 This is Tech Talk with Buona Episode 300. One, two, three, four, five, six ways to get hat. Welcome to Tech Talk with Buona. This technology podcast covers tech news and reviews for the entire week. And now here's your host, me, Buona McCall. Greetings, folks, and welcome to Episode 300 of Tech Talk with Buona. We got a great show lined up for you, kind of a short show. We only got like four stories to talk about, but I took a week off and now we're back for more fun and games and tech and all that kind of good stuff. Game Chat with Buona is going to be coming back this Wednesday. And Tech Talk with Buona is being recorded right now. I am offline. Today is Sunday, Sunday, April 21st. I hope you all had a great tax weekend. If not, I hope your tax turned out okay. I've been running taxathons on my live stream so my supporters can kind of help me pay the tax bill that Uncle Sam has provided for me. But we got a great show lined up for you, some follow up stories from last time and a couple of new ones, some interesting stuff regarding Amazon Google and some password stuff. Also, this kid with a USB stick goes on the rampage on the college campus. That's going to be interesting to talk about. Let's get to it. And for our first story, we're going to talk about Firefox, kind of a follow up to our story that we talked about last Tech Talk with Buona, having to do with this hyperlink ping tracking. We discussed this last week about how Google Chrome, not last week, but the week before, how Google Chrome and Microsoft Edge and a bunch of other browsers are removing the ability to turn this feature off. And one of the conclusions we came to was that Microsoft and Google were going to stay the course, but Mozilla Firefox and Brave were the two browsers that were going to leave it off by default and give you the choice on whether to use that feature or not. And this story is a follow up article on Bleeping Computer, which says that Firefox is going to enable this by default now. So this is kind of like a retraction on the last story, which said Firefox was going to keep it off. But now it's going to be turning it on. Microsoft has told Bleeping Computer that it will be enabling the tracking feature called hyperlink auditing or pings by default in Firefox. There's no timeline for when this feature will be enabled, but it will be done when their implementation is complete. Now, if you don't remember what this was, this is a feature that allows sites to put a reference tag or a anchor tag to link to another site. It's a basic thing in HTML. The thing with the ping attribute of this thing is that you can ping another site or essentially secretly track clicks. So it's like click auditing, kind of like a way to track your movements on the internet. It's one of the ways that sites use this feature. And it's a privacy concern, which is why people are concerned that Google and Microsoft are removing the ability to turn it off because you were able to turn it off in the past. That was the story that we talked about a couple of weeks ago. But Mozilla has said they're going to turn it back on, which is kind of surprising. I expected them to keep it on. And this article talks about the potential privacy risk of it and how hyperlink auditing can lead to tracking and profiling and filter bubble stuff, stuff that I don't like. And it's kind of weird. But Brave, if you use the Brave browser, Brave has pretty much confirmed that they're going to keep the feature in as is. They said this is their response. They said, disabling hyperlink auditing is a crucial privacy feature. And Brave has always disabled this by default. This is Catherine Core, head of communications at Brave Software. Brave users expect this protection from our browser. So Brave's not going to back down. However, Mozilla is going to be enabling this by default. I don't know why. There's got to be something going on. I mean, there's a paragraph in here, which I didn't understand too much. They said Mozilla fills it's a performance improvement. And I read this part of the article, and I was like, I don't understand. They said, Mozilla told Blue Computer via email that they agree with Apple's views on hyperlink auditing. They say that the only reason it's not currently enabled by default is because their implementation is not ready. It says we agreed that enabling the hyperlink ping attribute that is commonly used for hyperlink auditing isn't a question of privacy, but a matter of improving the user experience by giving websites a better way to implement hyperlink auditing without performance downsides of the other methods listed in the WebKit.org blog post. In fact, we already support the Send Beacon API. And the reason we don't enable the hyperlink ping is that our implementation of this feature isn't yet complete. I don't get it. It says we don't believe the offering an option to disable this feature alone will have any meaningful improvement in the user privacy since website can and often already do detect the various supporting mechanisms for hyperlink auditing in each browser and disabling the more user-friendly mechanisms will cause them to fall back on the yes, the less user-friendly ones without actually disabling the hyperlink auditing functionality itself. If you look at this, it's like they're saying it's not going to do anything because the sites are going to track you anyway. That's kind of a weak argument from my perspective. And I don't understand why they would take that stance. It's kind of weird. It just further, I don't want to sound like a commercial for Brave, but it just furthers my desire to stay with Brave because they value privacy. Leave it in there. Don't take it out because you say, oh, they're going to fall back anyway on this or that, whatever, whatever. Okay. I'm not going to dwell on this too