It looks like you're new here. If you want to get involved, click one of these buttons!
Tonight on GeekNights, we talk about talking at computers with the likes of Siri, Google Glass, Amazon Echo, etc... In the news, the legendary Robert Khoo steps down from Penny Arcade and Child's play. He will be missed, and we wish him a hearty GLHF with whatever he's up to after this. Apple has WWDC 2016, where they announced some things.
The GeekNights Patreon continues! So too do the GeekNights Tshirts! And the GeekNights Forum!
Download MP3
Comments
Dude has to have made some nice money, for sure, but I don't think he's idly rich in his 40s yet.
I hear that in the future Apple plans to use your heart beat as an extra biometric reference to you, so in a way the watch could be even three factor.
They also had an Apple Pay feature that popped up something on your laptop screen, and you use your thumbprint on your nearby phone to authenticate. That's something you have, something you are, and to unlock the phone previously something you also know.
A combination of login pin, heartbeats, thumbprints, and all three devices checking each other should be pretty secure.
That said, I don't have a password on my laptop. If my watch could unlock it, for me it would be a massive step up in security, not a small step back.
While multi factors like things you are and things you have are great, the thing you know is and always will be the most important. Police or bad guys who arrest you or steal your things can access the things you have or are. They can't force out the things you know. It's the last line of defense, at least until GitS tech comes along.
Everything should be protected with a very secure password or passphrase. The fact that you don't lock your laptop is insane. Worse than not locking your house or your car. Even in my own home and at work, I lock whatever computer I am using every time I stand up. On my iOS devices I use the full password mode, no worthless pin.
And yeah, it's a worthless four digit pin.
You've got to remember that for 99.9999% of people, a passcode on their phone or other device is purely about "keeping people honest". It's exactly like how if someone wants to break into your house, no lock on any door or window is going to stop them. But for criminals of opportunity, a locked door is enough for them to just check the next door, and the next, and the next, until they find one unlocked.
So the pin isn't worthless. It is the exact right balance between annoyance of having to unlock it in the morning combined with the ease of the Touch ID to generally keep it available or the sensor on the back of the watch knowing you haven't taken the watch off since you entered the pin.
That's all I need, that's all I want.
And while you might only need or want your very light amount of security, you'll sing a different tune once you get fucked over. Like people who don't make backups and lose all their irreplaceable data, it's a disaster waiting to happen. If someone has your unlocked phone, they have your email. If they have your email, they have everything. From your steam account to your bank account, your entire life will be fucked. You will be very upset when you realize how little recourse you have to repair the situation afterwards.
Or you could avoid it and just type in a password a few times here and there.
If you leave your phone on a table and someone fucks with it because you are still in watch range... what the fuck are you doing! Why are you leaving your phone on the table? Why are you around these people? Something is wrong here.
On the other hand, the software can protect itself. If you haven't touched your phone in a while, watch unlock or geofence isn't gonna be good enough. Prove you are really you. On Android, if it's been a few hours, then good luck, it's password only. Not even the fingerprint is allowed (and for good measure, as we already discussed how it can be fooled).
I've got all of this set up, but my real hope is security by obscurity, that my battery will die before any sort of authorities could find a USB-C charger
This is exactly the point. Apple just made a bunch of announcements about all the new things they are enabling you to do on your phone without unlocking it, and not just take photos. If you don't disable these features, and remove lock-screen notifications form important apps, someone who simply has your phone will be able to access your email, and then every aspect of your life. Even if they can't guess your measly 4-digit pin, it won't matter because they won't need to.
Also, fingerprint is worthless. Anyone who grabs your arm can unlock your phone. The government can also force you to unlock your phone for them. They can't force you to divulge a password. It's truly secure in your mind. Also, hacks.
It's the same thing that drives there to be really obvious bad choices in terms of features of these systems, because the engineers never thought about, "Oh, what does this mean for a woman using this tool?"
Also, most headsets have a button that on Android phones, calls up Google Now.
There are still many people out there that don't use Gmail.
Also, encryption is, for me, a good way losing my data. All I need is to forget a password and whatever was on that backup hard drive or archive hard drive is as good as gone. I keep all my in-home backups and archives unencrypted for that very reason. Backblaze keeps my data more secure, I hope.
If someone manages to steal my laptop, and my backups, and my archives, and get access to Backblaze, iCloud and Dropbox, and encrypt all that? Well, all I can say is well done. I'm just not that paranoid.
When it comes to encryption, I trust my own abilities less than I distrust other people. Laziness isn't really much of a factor.
Keep the password simple. If you don't want to remember a bunch of random numbers and symbols, stringing a couple of words together should get the trick done.
Write it down. Self-explanatory. Grab a sticky note, write the password down, and keep it safe.
As for losing your laptop, that's your worst case scenario! Yours is unlocked! Someone can open it and start reading your email, and reset all your passwords to everything. Game over. I don't imagine you are logging out of GMail constantly, are you? The possibility of losing your devices is the #1 reason you should make sure they are all securely locked.
As for having your accounts tied to a single device? I don't have any such thing. I don't even understand this concern.
Then again, will power is also essential. You have to not only remember your passwords, but also have the ability to never ever ever tell anyone. Not even your own family.
As for having passwords written down and remembering which one goes where, I highly recommend the password card.
https://www.passwordcard.org/en
The card is absolutely meaningless and useless to anyone that finds/steals it. You can just leave it on your desk next to your computer out in the open. You can look at it and remember your passwords easily, but nobody else can.
You can keep it simple like bank password = start at the $ sign and go down.
Or you can get fancy.
Forum = smiley face, go diagonally down to the right then back up again in a V shape.
You don't even need a physical card, since there are apps for iOS and Android. Just Remember the key for the password card and put it in a file somewhere. Then you can regenerate the same card again if you ever lose it. That's just one number for the safe deposit box.