 They the people just wouldn't have bins then because everybody loses them. Yeah, there's here's my bag of garbage It's gonna be on the curb pick it up Well over here, it's a problem actually because our bins have or FIDs in them and we pay by weight So if someone steals your bin they get to throw away their trash on your dime. Oh, does that happen? Touch wood my bin is still my bin But I keep expecting someone to notice that this is now a thing you could do Well, you know you just see it's you put it out there. It's not out there I know well what one of the things apparently people steal them here for is to recycle the plastic and get paid for it Oh, and I'm like what what what recycler will pay you if you come out and try to recycle a city trash bin I don't do you have a shredder? Oh, I thought you meant like In it the bin. Yeah, I guess the person who steals it the shreds it and then Then when they take it to recycling you can't tell what it is But why would you do that's just like so complicated that is yeah, why not just do what the little Asian? I don't know if it's a thing in Ireland, but at least in San Francisco You would have the low old Asian chain or Chinese ladies go through your recycling to take out your cans and bottles Oh, we don't have Ethnically, it's not the same people here, but we've got them here on this in LA too. Are they old though? Yeah, the same age people do that in Ireland No, the only thing I ever see is passers-by put their junk into my bin as they're going about their business It's like, but you put it in the wrong one. That was my recycle bin and you just put your that's the worst Right, it's like I don't mind if someone throws their dog poop in my trash can. It's a trash can That's what it's but don't put it in the recycle bin No, I don't just wrap it. I don't like it when they don't read they don't even tie it off They just That's anti-social definitely. Yeah, it really is We don't we don't have links to go with this conversation though. Hey, it's better than last week's conversation What was last week? Because I just got to the doctor Ah The dangers of talking about the last thing you did You mentioned you're talking about I know I've talked about this on the show before but there's that show on discovery ID called called Fear that fear thy neighbor fear thy neighbor. Oh, is this for people? You know what I Stuff like that. I can't I'm not gonna speak too loud I'm kind of a little neighbors here. I won't know one neighbor is really cool. They're cool, but the other one I'm very suspicious of yeah The show is about that's stories that happen when neighbor interactions go wrong You gotta avoid that all I know is my neighbor has a bunch of security cameras and the neighbor on the other side of him opposite of me Complaint she was telling me a little download that she was complaining this camera face is 130 ladies and gentlemen I'll need control while you're at it. Uh-huh We can't talk about it. All right We'll finish this conversation in a moment Stay tuned for the thrilling end of our neighbor conversation. All right. Here we go Daily Tech news show is powered by you nobody else to find out more head to Daily Tech news show comm slash support This is the Daily Tech news for Friday May 5th Cinco de Mayo 2017 I'm Tom Merritt and very happy today to have Bart Bouchot's host and producer of Let's Talk Apple and Let's Talk Photography Regular on Allison Sheridan's pod feet shows and We're gonna talk to him about password hygiene because he's also a Linux sys admin for a large university in Ireland Been doing this for quite a long time. I hear welcome to the show Bart Hey pleasure to be here. I'm glad we finally got this worked out I know Allison's really excited to get you on the show as well and and Password hygiene meaning, you know, how to pick good passwords how to manage good passwords is something that is in the news regularly and super important Yeah, yeah, I mean we've lost kind of how many zeros you put on the end of these breaches I mean it was like oh 10,000 that's big. Oh, no, that's no thing. They're no fractions of billions So we're gonna talk a little bit about the best practices and if you're like I know about password hygiene Let's see keep listening. Anyway, you might pick up something. You didn't realize It's always good to kind of go over the fundamentals and if nothing else you can then pass it along to other folks that need That password hygiene. Let's start off though with a few other tech things you should know about One plus told the Verge that the one plus five successor to the one plus three and the three T will arrive this summer Microsoft announced an event for May 23rd in Shanghai promising to show the world. What's next? That's what they said We will show the world. What's next literally in a tweet about the event Microsoft VP of devices Panos Panay use the hashtag surface so it might be getting new Microsoft hardware and Reuters report sources tell it the US Department of Justice has begun a criminal investigation into Uber's use of its grayball software to evade Portland Transportation regulators Uber says grayball was meant to identify fraud and they've stopped people from using it to evade regulators Uber's always in trouble Bart. I'd what's your perspective from Ireland on that worldwide mess of a company these days? I mean They seem to just be all about Evading people like they're using their geolocation to evade apples app store people They're using their geolocation to evade regulators It seems like they know they're doing wrong and they actually put active effort Into trying to get away with it instead of putting active effort into not doing stuff wrong It's a it's a really good point. They are putting to the test more than anyone. I can think of the phrase It's better to ask for forgiveness than permission Yes, definitely. That's certainly their motto it seems Yeah, yeah over here. They're not that popular because we have good apps that work with our normal taxi companies So it's easier here. We have an app called halo We just tap a button and a normal taxi arrives And so I don't think the uber thing is is quite to the same level here Certainly, you know one of my circle of friends uses that we all just use halo What are one of those rare examples of an incumbent industry adapting fast enough to stave off the competition sounds like Just about yeah I think if they'd waited even six months longer or so, I don't think they would have made it But they they got in there quick enough that they now have the mind share here Recode reports sources say amazon is close to an agreement with apple to bring the amazon video app to the apple tv amazon employees supposedly expect the app to show up in q3 amazon of course has a video app for ios so you can airplay to an apple tv But there is no tv os app version of it and since 2015 amazon and apple have been in a little bit of a Cold war amazon stopped selling the apple tv and jeff bezos said they only want to sell things Where their video can be accessed And and so behind the scenes i guess tim cook and jeff