much. I don't understand why Firefox is doing it. I don't use Firefox. I've tried to go back and use it many, many times. And, you know, this is just going to be another hurdle for me. I'm just not going to use it because apparently they don't think this is important. I mean, they claim to think that privacy is important, but to just disable this because the excuse is, oh, they're just going to bypass and then do something else anyway. So why give you the option to disable it? Why disable it by default if they're just going to fall back on something that's going to be less efficient or whatever? To track you, to keep in mind, this is to track you, to track your clicks. It's hyperlink auditing. I don't get it. I'm going to stick with Brave for this. I mean, I wasn't going to leave Brave anyway, but this just furthers my desire to stay with Brave. Check it out, guys. If this matters to you, you might want to look at this very closely about hyperlink auditing and where browsers are going with this. Brave is, you know, they're standing strong while Mozilla is going with this lame excuse. I don't understand it. I'm hoping to understand it. There's got to be something else, but it's kind of weird. Check it out, guys. And for our next story, we're going to talk about online video with Amazon and Google. You didn't hear that voice crack. I didn't hear it either. Amazon and Google, this is a feud that's been going on for a long time, especially with Amazon Prime Video and Google Play Store stuff and just online stuff with Google Chromecast. It's been a bane in my existence because I have Amazon Prime and what we have Amazon Prime in our household. And we can't really watch the stuff comfortably on Chromecast without jumping through hoops. And it's really, really frustrating. Chromecast is our main device that we use to beam content to our television. If you don't know what it is, it's a nice little USB dongle. You plug into your HDMI port and then you can just send stuff from like Twitch, from Amazon, not Amazon, from Google, from YouTube, from a bunch of different sites like crunchyroll.com for anime, for Hulu, for Netflix. I think I already said those. So Chromecast is a very, very nice device. And Amazon has a competitor called Fire TV, which is a similar device, which lets you do the same thing. So they've been going back and forth. And as a result of this feud, you cannot or you could not view Amazon video on your Chromecast. It was very, very difficult to do so. The only way you could do it was to actually cache your browser on your computer and view it from the website. You could do it from mobile devices or tablets. Until today, Amazon and Google have settled their feud to bring YouTube back to Fire TV devices. The Prime Video app will add support for Chromecast and Android TV as well. This comes by way of rstechnica.com. According to the reports at the time, Google was unhappy with Amazon because the retailer didn't sell a number of its products, including the Chromecast and Google Home devices. The two companies, because they're in competition. And it was kind of wild that Amazon even did that. The two companies couldn't strike a business deal that pleased both parties, so Google removed the official YouTube app from the Fire TV devices at the start of 2018. This came after also Google revoked YouTube access on Amazon Echo devices, citing a broker-user experience. In the time since YouTube left Fire TV, users have been able to access the site using browsers. That's what I was talking about before. But that experience is the most user-friendly, so the real losers in situations where YouTube users are exactly. So now, in addition, it says Amazon will make Prime Video compatible with Chromecast now, and Chromecast built-in devices with Chromecast support. Those with Prime Video mobile app can cast their content to their TVs and watch it on a larger screen. The Prime Video app will also broadly support Android TV systems later this year. This is great. I mean, it's been a big, this feud between these two companies has affected me, the end-user, and probably affected you if you know what I'm talking about. With Chromecast, I can watch pretty much everything that my phone and my tablet can watch, except for Amazon Video. And there have been many times, especially with the expanse coming out, and I was watching Jack Ryan. Jack Ryan, I was watching that, and there was another show on Prime I wanted to watch on the TV. I have movies that I bought on Amazon, movies that I've rented on Amazon Video that I just couldn't watch from my mobile devices to beam to my TV. That's my primary way of consuming content these days. I would have to go to my computer in my office, start it, cast it to TV, go into the living room, watch it in there, and then if I need to pause or I need to fast forward or I need to do something, I gotta get up, walk all the way to my office. I know, man, this painstaking labor is like, oh, guys, I gotta get up, walk in there. 