim’s site but I don’t have one in the newsletter.
Trust me, you don’t want malware on your device, and while we disabled hardly click on ads, these pop up within the chat.
Comments (0)
Epic Games eliminates staff, Bandcamp
Epic Games has been talked about through the years on this blog and podcast series. According to Epic Games is eliminating 16% of its workforce and selling Bandcamp from CNBC, this is going to be very interesting.
Here’s the boost that came across my desk with the link to the article.
Celeste, AKA DJ Celrock!: Boosting Joe Ortiz (joeo10): If you’re using #Bandcamp, I would strongly advise getting two external hard drives depending on your size and download your purchased #music ASAP since the new owners are a marketing B2B company and I know where this is eventually going. https://www.cnbc.com/2023/09/28/epic-games-is-eliminating-16percent-of-its-workforce-and-selling-bandcamp.html
I would not be surprised if Songtradr is going to push the #enshittification button on it. https://www.songtradr.com/blog/posts/songtradr-bandcamp-acquisition/
Songtradr acquires Bandcamp is the press release.
According to the press release, they intend to keep Bandcamp from Within the music industry. I guess we’ll see what happens with that.
Hopefully, Epic can figure themselves out now that they don’t have to worry about Bandcamp.
Comments (0)
Comedy bit: “This Phone is Sneezing!”
Hello everyone,
From time to time we start busting up laughing. But this one is too good. Did you even know that a phone could sneeze? We’ve heard the kitty, the horse, but did you really hear this from podcast 162 aired on the 27th of September?
If not, download this 3.1mb file where we took the clip and even what Nick probably never heard either.
I’m leaving this up for people to get any time they want a great laugh. Thanks for listening!
Comments (0)
Progress, the makers of Moveit, discloses maximum sevarity bug
This can’t be good for the makers of the software that has been given a lot of coverage through the past year with multiple vulnerabilities that have lead to compromise of data.
I can’t blame them for all of it, they have patched the software, but users are responsible for updating it. This vulnerability that Bleeping computer is talking about is in the SFTP (Secure file transfer protocol) portion of the program. They call it WSFTP, but I don’t know what the W stands for.
The full article is titled Progress warns of maximum severity WS_FTP Server vulnerability for those who need to read about it. This is definitely unfortunate, as I know that they’ve been through a lot lately.
I urge those who use this software to update. I know the article is a few days old, but we must push this out. Make it a great day.
Comments (0)
NCSAM week 1: How about them passwords?
How about your passwords? Since the beginning of time, passwords have been the cornerstone of the Internet. From those that used Dos, to those that use Windows, we all have passwords.
I want you to know that Dos in this case was the operating system used before Windows, developed by Microsoft. DOS can also mean denial of service, but we’re not talking about that term at this time.
I’m not going to give you actual passwords, but I want to give you examples of what we used early, and what might be recommended today.
When I started, I had a number/letter combination. Note, that all of the letters may have been lower case, but I’m using upper case here so the sighted can see it clearer, although readers will still have it pronounced.
So, let’s say that my password was 2FRO8MI9. I was able to use it where I needed it, and I didn’t have to worry about it much.
Even when I personally went to Windows, I didn’t have any reason for me to change my habits.
As I’ve learned by reading early security newsletters from the now defunked about, things needed to change including using AntiVirus which I did do once I moved to Windows that supported it.
This isn’t necessarily dealing with AntiVirus, but know that it can do much more than virus scanning, it can assist with the threats of today including Ransomware.
So what has changed between then and now?
I recently read that your typical 12 to 20 character password may not be enough. Passwords today must not contain words from the dictionary unless it coincidently is a word as part of a passphraise. We’ll talk about passphraises later. For now, just know that we are learning that it must be 32 characters or longer.
I don’t want to necessarily recommend people go longer than they have to. I know folk that don’t like these new rules, their (codes) work fine for them, but with the numerous breaches, we can’t take that chance.
Your phone comes with a password manager. I recently reset a password I needed to as I didn’t remember what it was. I let the phone create one and I went along my way.
Here is what they recommdend.
- Upper and lower case letters
- numbers
- Symbols
- length of at least 12 characters
“Jared,” you’re writing, “How am I supposed to do that?” There are password managers out there like Lastpass, Keypass and One Password.