bezos at that level we're working this out Bart do you use apple tv or watch amazon video? Yes and no so a huge apple tv user It's there's actually nothing else connected to my physical television That is the only thing that is plugged into the back of my physical television as my apple tv But I it's not worth it here in ireland. We don't have our own amazon store We have to tag along with the uk store and they're about to leave the u So we already don't share a currency with them and we're soon going to not share a tax region with them So it's I don't know what amazon are going to do for their irish customers actually because we're going to lose our english language store Well, the good news is amazon prime video is supposed to be launching across Most markets uh within within the next several months. Uh, at least that's the word on the street So you may get your own amazon prime video service. I don't know what that does to the rest of amazon But they're gonna have to think of something right because once once the uk ready the u I mean, are all your people going to learn french all of a sudden or german? Well, no, probably not. No, I can tell you that's not going to happen here Maybe they can put the canadian store over there I don't know. I can't say the euro, right? We need we need euro. I think where my brain was going with that is that that uh That idea of the uk uniting with canada, but that would still that would help you know, it doesn't help us. Yeah Uh, I I think this is a big deal and i'm very curious If this ends up being true What had to happen to make this work? Uh, uh amazon basically has been saying they they wanted more control And amazon has been in a fight with apple with the kindle store Where apple says well if you're going to have a link to your store in there you Have to give us 30 of the cut My expectation is that maybe amazon finally got apple to budge a little bit on the amount that they pay them Yeah, I would love to be a fly on the wall there and figure out what's going because either amazon blinked and are accepting the 30 percent right or apple blinked and it's not 30 percent anymore And I don't know if we are ever going to find out. Yeah Be curious to jason rubin is facebook's vp of content and announced the shutdown of the oculus story studio That's uh facebook's vr movie production unit. So not making games for vr facebook will instead Dedicate 50 million dollars to directly fund non gaming experimental vr content They're going to give other people money to do it They're not going to have a studio for it the story studio was launched in january 2015 at sundance And did great work at one and emmy for the vr short film henry. Uh, they had other fairly, you know, well acclaimed Productions out of there But I I guess facebook decided they didn't want to be in the business of making content Yeah, well, it's It's kind of a difficult area to be in right you're making non game content on something that almost no one has yet It's very experimental. It's very It's it's what's in front of the cutting edge. I mean Yeah, it's high. What's even more Yeah, so maybe they don't want to do that experiment. Maybe they want to leave that experiment to someone else Well, I think they want to discover new ways of using virtual reality and their idea Seemed to be let's create a studio. It's it's like an incubator for this sort of thing but now Either yeah, and they've done some great work, but maybe they've realized You know what we've we've jump started it now with a few examples We'll get more if we just directly fund independent people who can go off and do it on their own Well with any new medium the the first thing we seem to do with the new medium is to Try replicate an old medium in a new medium So the first things on television were drama plays that were meant to be on stage And we just put a camera in front of the stage and went that's television And having a movie studio that does vr seems to me like we're doing the same thing again We're just taking what we already have and we're putting it on the new medium And that's probably not what vr is going to be. Yeah, whatever it is. It's probably not that That actually could play into this where facebook having a studio may have been Narrowing what people thought they were supposed to do right And giving 50 million dollars for more experimental stuff may may loosen that a little and they might get Some people venturing outside of you know, yeah putting a stage play on for a movie. Absolutely Elias saba's af tv news regularly crawls amazon servers with a script Friday it turned up a thumbnail image for what looks like an amazon echo with a touch screen Now there's been rumors about this coming out for a long time So it's a likely bet. This is a real thing af tv news says the device is codenamed knight I'm not sure where they got that information except maybe was in the metadata right next to the image Afterwards this afternoon venture beats heaven blast tweeted some similar images and a little better resolution Of the device not just in black, but also in white So i'm not sure where he sourced those from but seems like we're going to get something with amazon voice services in it that has a touch screen And can show the time and the weather without you having to ask For it Uh, are you do you use any of these voice assistants amazon echo or any of the others? I I try to become friends with the s named one that we can't say out loud on television Or will set people's thingies off and I decided i'm not friends with her Well, did you try changing it to a male voice? Maybe that would help I think over here it is male by default actually. Um, in fact, it is male by default But no, I just maybe it's the maybe it's the Irish cultural thing, but I feel like an idiot talking to myself I never want to talk to any of these when other people are around Like especially the phone ones. Yeah, I don't want to be out in public talking to my phone Yeah, no the last time my phone reset it said would you like to re-enable s weird and I went You know something no and I have missed it a grand total of zero times. Yeah I I've used it a couple of times while driving To varying effect one time it was great another time it sort of half worked But it didn't resume playing the music that I had been listening to which was annoying That's a problem. Yeah, but but again, let's get back to this which is a more it's not a mobile device Do we need the whole idea with the voice activation is that you don't need the touch screen? So this kind of reminds me of the chumby I don't know if you remember that or or or those those little touchscreen devices Of days gone by where they can display some information, but then you can get more information and radio and audio Uh, I guess it depends on the price, but it may I could see this maybe being a bedside clock sort of replacement Or something that hangs in your refrigerator probably I don't know where in the house would you put it? But I guess I'd want it in the kitchen But yeah, it looks like it's more of a desktop thing than a than a it's I