20 steps. Oh my gosh. That's 2019, guys, that's where we are. But it was very inconvenient, I gotta say, because based on the way I can watch my other videos and my other stuff, it was just on my phone, bring it up, start playing it, beam to Chromecast, you're started. When you're used to that experience and you gotta do the extra stuff, it becomes an inconvenience. I know from the outside looking in, it's like, oh, you couldn't walk into your office and actually click a button. What kind of player are you? Well, you're not playing anything. Check it out, guys. Over on rstechnica.com, they got the details. Amazon and Google have settled their feud and now YouTube is back on Fire TV as well as Amazon Prime Video can beam to Chromecast. And for our next story, we're going to talk about passwords. A few episodes ago, I talked about the idea that, well, the idea that Facebook, they had their password, their password systems were broken. I'm not going to get into too many details, but it allowed employees to see your plain text passwords in a large database, which was just crazy. I think that was even a motivation behind the episode name. It was like plain text passwords in 2019 or something like that. And this article over on the telegraph talks about that same type of issue, but from a user perspective, not from a Facebook or a company perspective. It says that millions are still using 123456 as their password. Millions. An analysis has found gaps in cyber knowledge may lead people in danger of being exploited. And that's true. Millions of people are still using easy to guess passwords like 123456 and QWERTY. If you don't know what QWERTY is, it's on most US based keyboards, unless you're using a, I forgot the other type of keyboard, my bad. But it's like QWERTY. It's like right above the home keys of ASTF on your hands. You can just go QWERTY across the keyboard. The analysis by the UK's National Cyber Security Center or NCSC uncovered the gaps in cyber knowledge that may leave people in danger of being exploited. Huh. Top of the list was 123456 appearing, get this now, in more than 23 million passwords. The second most popular string is guess, guess what it is? 123456789 was not much harder to crack while others type in five included QWERTY password and 11111111111. Oi, the most common name using passwords was Ashley, followed by Michael, Daniel, Jessica and Charlie. I don't even know where to begin on speculation as to why this is going on with these names, but it's very interesting nonetheless. And it's kind of funny, the next part. When it comes to Premier League football teams and guessable passwords, Liverpool are champions and Chelsea are second. Blink182 topped the charts of musical acts. So people are using very, very common things and millions of passwords. And this is just my another PSA. And I've done it in the past few I've had some really weak passwords. I think they even show up on some of the sites like you've been pwned or whatever, really long time ago passwords, which I've since changed, but use a password manager guys. No, one password, last pass, key pass or some really good suggestions. If you don't want to use an online thing like last pass, go with key pass. It can be offline. You can put on a USB stick. It's fine. They can generate random passwords for you. And it's okay if you have these type of password managers. It's okay that you don't know your password. I think that's the thing that people think these days with cybersecurity, I think they feel like they have to know their password. On the web and on a lot of online sites, password reset options are generally decently well done in general. And if you can't get back to your, if you can't get back to your online account through the password recovery issue, you've probably already been exploited. So it becomes a moot point at that stage. But you really should, really should invest in a good password generation technique. I know there's some good online password generators. If you don't want to use last pass or key pass and stuff like that, you can just do a search, do a search for online password generator and try to find a reputable one. I think GRC has one. Let me see. GRC, I used to use this one before I got last pass. Let me see if that's still up. Yeah, it is. GRC.com slash passwords.atm, HTM. This is run by Steve Gibson. If you don't know who that is, he's a very popular podcaster. I have a high level of respect for him. He's a security guy, but he does a podcast called security now. And if you go to GRC.com slash passwords.atm, it randomly generates 64 random hexadexamal characters, random printable asking characters, or random alphanumeric characters. And you can just choose a part of that string and you can have a password. And it has a very, very detailed post as to why this is a trusted way to generate passwords. If you don't believe a website, if you think he's just hacking you or something, it goes into detail and it's a reputable site. It's been around for many, many years if you don't trust last pass or you don't trust key pass or one password or any of the other things that have password generators. So please guys, now is the time. If you're not using a password generator, it's time to get on board. Make the switch because every single day, I think there's breaches every day. They're not reported. We get reports probably every week or two. But there's so many data breaches out there that even if you use the same password on more than one site, you are opening yourself up to these types of exploits. You really, really need to invest in a password manager or at least vary your passwords across multiple sites. This is probably the number one way that people's accounts are being compromised. And you can blame, a lot of people blame the security provider, like why did you protect me better? But as an end user, you have to protect yourself. You have to take steps to protect yourself. And this is probably the easiest way to protect yourself, is to vary your passwords. The next way is two factor authentication. Two factor has saved so many people from being exploited. I'm telling you, a lot of hackers out there don't even bother to continue if you have two factor. There are people out there that can get past two factor. They're sophisticated enough to do that. It's kind of foolish to say that they can't. But once they see that you have two factor, they'll move on to the next one. Because they're basically war dialing and trying to get through these accounts and steal as much profiles and information that they can. Check it out, guys. Over on the telegraph, they got the details. Millions are still using 