These password managers are three of quite a number out there, see what works for you. You can make them do words and things, but make the password long and harder to guess.
Passwords today should have something like AfRo$2!9pmfG as an example of a 12 character password. “But Jred, you’re making it hard for me!” That’s the point! The point is to make it hard for you, and he actor who wants your bank password to get it.
You can Use a passphraise too. If the sentence is: “This password advice is full of shit. I’m going to have to do something to you!” You can use some combination of letters and symbols to make something unique that you can remember. You know that’s the phraise sentences, so make that unique to you!
Some letters can be used in different ways like s for dollar sign, the letter I for exclamation, and there may be others. You’ll figure out your own way of doing things
I hope that these things are of value and may make you more cyber secure this year. Don’t forget to turn on that multi-factor authentication if available!
Comments (0)
The Security box, podcast 162: Second week of open forum
Hello folks,
Just recently, the RSS feed got the podcast, and now its time for the blog to get it. Don’t have RSS? No problem! Here is the 148.3mb copy for you to have.
We hope you enjoy the program as much as we have putting it together for you, and we’ll see you for week 1 of NCSAM!
Here are the show notes.
Welcome to the security box, podcast 162. On this edition of the podcast, we’ll run through the blog and list, anything else on audience insights and more. This is week 2 of the open forum. Hope you enjoy the program!
Comments (0)
News Alert, Senator Diane Feinstein dead at the age of 90: actors will take advantage
While I normally don’t post news items like deaths of people, shootings and the like, we’re going to start NCSAM really soon and this could be something that you might want to talk about as your strategy.
Actors will stop at nothing to get their wares out on the Internet. Twitter, now known as X put multiple items on my phone about this from multiple different accounts. Its now the top story on KNX.
Why am I posting this to the tech blog? Simple. Actors will come out telling you that you could learn about this important figure’s death by clicking on a link. The link could be something like dianefeinsteinexample.click (don’t go there) as an example.
While the page could look like a news site, there’s something you should think about. With the example mentioned above, have you ever been there and have you heard it advertised to learn about the Senator and what might be going on with her?
Here’s what you could do.
- Check the domain. Each domain has a registration date. Icann whois lookup and whois search are two different sites. If the domain is just days old, just be a little suspicious.
- Wikipedia might be another good site to check for facts. With people like Diane, there may be a page on her. It might be a little torn up right now as news is just coming out and it will be updated as info is known, but its a start.
- Searching the person’s name will in most cases come up with the actual page of what she’s done. Look at the URL to make sure you’re where you want to go.
Just searching Diane Feinstein gives twitter results and live news updates. Your search engine may vary.
Use reputable web sites for news like KNX MSNBC CNN and others that you are more familiar with.
Don’t rely on email or text messages to give you your news like this important news that is going to go around the country. Use reputable sites and services you trust.
Thanks so much for reading, do make it a great day! Stay safe out there!
Comments (0)
Amazon to charge for Alexa services one day?
I won’t say one way or another whether Amazon will charge for its services. But I did see this article talking about something I also received by email. That is, Amazon will now discontinue Alexa Guard and charge for emergency services.
But I don’t know if anything will be able to have conversations with us, seeing how Chat GPT apparently get things wrong and has started to get dumber. This is coming from technology expert Kim Komando, this isn’t me saying this about chat gpt.
With that said, I have tried Be My Eyes AI, and I used it for a very specific reason. It recognized that it was the same person and it gave me enough to get what I wanted.
I also saw a doctor about my concerns too, so I just didn’t rely on this alone.
No price is given on Alexa generative AI, and the person mentioned in the article will be leaving Amazon at the end of the year to take another position.
Other executives from the September 20th presentation pretty much said the same thing.
From Ars Technica, the article is titled Amazon wants to charge a subscription fee for Alexa eventually.
I guess we’ll have to see what happens, and whether this eventually comes true. It’ll be interesting to see how this space works out. I guess Siri can already do this with this latest update to 17 if I’m not mistaken, so we’ll see how Amazon will work in the future.
Comments (0)
I’ll be putting this one up … 55 percent of people have been scammed
I spotted this while browsing Kim Komando’s site as the articles section hasn’t been updated as of late. 55% of Americans have been scammed – Keep yourself safe online and offline is the article that I spotted and its quite interesting.
Tell your story, report it if necessary, and be safe.