don't know that it's thin enough for the refrigerator But hard to see yeah, so maybe on a kitchen on the breakfast counter or something in the kitchen But it it reminds me a little of the very early days of the internet when we thought we would have appliances We thought we would have a piece of hardware that sat in the house to be the internet Yeah And the other thing as seen on the it crowd Yeah, I mean they were a thing it just They were even made I think you can still buy them an ebay, but they just didn't take off because our pc's turned out to be the right tool for the job but What strikes me is one of the things that s word Will fall back on very often is I don't know what you're talking about. So I'm going to show you something and with an echo If if it doesn't know what you're talking about what can it do? Whereas having a screen seems like at least it can fall back to being semi helpful Well, and I just I was now that we're starting to talk about it. I realized that I have my amazon echo in my kitchen Uh, and that's because I can listen to news and while I'm cooking or something like that Be great if this could actually show my recipes if I could just say hey You know show me my recipe instead of having to prop up my tablet there, which is what I do now And imagine being able to say next so yeah to show you a picture of what you should be doing now And then say okay got that and then it will show you the next thing in the recipe What's the next step? Yeah, and you could have you could tell it to play videos You could you could say I want to watch something and it could show you that so show me how to fill it. It's happened Yes, exactly. Yeah, you joke, but on youtube you could totally find that. It's that's how I learned to um Oh, what's it called? There's there's there's a cutting technique that I had to look up on youtube how to do and now now the name escapes me but Uh julien I I needed julien some basil and I learned it from youtube That sounds very posh. Yeah, it does. It sounds that way. I'm sure my knife technique does not make it look that way According to data collected by the u.s. Centers for disease control for the first time The majority of households in the united states have mobile telephone service and no landline 50.8 Percent of the households here in the u.s. Have only mobile service. That's up from 48.3 last year Some other numbers from the survey 39.4 of households have both mobile and landline 6.5 percent have only landline And 3.2 percent have no phone service at all. I find that to be actually the most surprising number That's a little higher than I would have expected Does the skype count as phone service if you if you only did voipe would you be counted in that six percent? That is a really good question. I don't know how the cdc defined this but if someone said Yeah, I don't have telephone service on mobile. I just used, you know, like a like a wi-fi device or a tablet and then I use skype Would you count as having no phone service at all? I don't know Yeah, it's an interesting one It's it's good to see why I think it's good to see because we haven't had a phone in the house for years And we've always been seen as freaks. It's like, what do you mean? You don't have a physical telephone So I have a cell phone. My partner has a cell phone. Why should I pay someone to bring a string of copper into the house? That's only going to be used by telemarketers to annoy me Why don't I just get rid of it? Yeah, and and The the argument for landlines has always been well, it's good for emergencies But more and more your your ability to to make emergency calls on phones is getting better and better To the point where apparently, you know more than half the people here anyway You are willing to just use that for their emergency calls as well Which puts pressure on the emergency services to improve, right? But you don't even need a sim card to make an emergency call any gsm phone with make an emergency phone call While the screen is locked and there's no sim card in the device I mean one one two anyone on the planet that you're on a gsm network will get you help and You got to have your battery charged, I guess so Here the pots lines all have have power on them So if the thunderstorm knocks out your power, you can still make a call you can't necessarily Do that? Well, you can you can make a call with your mobile phone if the power is out as long as the nearest cell tower is working But you as long as your battery is charged too Yeah, but that there's more likelihood though of some natural disaster Take if you need a piece of copper all the way to your house There's more chance of it being knocked down somewhere between you and an exchange than if you're going wirelessly as far as a cell tower That's every horror movie right the phones are out because of the storm and they can't get out of the house My childhood home Our electricity and phone line went through an orchard and the orchard was old And any time there was any sort of windstorm you could count on the fact that we would be without phone and without electricity And we were at the end of the line So we will be last on the list of people to be repaired Well, it's it is like you say I in 2010 we moved And decided not to have our landline go with us and just decided to go with phones and a couple people thought we were crazy But we are now among the majority here. So there you go And I mean I rent so it's just it's so much hassle when you're changing rental accommodation to go and phone the phone company and say You know chain move our number from this mprn to this mprn We just didn't bother A new report from app annie says the average phone user accesses about 30 apps a month Which is between a third and a half of the number of apps on average installed on a phone Users launch an average of nine apps a day Among the high-use countries india sees the most app usage per month followed by brazil and then china When broken down by operating system iOS users launched a few more apps than android users in general But android users launched 30 more games So iOS users obsessing over their phones more android users having more fun I Yes, that's one way to put it if I were to open a third of the apps on my phone. I'd spend my whole day on my phone Yeah, I'm the same way. I and I think uh hosting podcasts that involve trying out apps is an occupational hazard that most people don't have because I I still have to go through every once in a while and just decide like what apps in here don't even work anymore because I downloaded them so long ago and the companies went out of business, but yeah, I I think the the rule of about nine said in my nine or ten Probably sounds about right for me as far as like how many apps do I use on a daily basis? Not because I'm trying them out for a show or anything, but just because I'm using them for my own use I'm not even sure I necessarily would make nine every day because I tend to use my phone very much to receive Sort of as a passive receiver of information most of the time and so I'm just basically looking at notification