123456 and password and names and bands as their password. It's time to really generate some security passwords, some secure passwords on all of your online sites. And for our final story, we're going to go over to the verge to talk about this kid, this USB killer kid. I don't know what to call him. The student used a USB killer device to destroy 58,000 worth of college computers. He had a USB stick that he purchased online that would fry the computers. That's just terrifying in itself that this exists. But this USB device can be easily and freely purchased online, according to the verge, and can overload the surge protection on your PC. So it fries the hardware. That's terrifying, man. This guy, his name is Vishwanath Akutoda. He's 27 years old. He made a video recording of himself inserting the USB devices into the computers and said, I'm going to kill this guy. All right. So we got scary USB devices. That's one thing. We got a guy, you know, destroying campus equipment. That's another thing. Then we got the level of intelligence required to breathe. Why in the Tarnation of Nations would you record yourself doing this? Is it proof to get into a hacker group or something? Oh, my gosh. So cordial articles. So it's fair to say that the FBI and the APD had all the evidence they needed. In total, this guy cost $58,471 worth of damage. And he played it guilty, of course. I mean, did he record it himself? Oh, my goodness. He recorded himself. And he is going to face 10 years in prison with three years of supervision after release and a fine of $250,000. What a way to ruin your life, man. It's just why in the world would you... I mean, like I said, the act, the USB, you know, killing the computers. That's dumb. That's stupid. You should do that. We know that. Those of us with an inkling of common sense go, no, I'm not going to do that. But then on top of that, you get a camera and go, hey, guys, watch this. Then you plug it in and I'm going to kill this guy. Whoa. I mean, on what parenting out there will say, hey, you know, Jimmy, if you want to do something stupid, you probably should record yourself doing it. Nobody will matter. It's not going to matter. They'll forget about it in a couple of days. It'll be fine. Really, daddy? Yeah. Yeah, Jimmy. I go over there and kick that kid's shin and then record it, put it on the internet. People will love you. I mean, what kind of parent does that? Oh, I, I, I, wow. Wow. So this guy is a citizen of India who was on US on a visa, having earned a master's degree in business from St. Rose in 2017. So he's got some sense, I think. He also pursued a computer information systems degree and appeared in one of the college's videos on Facebook in 2016, saying he ultimately hoped to become an entrepreneur. Well, I think I know what he was going to sell. When asked why he chose St. Rose for his degree, he said, I see there are lots of opportunity in the college which will pair you for a better future, which I can learn to apply in my life. Well, apparently they don't teach you to record just not to record yourself while you're frying computers on campus. He didn't just stop at one, guys. You gotta look at this. He, he, he destroyed many, many, $58,000 worth of computers. I think the number is 66. Yeah. He inserted the computer, the USB killer into 66 computers. I mean, is this an addiction? Was this a high? 66. Oi, check it out, guys. Over on the Verge.com, they got the details. This kid apparently didn't know any better not to record himself sticking the USB devices to surge, power surge, kill a whole bunch of computers. And that concludes episode 300 of Tech Talker Buona. Thank you so much for listening to this show. Guys, follow my Twitter at Twitter.com slash Buona where I post my musings about what I'm doing on all my different outlets, which includes this podcast, as well as game chat with Buona. I got a new podcast I just launched called Be Rants over on anchor.fm. It's kind of a side shoot, kind of like a side project thing. I'm not going to include it on the main feed of this podcast. So if you want to subscribe to that, just go over to Buona.tv slash podcast. I believe my anchor URL is anchor.fm slash Buona. And it was just like a five, 10 minute, 15 minute rant that you can talk on your phone and publish this. I thought it would be a cool thing to do. Like if I get a thought in my head and I just want to rant about it, I could just do that little really short form podcast. It's a whole different format, something I'm experimenting with. And I hope you guys can check it out. Also follow my Twitch at twitch.tv slash Buona. This is where I produce a lot of online content. The majority of my time is spent here. We go every day from three p.m. onward. And if you can stop by there, that'd be cool. A lot of my content is also posted on YouTube, youtube.com slash Buona. You can support me on patreon.com slash Buona as quiet. I appreciate all of those who have been watching my shows and watching my podcast and listening to my podcast and watching my podcast. Really, really appreciate it. We just recently had our taxes done. I got to pay Uncle Sam and we raised some funds. I think we raised like $200 on Saturday. So I think it was a success. We're going to be funneling that straight to Uncle Sam and getting that tax bill down as an independent guy. You know, I got to pay taxes and everything. And it adds up. So I end up owing quite a bit. So this is to get that bill way down. If you want to contribute to that, you can even, you can send me a PayPal or you can go over to Patreon and say, Hey Buona, here's to help with the tax bill. Now I'll definitely apply to it. Hey guys, thanks so much for listening. This is Tech Talk of Buona Episode 300. I hope you enjoyed the show. Show? Show. And I'll see you next time. Have a great, great day.