I think this article has some good things in here. Be aware.
Comments (0)
Do Cars need to know about your sex life? Here’s the podcast
Hello folks,
Earlier, I blogged a post telling car companies they needed to get their act together. For those who need that blog post, here it is. It talked about research that Mozilla did in their “security not included” series.
The gist of this is that car companies are the worst for security, although Tesla does mention that you can opt out although the car won’t work as it supposedly should otherwise.
Two days ago, MalwareBytes released a podcast about this. Its a 43 minute listen and it will be provided to you here. It will probably be talked about in upcoming podcasts along the network, althought this blog post we link to was discussed at the time.
Want to have a 60.1mb file? Here is the 60.12mb file of the podcast from Lock and Code discussing the topic of cars. If you know anyone who drives, pass this blog post along. We need to get the word out on how bad this is.
The file will be available for 20 weeks. Enjoy!
Comments (0)
Here’s news about IOS 17.0.2
On Saturday, I was talking about IOS 17.0.2 to some folks, and at that time, it was only available to IOS 15 phone owners. The JRN’s Terry Ring indicated that someone he knew didn’t have any trouble transferring data from one phone to another.
In the article I’m publishing today, IOS 17.0.2 is available for all phones that have 17 compatibility. I hope that this article is of value to folk.
Its titled Apple releases updated iOS 17.0.2 build for all iPhones to fix data transfer bug and comes to us from 9to5mac.
The Mix’s Tim Appleby boosted this one, thanks Tim!
Comments (0)
Important breach notification, Soni Playstation, 900 colleges and healthcare
This is massive and a large notification. I saw this in a breach notification from Kim Komando, and here’s the article on it titled Data breach warning: Sony, 900 colleges, health care org and more targeted.
We need to do our part as I’ve continually said numerous times through these podcasts.
Its not enough for us to sit back and let the world go by. We must be aware of what is going on with these breaches.
Check out the article for complete details. Its the same info I got in the breaking news newsletter.
Comments (0)
Could Trans Union be in the cross hairs of another potential breach?
I heard this on the Cyber Crime network through their podcast, apparently they’re in the crosshairs of yet another breach. They, in this case, is Trans Union.
Searching this out, I found an article from Security Week, they’re flat out denying it, saying that the formatting is different than their data, and one thing mentioned is that the data goes back to March of 2022.
If this breach is true, and I’m not the expert to say it is, its yet another breach that will go in to the “Why did it take too long” department of us citizens being notified.
The article for this is titled TransUnion Denies Breach After Hacker Publishes Allegedly Stolen Data and was the first article I spotted on the matter.
I don’t know about you guys, but if this breach is true, they should pay a penalty just like L.A. Care Health had to. No company hould be immune for blatent breaches. For their defense, they did say in the article that it didn’t match their database, but who is to say you changed your database from that time to now? Just putting it out there.
If you’re a concerned citizen like I am, we should start asking questions. Serious ones.
Comments (0)
Google maps doesn’t update much?
I had some Kim Komando minutes to catch up on.
Seems like Google hasn’t updated maps in awhile in awhile. I’m not talking about the application itself, I’m talking about the maps themselves.
She tells a story of a guy who used the maps application to get him around town, somewhere he’s never been before.
The road has been reported to Google as it had been washed out and the car went in to a ravine. Google was notified about this road prior to this accident, and the minute indicates that there could be other updates they missed.
One thing to note that I didn’t mention that was in the minute, was that the visibility was poor that particular day.
I don’t think it mentioned a city where this took place.
Be careful folks. Be as aware as you can.
Comments (0)
Mark Cuban lost quite a bit … you can too
With many ways to be threatened, you must be as safe as possible. I’ve talked through the years of tech and the new series TSB about how I’ve been taken advantage of by various things.
If Mark Cuban searched for something and got bitten, you can too. As I said on Saturday, this type of thing can happen to you, me, and our hosts and supporters.
There have been stories out there that indicated that security experts, those who dole out info get hit. Its human nature.
In this three minute read, you’ll learn what happened to Mr. Cuban and ways you can protect yourself if you use crypto currency.
The title of the article is called Steer clear of cryptocurrency recovery phrase scams and if you’re in to Crypto, please read this one.
I’m passing this along to you, so you’re aware of what’s going on. Stay safe!