center 90% of the time And I'll generally reply to things on a real computer Probably because most of it is sent to the watch and so I just sort of go. Yeah, okay I have now absorbed that information, but I I don't remember the last time I opened the bbc app People use magically appears on my wrist. Does that count as using the app? That's a good question. I I don't know that app any is counting that they are counting Default apps which sometimes are skipped So if you use the phone or the message app or the or the safari Okay, then I get that that all counts. So so that kind of boosted up a little bit Yeah, I probably do get nine if I get to count those but in terms of third party I'm not sure I get nine on your average day basically map my ride I probably don't actually I probably don't even use the phone app every day to be honest But I use the text messaging app every day. I use the browser every day. I use the settings app every day I don't know if that counts I use audible side reel downcast It's probably oh and memorize which I Language learning app. So there's five or six right there Actually, so tracking workouts lots of messaging apps because you could I wish I could convince all of my friends to just pick one That'd be really nice. My circle friend. Yeah, just choose But no, that's not how it works because your circles of friends overlap with each other I keep waiting for the for the pigeon For yeah for act for for messaging apps to arrive that just collects everything in one interface for me That would be amazing. Yeah And the other one that I use lots of actually know to think about it is weather apps because I live in Ireland and Here it's not a guarantee that that you can go and get your exercise at any time of the day I try to get my exercise every day and that involves Some prognostication and I like to have many sources of prediction because they disagree with each other massively Well, yeah, I I I actually check the weather on my android tablet every morning So it's one of the reasons I didn't cut it on the phone But I definitely check it every morning and we're not even in a place the weather changes that often to be honest So I have four weather apps. I check religiously Folks if you want to get all the tech headlines each day in about five minutes You got to subscribe to daily tech headlines.com it comes as a podcast it comes on the amazon echo It's in the anchor app go try that out at anchor.fm And that will get you up to date every day All right, let's talk about password hygiene password reuse we have hammered home on this show is extremely dangerous do not reuse your passwords between Accounts, but I have had people tell me like yeah, I hear you say that. How am I supposed to remember all these passwords? and we go back and forth Bart about well password managers Are the least evil right is there is there for most people is there a better way than using a password manager? I think well, there's only really I mean humans are human. We don't have super human powers So we can't remember them off that that's out right you can just discard that possibility straight away So then you're left with either you have an algorithm So whether you have a rule for yourself and you say I have one password And I'm going to take the last two letters of the domain name and I'm going to stick them on the end And that's going to be my unique Password and the thing is that's pretty much always obvious If I if I were to get a password dump of google plus and the password ended in gp I'd probably go. Hmm. I think I see what's going on here. Yeah So algorithms are probably out in which case you're left with okay Actually, maybe I should allow the computer to do the menial task because that's kind of what they're for right? They're supposed to be our servants for leaving us from menial tasks And they remember perfectly and we remember terribly So this seems like a good fit to me Let let the computer do with the computer's good at and let the computer remember your passwords for you And then you're down to one Really good password and people people laugh at me when when they see me typing my master password for one password It's like what on earth are you doing? It's like no, I'm not looking into the website. I'm just opening one password Oh, I thought all your passwords are that long. It's like well, they are but I never type any of the rest of them This is the only one I do Well long character length is important, uh, right? And and and that's the thing is when you go into one password or last pass or dash lane Once you're in you could let them manage the rest of the passwords and make them as long as they need to Yeah, so I yeah, I mean length is great. I mean one of the best things I've seen on passwords is from stanford university And their guidelines are great So they say we insist you use at least eight characters If you use only eight, which is really not a lot that we insist you have uppercase lowercase symbols and digits So they really make you jump through hoops and say if you go as far as 12 But you can leave out the symbols if you go up as long as 16 Well, you can leave out the digits and if you go over 20 Have at it. We don't care what they are because you have so many characters You are safe and so that encourages people to use past phrases instead of passwords And it's just a good idea make them long as long as you can and you're better off So good password managers. There's lots out there. Uh, like we mentioned one password dot com last pass dot com dash lane dot com If you want to be in control of the servers, you don't trust your passwords even encrypted in a cloud key pass dot info is an open source one that you can you can keep and run yourself but There's still the idea of generating those passwords that go into the managers now the the managers generally have built-in password generator features But let's generate a password for the password manager You're not going to store that the password manager if nothing else you'll need a password generator for that one, right? But even even if you have a password manager and it manages all of your passwords There will be times when you have to type them in yourself Because like my iphone is always with me Which means I always have my pass for my passwords Available to me, but if I'm sitting down in front of your computer to show you something I can't copy and paste that password into your computer. So I'm going to have to type it So I I feel that you even in a password manager environment. You should have passwords you can type and so One approach to that is to use Like generators will tend to go for pronounceable passwords They're actual gibberish, but you can pronounce them whereas my approach is make them long and use words They don't only use words use words with symbols and digits But you can say something like exclamation point 44 minus queen minus dump minus proxy Minus 55. I mean you can say that and you can type that easy enough You can also do them over the phone, which is helpful Now if if you're doing that that exclamation two digits And