To get this weekly dose of Reality delivered by email, sign up on our Substack page.
A Quick Plug
Episode 58: So Someone Stole Your Identity
Katherine Druckman and Doc Searls talk to Shawn Powers and Kyle Rankin about protecting yourself online, password and security best practices, and a tragic tale. Don’t miss this opportunity to learn how to improve your own security practices!
Please remember to subscribe via the podcast player of your choice.
More on Passwords
Our latest episode recounts a rather unfortunate story of a personal data breach with possible identity theft, and we discussed password strategies as a means to protect oneself from similar incidents. For a more detailed presentation on password best practices, we suggest enjoying this presentation from regular Reality 2.0 guest, Kyle Rankin.
Speaking of passwords and password managers, we discussed LastPass as a popular favorite password management app, and one used by both Shawn Powers and Katherine Druckman. Coincidentally, just after recording the episode, LastPass announced some pretty major changes to its policies for free accounts. Starting March 16th, free account holders will have to choose whether to use LastPass on computers or mobile devices, but their accounts will not sync across those device types. This is a huge hurdle to usability, and eliminates much of the benefit of using LastPass, so you might want to consider alternatives unless you are interested in a paid LastPass subscription.
Shawn Powers wrote Password Managers. Yes You Need One. in 2019, and it remains relevant. Shawn’s pick was Bitwarden, and lists the following pros:
One developer for all apps.
Open-source!
Cloud-based access.
Works offline if the "cloud" is unavailable.
Free version isn't crippled.
Browser plugin works very well.
Barry Collins of Forbes also recommends Bitwarden:
My recommended course of action is to switch to one of LastPass’s rivals, such as Bitwarden. I’ve written about the brilliant Bitwarden before: it’s free, open source and it works with almost any device you can name.
Bitwarden does offer a premium account ($10 per year) which unlocks extra features, but I’ve been running on a free account for well over a year and it’s perfectly functional without these extras.
Finally, as Kyle Rankin mentions in the episode, his preference is the KeePass format, and thank you to Anthony M. on librem.one for this advice:
@reality2cast @katherined @doc @kyle great episode. Like @kyle I’ve also kept my passwords in a KeePass DB format for a long time. In the last two years I’ve even managed to get my non-tech friends and family to use it as well. I’ve used the following clients with excellent integration to their environments:
Android: KeePass2Android
iOS: Strongbox
Windows & Linux: KeePassXCAll support TOTP natively as well, for management and use of your 2FA credentials.
If you get one takeaway from our harrowing tale, we hope it will be to use a password manager and two-factor or multi-factor authentication where available.
As always, we encourage you to send us our thoughts here in a comment, or on any of our social outlets, or via our contact form.
Site/Blog/Newsletter | Facebook | Twitter | YouTube | Mastodon
This Week’s Reading List
Universal 2nd Factor - Wikipedia — Universal 2nd Factor (U2F) is an open standard that strengthens and simplifies two-factor authentication (2FA) using specialized Universal Serial Bus (USB) or near-field communication (NFC) devices based on similar security technology found in smart cards.
Investing in Real Convergence – Purism — Real convergence means bringing your desktop computer with you wherever you go.
The End of Logins and Passwords, Just for Starters, by Doc, for The Reboot. Bonus link from Phil Windley, one of Doc's sources: Passwords are ruining the Web.
Our vote for the best distraction on the Web: http://radio.garden. (Doc dug it last year at some length.)
Also on the radio topic, Doc answers the Quora question, How can the radio industry stay relevant in the age of streaming music and podcasts?
Alex Birsan: Dependency Confusion: How I Hacked Into Apple, Microsoft and Dozens of Other Companies
The Story of a Novel Supply Chain Attack.Welcome to the 21st Century, in which Doc explains how the stuff he said in a long-mothballed eleven-part interview at a tech conference in 2004 may actually come true now that the 21st Century seems to be starting for real. Bonus link: Ben Thompson in Stratechery details Internet 3.0 and the Beginning of (Tech) History.
This Nielsen piece on "addressible" (read: personalized) ads on "linear" (read: cable) TV is evidence of what Doc wrote in 2016 about the advertising business "driving drunk on digital."
Southern Snow Cream is something they coulda made in much of Texas last week. (Doc: "Made a lot of it in North Carolina during the two decades I lived there.")
Want to know where your cells are? This will tell you why you've got four, three, two, one or no bars of signal.
Adrian Groppertalks Ambient Surveillance on GitHub.
The great Bob Hoffman (aka AdContrarian) on the Next Generation of Horseshit. And, speaking of bullshit, here's how much the term "Chief Marketing Officer" has been uttered in books since 1800.
Just when you thought Clubhouse news couldn't get worse, OneZero says it is "Suggesting Users Invite Their Drug Dealers and Therapists." Perspective: Ben Thompson calls Clubhouse inevitable.
Cory Doctorow and Bennett Cyphers of the EFF unpack Privacy Without Monopoly: Data Protection and Interoperability. As a corollary, there's Doc's If Your Privacy Is in the Hands of Others Alone, You Don’t Have Any.
Thomas Smithunpacks Mozilla's Internet Health Report 2020, which is best read raw in .pdf format. Long on hand-wringing and activism+political solutions, it is surprisingly (to us) short on tech solutions that give us (as individuals and groups) agency and scale.
Bright Line Watch has a lot of interesting stats about the state of democracy and stuff like that. Dig down.
The New Yorker asks Who Should Stop Unethical A.I.? (Paywalled, alas.)
This 116-slide presentation by Benedict Evans floats lots to talk about.
Citizen journalists with Global Voices: ‘You messed with the wrong generation’: Daily protests pose strong challenge to Myanmar coup
Privacy International: The companies in control of our secret identities. As Dave Winer often warns, it's worse than it appears.
Goldman Sachs says music streaming prices are due to rise.
Want to know how retail knows everything it can about what it sells? Dive deep into GS1.org. What's there is the opposite of both news and unimportance.
ProtonMail has a warning about EU anti-encryption proposals.
The Reality 2.0 Podcast explores how tech, privacy, and security impact reality in a post-COVID world. Subscribe now and don't miss a thing! We welcome your feedback at our contact page.