Comments (0)
Mixin suspends withdrawls and deposits after getting hacked
Bloomberg is reporting a short article about this company titled Mixin. Apparently,, the breach was caused through a third party cloud provider.
You’re welcome to read the article Defi Project Mixin Network Suspends Services After $200 Million Crypto Hack for complete details. If you use this, you should be aware.
Stay safe!
Comments (0)
Podcasts in a different language
Spotify, the rebranded Ancor platform this podcast is using, is looking to use Open AI and other partners to translate podcasts from English in to other languages.
The article, coming from the Verge, indicates that this is in a limited capacity and names are given to whom is given the tech in the beginning.
While I don’t know these folk, this could get interesting when it rolls out, as podcasts like TSB could in theory be translated in to other languages.
I guess we’ll see how it goes. I’d consider this beta for now.
Spotify is going to clone podcasters’ voices — and translate them to other languages/
Comments (0)
X, formerly known as twitter, now is offering the ability to use government identification for paid accounts
According to an article by the Verge, X can now get governmental ID as part of verification. The company, who is based in Israel, can hold on to this data for at least 30 days.
I’m still not convinced about paying for such a service, seeing that we don’t know what real benefit it’ll give us.
X can now ask users for government IDs to verify their paid accounts/ is the article and you can do with it as you wish.
Brian Krebs boosted this one.
Comments (0)
navigation menu
- Archives
- October 2023
- September 2023
- August 2023
- July 2023
- June 2023
- May 2023
- April 2023
- March 2023
- February 2023
- January 2023
- December 2022
- November 2022
- October 2022
- September 2022
- August 2022
- July 2022
- June 2022
- May 2022
- April 2022
- March 2022
- February 2022
- January 2022
- December 2021
- November 2021
- October 2021
- September 2021
- August 2021
- July 2021
- June 2021
- May 2021
- April 2021
- March 2021
- February 2021
- January 2021
- December 2020
- November 2020
- October 2020
- September 2020
- August 2020
- July 2020
- June 2020
- May 2020
- April 2020
- March 2020
- February 2020
- January 2020
- December 2019
- November 2019
- October 2019
- September 2019
- August 2019
- July 2019
- June 2019
- May 2019
- April 2019
- March 2019
- February 2019
- January 2019
- December 2018
- November 2018
- October 2018
- September 2018
- August 2018
- July 2018
- June 2018
- May 2018
- April 2018
- March 2018
- February 2018
- January 2018
- December 2017
- November 2017
- October 2017
- September 2017
- August 2017
- July 2017
- June 2017
- May 2017
- April 2017
- March 2017
- February 2017
- January 2017
- December 2016
- November 2016
- October 2016
- September 2016
- August 2016
- July 2016
- June 2016
- May 2016
- April 2016
- March 2016
- January 2016
- December 2015
- November 2015
- October 2015
- September 2015
- August 2015
- July 2015
- June 2015
- April 2015
- March 2015
- February 2015
- January 2015
- December 2014
- November 2014
- October 2014
- September 2014
- August 2014
- July 2014
- June 2014
- May 2014
- April 2014
- March 2014
- February 2014
- January 2014
- December 2013
- November 2013
- October 2013
- September 2013
- August 2013
- July 2013
- June 2013
- May 2013
- April 2013
- March 2013
- February 2013
- January 2013
- December 2012
- October 2012
- September 2012
- August 2012
- July 2012
- June 2012
- May 2012
- April 2012
- March 2012
- February 2012
- January 2012
- December 2011
- November 2011
- October 2011
- September 2011
- August 2011
- July 2011
- June 2011
- May 2011
- April 2011
- Categories of this blog
- Subscribe to Blog via Email
Join 8 other subscribers
- The tech blog’s pages
- Blogroll
- Crashmasters blog
- Cyberscoop
- Documentation
- Improve Internet Accessibility for Individuals with Impaired Vision
- International friends network stream
- Kim Komando
- Krebs On Security
- Plugins
- Register to this site
- Suggest Ideas
- Support Forum
- supporters and partners
- the blind perspective
- The Jared Rimer Network donations page
- The Phishlabs Blog
- The Security Box discussion list
- The Technology blog and podcast and TSB on amazon music podcasts
- Themes
- toptechtidbits
- WordPress Blog
- WordPress Planet
- “Blind VMS and the Tech podcast join forces”