then a dash and then a word and then a dash and a word You could start to develop a mnemonic That helps you remember passwords even for a couple of different ones And you've created a great generator for that at xkpasswd.net Tell us a little bit about that tool and how it works because I There's been some criticism of the xkcd inspiration for this But I think you've worked around a lot of those criticisms. Well, yeah, so I sort of took two inputs. So I did I at the same time Many years ago now there was the xkcd cartoon commit the famous correct horse battery staple And that seemed a little bit too simplistic to me and then steve gibson did his password haystack page where he basically said Just pad them make them long, you know Five exclamation points at the front and five exclamation points at the back And if you sort of take those two ideas and mush them together You end up with xkpasswd Which is basically you say I want some padding symbols on the front some padding digits on the front I want a randomly chosen separator and n randomly chosen words Which may or may not be of a random case and may or may not have lead style substitutions if you really want to go that route And it does I mean I had a friend mutual friend the both of us know who was typing in a password and It was it was password. It was okay for me to know but I had memorized it immediately Because it was using your xk password generator. And so I'm like, oh, there's just special characters Boom boom boom and these three words done like I get it And there's still quite a bit of entropy there because if you I mean you can set your own settings on the site Or it's actually it's actually based on an open source pearl module So you can install it yourself on the command line on your mac I have a little service that I use so you can use automator or whatever to generate password and shove them in the clipboard But so I have a fairly large alphabet of symbols and a large alphabet or a large dictionary of words And so there's still a lot of randomness happening here. You're randomly picking the padding character You're randomly picking the padding digits You're randomly picking the separator characters and I let it randomly pick the case of each word So there's a lot of random going in here. And so yes, it is deterministic in the sense that there's an algorithm There's a pattern But it is still a lot of randomness and the the final password you get is Very long. So at a brute force level, it's really really safe And even if the person knows where it came from they still have a lot of brute forcing to do Yeah, that's good. And it's all about that. It's all about putting speed bumps in front of people So I know there's people out there right now who are like, you know, I find yes, okay, fine I'm going to get a password manager. I'm going to use a password generator Whether it's xk password or random.org or diceware or something But where do I start? I've got so many accounts that all Have one two three four five as the password. Which one should I start changing first? Yeah, and there's a really big difference. There is definitely a hierarchy. All passwords are not equal So I would say that the crown jewels for anyone with an online presence is your email Which you may say but I don't care about me email Actually, you do because pretty much every website on the planet if you Forget your password, it will be sent to your email. So if you lose control of your email You lose control of your facebook your twitter your google your microsoft You lose control of everything because it's all that password reset loop is through your email So actually in terms of your digital identity Your email account is the most important one to secure. So if you're using gmail Well a good password b Why not two factor loss while you're at it and that goes for any email service And then say a very close second probably an even first in fact joint first is anything with your money Because while I like my digital life, I also like my financial stability And so those two get prioritized and then after that you can start to break things down into what you care about most But you definitely got to save your email and save your financial stuff So your banking websites your pay pals all that kind of stuff now two factor authentication We've talked about a lot on this show too and and the nice thing there is even if your password is Not strong, which it should be still yeah two factor authentication will help mitigate against that because You'll have to have the second factor to log in now We talked yesterday about the first in the wild exploit that stole some money from people's bank accounts in germany By exploiting the sms system weaknesses in ss7 That allowed them to get the second factor. So even two factor authentication is not foolproof It's best if it's done through an authenticator But I I mean I think the point is even sms two factor is still better than nothing, right? Oh god Yeah, I mean everything you can do to make the attacker work harder Makes you safer because you're not trying to outrun the bear. You're trying to outrun your neighbors All right, you know, you're out running your friend or whatever. So You that implies you want your neighbors to get caught by the bear You don't you don't but you you know if it comes down to it. Yeah, exactly Yeah, so don't be the low-hanging fruit and everything you can do to pull yourself a little bit higher up It all helps. I mean nothing is perfect Um, in the real world, we accept this all the time We accept the fact that there are things which make us safer but are not perfect We wear a seatbelt. We know it will not save our life in every single situation But we would never say well some guy died in a car wreck therefore I won't wear my seatbelt because it's useless but in the digital world We tend to throw everything in the bin we tend to go. Oh, yeah, that thing happened in Germany two factor is useless And I was like no no no no it's still valuable. It's just not perfect Look, yeah, I think of it this way, uh, if you have a bank password Someone can try to crack it if you have a second factor on that bank worst password Now someone has to crack your password And cracked second factor authentication So which would you rather do give them one obstacle or two? Yeah, and of course the if you're a well known if you have a highly important job if you Oh You said you said something about well-known people and the the internet gods made you disappear They they must have known but I I think before the internet took a dive there for Bart Uh, what I was going to say is if you're you're well known you may be more of a target Um, but that doesn't mean You know that that even less well-known people can't get caught up in the net I see him trying to log back in so hopefully we're we're gonna. Am I here? Yes, you are back And you were saying if you're well known and I said the well-known people didn't want you to tell them about that Probably not but also if you're wealthy or if you're Google-able so if you if you run a company that's known to be profitable And if you can google yours or just link in just go look at linkedin Who are the higher-ranking people at black corporation? Well, okay, you're just become a target now. Yeah So it's important. It's important for everybody. But yeah, it is. Yeah Yeah, uh, well folks, uh, You've got to check out xk password. It's x k p a s s w d dot net you Bart you created it you also Have some stuff on github for people who are interested in even more and how that works Yeah, so the the entire thing is um, actually Released it's a pearl module under the hood crypt colon colon hs xk password bd and it's released on c pan so you can just get it from c pan or B s d to close license So basically have at it because as far as I'm concerned the point here is to get more security Not for me to somehow magically monetize passwords, which is never going to happen in a million years But let Bart know if you find something wrong so that you can improve it, right? Well, precisely. Yeah, because I'm currently working on release 3.7. So there's a few bugs to be squished. Nothing security related, but If you bang it at a hard enough, it will eventually fail to generate a password every about a hundred times It won't do anything wrong. It'll just not generate a password. Yeah, and then you hit it again Yeah Well, thanks everybody who participates in our subreddit You can submit stories and vote on them at daily tech news show dot reddit dot com message of the day comes from If you don't like the weather wait five minutes melbourne australia Sounds like what you were talking about in ireland as well. Yeah, that's our scene here Yeah, john mitzi writes on dts 30 21 you mentioned that the ipad doesn't have multiple user switching When you were talking about education ipads and chrome books and the new windows 10 s surface And john wants to point out that in ios 9.3 march 2016 apple did add shared ipad Only for managed ipads in education. Here's the apple link and we've got a computer world article on it I had forgotten entirely about this john. Thank you for for pointing it out. So because it's especially pertinent To my comparison where like yes, I don't have multiple logins on my ipad But if I was using it in an education setting then I would be able to now I prefer that it would just be available for everyone So you don't have to sign up for some kind of managed service with apple to do it But at least it's there right Well, I actually you I've actually used schools at apple.com and it's really nice like I think it's quite new but it's really it's really good for managing your school's hardware for managing your school's software for managing your students for Sending apps to people for sending iPads to people. It's a really good system. They have gone there and it's very Very pleasant ui for managing it all actually so I was very impressed Do when you look at chrome books in the educational setting and when you look at that windows 10 s Does any of that interest you? Okay, so in ireland we have we have a european attitude to privacy Which means that the google stuff is treated with much more suspicion than it is in the us makes sense and The irish universities tend to prefer microsoft So office 365 is very big in our education sector because you pay them money They give you a service instead of harvesting your stuff And so the surface s and the windows s is actually very interesting Whereas the google stuff is looked at with great suspicion. Gotcha Now it makes sense a good move by microsoft then And good move having you on the show bart. I'm sorry. It took so long. It was great Haven't you let folks know where they can find more about what you do? And besides just the password project your podcast and everything Well, the easiest thing is to go to bart b.ie Because no one can spell booshots. There is a bart booshots that are you but don't bother going there Bart b.ie and there's links to all the various bits and bobs I get up to basically everything's linked from there if I do it. It's linked from there So flicker photography various podcasts lots of nerding out much much nerdery happens on bart b.ie That's a pretty photography. I'm always jealous people could take photos like that Well, you don't see the 98% that never make it out of lightroom. Yeah, I guess that's that's that's part of it Len Peralta has been busily illustrating the show and what have you got for us len Well, I just wanted to remind everybody that this weekend, of course is free comic book day And what better way to celebrate free comic book day than with this password protected Super hero I like his catchphrase. Yes, which is very long and secure. Yes, you will He's very secure. That's he's very secure. It's 2fa man And uh, yeah, his catchphrase is is something to behold So you should probably head on over to lenperalta store.com and check it out And uh and see for yourself You could actually uh cosplay as 2fa man this weekend at free comic book day Man, if anybody cosplays as 2fa man this weekend, you have to send us pictures You also have to have a lock on one of your hands and one on your belt. Yeah, that's right And this the second factor, which of course for me is the phone. So yeah Uh, this is fantastic folks. You got to check it out lenperaltastore.com And of course you got all kinds of perks if they back you on patreon That's right. Yes us you get uh, you can get this downloaded for free if you want if you're back at the dts lover level So, uh, so yeah, I hope to see you all um at the patreon It looks it looks like uh, peds in the in our chat room says you guessed his password Oh, i'm sorry. I'm That was just completely by accident. How lucky Hey, uh, thanks to everybody, uh, who backs this show We could not do it without you. Uh, and if you are a patreon already Go to patreon.com slash dts or look in your inbox for our monthly update We call out some people who are celebrating their third year Straight of supporting the show your name is in that post. Uh, we've also got some some Information about what's coming up on the show We do that every month for you to just keep you up to date So go check that out patreon.com slash dts and thanks to every single person who supports us Our email address is feedback at daily tech news show.com. We're live on to through friday 4 30 p.m. Eastern 2030 utc At alphageek radio.com and diamond club.tv and of course we're at facebook.com slash daily tech news show And our website is daily tech news show.com back on monday with baronica belmont. We'll talk to you then This show is part of the frog pants network Get more at frog pants.com Bob hopes you have enjoyed this brover Oh That was such a good show bart. Thank you so much Yeah, that was great fun. I just realized that my camera didn't come back after I Oh, that's fine. I'm just glad we got you back, uh and with with minimal trouble. So I wasn't good at the thing It just lugged me out. It just went back to the login screen and went Log back in please the guy Thankfully it resumed the call as soon as I did log back in. So that was good. Yeah Yeah, you popped right back in I only had to tap dance for a minute there. So Unless that really I'm telling you it's because you brought up important people. Yes, we can roger. What should we call the show? Um, first one is, uh, colon colon 42 The power of daily basically a daily 42 tech news show. Oh, this is like an xkp. I like this one Yeah, it's basically a generated password with daily tech news and show as the words. That's cool Uh, don't be the low-hanging fruit apples on tv Time to bury the landline hammer home hygiene Passwords is the size that counts to a feyman for the irish or will irish learn french password headache Landline lubber I like that Landline lubber is pretty good too. I see you's killing it today And microsoft has in has new things on the surface I think we've done something similar to that before I really like the the password generated with daily tech news show in it. Cool I assume that I see you generated a password In your tool and then replaced whatever words it gave him with daily tech news show Unless the icu is the luckiest person on the planet. I think yeah, right I think that's the default preset actually two symbols two digits Alternating case. I think yeah, I think that's the default settings. Oh, this is gonna play havoc with people's rss feeds. I can't wait No, at least there's no angle brackets in it. Yeah. Yeah, exactly There's there's actually no special characters that will cause problems. I don't think You'd be surprised what websites bar fat. Um Websites have the weirdest of rules and what you're not allowed to use sometimes Yeah It's kind of crazy. Um Oh, and nth mic is like, but will wordpress allow you to use that post in the post slug We'll find out It'll probably replace them all with minus signs. Yeah, soundcloud always does soundcloud takes any special character and just Replaces it minus. Yeah Ah, well good. Uh, also, I should I should acknowledge that this guy says you always thank every single person But what about the married people? I should be thanking Brilliant Yeah All right, so Roger, where were we before we started the show? Oh my neighbor. Yeah, I don't want to thank you much in case he listens to it I doubt it, but you know Yeah, it's like a bunch of security cameras ring around his house and I think one of them is pointing at my back door Because I always noticed that the little blue leds light up when I'm out taking out the trash Even though I have a hedge like a pretty tall hedge in the back My neighbor has motion sensors on the pathway that goes along my house back to where she lives And I won't be anywhere near it and it'll tick off. So I I don't know if it senses sound too or I don't know, but it Normally motion detectors are tied in with lights. There's no lights. So the only thing that could be lighting up is a camera Yeah Oh, man bioCal mentioning so many systems limit you to 16 characters or less. That's annoying And what what else is annoying is the ones that Won't let you use special characters and I've even run into a few that will let you use capital letters Oh, come on. Are we living in the 80s? Yeah, seriously my bank limits me to 12 and it used to be eight So why why limit people? I I don't know So this is the thing that really takes me off though Is there atm pin numbers used to be you could go up to eight characters digits long I thought it was the best thing in the world and then uh, like 10 years ago This like not I got cut down to four. So you need four It used to be eight. I used it eight like the entire time since it got really saving that much space I don't know length like that It's just annoying Banks tend to have really bad password policies because their websites tend to be really thin skins over really old really crappy sun micro systems stuff Because they like How do you Change out a multi-billion dollar back end, you know, right? So they just put a wrapper around it and you put a wrapper around the wrapper and a wrapper and the wrapper and the wrapper And there's probably an oracle table somewhere with the actual password Not even a hash because if they had a hash they wouldn't care how long the password was Yeah, exactly like that It makes me cranky that they don't even do the simple stuff like my bank doesn't have a green bar It just has a normal padlock and it's like will you pay them the hundred dollars or whatever it costs to get the EV please You're a bank for goodness sake. Yeah, and they're the The customer support people don't understand, but it has a padlock. Yes, but there is a good padlock and a great padlock I would like you to have the great padlock So go pass it on to engineering and because you're a bank I would like the most security that you can afford and you can afford it. So Yes, you can So the interest of increasing community security my bank like has uh monthly newsletters that goes out And one of them was written about some guy one of one of their managers or bank or branch managers He went on and on about using two factor authentic Authentication and someone did follow it's like let's kind of strange since you're the bank itself does not allow Two-factor authentication for a bank manager to be you know really pushing it. It's like well then Maybe that bank manager is trying to make a point to his boss or something Maybe my bank used to be super regional used to be just in california and nevada And then um, it was it was bought out by bnp back in the late 70s But they didn't start expanding until the mid 90s. And so Suddenly it's like half the country But it's like come on where bnp has these billions and billions of dollars. He can't do two-factor authentication like No, no, no Bank bnp I don't understand. Well, I do understand but it's so that's not right, but I think it should be a priority for every bank to do Not only second factor authentication, but authenticator based Give you the options for for authy or google authentication. Is this a thing in the states? So when I wanted to send someone money, I need this It looks like a pocket calculator It looks like a pocket calculator, but my atm card slides into the back of it And then it generates a cryptographic one-time key Which I have to enter in on the website to actually do authorize the money transfer No On your bank money transfer, I would assume Yeah, yeah, so basically I log into my bank's website with a stupid pin But I can't send money to anyone but me unless I have this machine And you pop your atm card in you put in your pin And then the website will tell you what to type in and then you hit go and you will get on the screen A cryptographic Right blob and you type of that back into the website And then it will allow you to set up the new the new destination for the transfer A little bit of a pain, but secure There were some yeah, there was something like that Back in the early 2000s they were kicking around But I think Didn't think anyone would really be into because the one that was complicated too Was a piece of hardware people would have to plug in and they didn't want to deal with the tech support And so they just kind of they kind of like yeah, no no no one's going to do this I think it's right at the chip and pin though because I think you need a chip and pin So card for any of this kind of stuff to work And in europe we've just been a lot more proactive on on the whole security of cards thing I don't know why the us is dragging their heels so much, but you guys are so used chip and pin We just used chip Yeah, but the where's the pin? What's the point of the chip? It's the pin I'm just using my credit card and then if something it's I guess it's a little harder to counterfeit It's a little harder to counterfeit a card part of it Part of it was like the the credit card companies and the credit card companies hate this you saw really generous Uh fraud benefits like you know, oh if you got blah blah you wouldn't have to pay for it So a lot of people just didn't like uh someone steals money the credit card company will cover me on it It's like not a big deal So what the credit card what the banks have been very good at is Detecting fraudulent transactions having algorithms that are really good at saying hold on that That doesn't look right. Let's put a hold on that to protect themselves because of it So there's a lot of good work done on that end of it So my bank sends me an sms message when a transaction comes through they find suspicious And I then answer with why for yes or n for no or if I answer why the transaction goes through Otherwise it doesn't Yes, we get that Yeah Well, it's I mean visa and mastercard. It's the same visa and the same mastercard we have in europe. Oh, yeah No, I know why why different? We're gonna why don't I don't get laws that they had to deal with I guess Also, there was a huge cost in trying to roll out all those new machines to make sure they worked Our police spent that money There's as many of us, right? I mean, I know europe is physically smaller than the us But in terms of physical amount of people were we're on a par And in terms of the amount of retail locations we have we're on a par and yet in europe They did it those self-same companies put out all of those shiny new terminals with the rfid and everything in it Because we have more bank choices and so people would jump ship. I don't know Well, we didn't have interstate banking allowed for the longest time. I think well not until the late 80s Yeah, oh wow, okay, like you can cash a check from you could cash a check from one state to another But it was difficult take a very took two weeks It was like ridiculous I remember uh for there were plenty of places in st. Louis that wouldn't take my parents checks because we were in illinois And they just didn't want to deal with it Which is why for the longest time bank of america and west fargo were the largest because they were national So it didn't matter Right, like you you sent them a was fargo check they could you could cash it which is why a lot of the smaller banks said fine, we'll get together and we came they came up with a I don't know what the name of it is but basically allowed interstate banking. Yeah the first time That's gotta be really hard on commerce. Like how do you How do you run a business Read lots of credit. That's yeah, that's one of the reasons credit cards arise arised because people could do people could Pay out things and then so fine, you know, I can I can give you this much credit And then you pay whatever your debts with it like if you're like a restaurant, you can buy your food supplies your booze or whatever for the bar and then at the end of the month you just settle up So soundcloud made the url 42 daily tech news show 47 Yeah, so almost everything got lost. Yeah Wonder how many people look at the exact url Oh, yeah, probably not that many. I'm sure there's a few though, but Yeah, I tend to look at them and stuff because it's always fun to see how the editor changed the headline. Yeah So a lot of news has a sane headline when you see it But it started off with a very link baby headline that someone thought better of which is fun Well, yeah, I I always put the name of the guests in the headline of the blog post as sort of a safety measure if it gets published without By accident not putting in the title So the url will usually have the names of the of the hosts at it on wordpress because of that That's pretty clever Remember to kojak That maybe you might be too young vaguely So, yeah, he used to flog of the diners club card. That was like the first big credit card Who loves you, baby? And it's interesting because it was well people who wanted to dine out But didn't have the cash on them and so it's like hey, you know, you can start using this somewhere else Besides just restaurants. Oh, it's just very interesting about how I suppose it's a good need to meet first, right? Everyone's got to eat Especially the very rich Yeah, so you're a businessman you're traveling around You just want to be able to walk into a place and get good food without any efforts here. Here's my piece of plastic I think the earliest credit card ads I remember were From a company that's now bankrupt, but their their tagline was my flexible friend And they had Rowan Atkinson as mr. Bean as their master. Oh, yes I remember they made fun of that because in an episode of mr. Bean It guess he was going to college or university And he was on his lunch break and he took out a piece of bread and used a credit card to Put the butter on it said my flexible friend And I didn't understand that until you just mentioned that so I connected the show for an episode I saw 12 years ago right now in my head See it wasn't barkley card It was called access but I think barkley card bought access because as rowan Atkinson did do stuff for barkley card later where he was pretending to be a really bad 007 knockoff Oh, which I think spun into a movie. Yeah, it was called johnny english Yeah For barkley's which is a uk bank Well, you know, we did the same thing here with the geico caveman ads and they tried to make it into a tv series Oh, yeah, that was not that did not work terrible The captain caveman knockoff or something. No, so the whole idea was their service was so easy That even a caveman came I could you and the subsequent Commercials spun on that the idea where the cavemen were incredibly insulted because it was a bigoted ignorant display of poor understanding of how cavemen actually lived And then the whole idea was oh, let's take this kind of moral outrage You know kind of social metaphor into an actual Didn't work did not work It's an interesting idea, but yeah, it seems it seems a little too intricate Yeah, yeah, like one of them was like a caveman's going on holiday vacation And he's on one of those um at the airport It's not an escalator, but it just moves you sideways. It looks like an escalator moving walkway He's on that he passes a big sign that says it's so easy You know like, you know that sure so easy even a caveman could do it And he gets he sees it like in a quick glance and then has to walk back to look at it And he shakes his head and huffs Because he thinks it's insulting What isn't insulting It is to cavemen if you're a caveman sure, yeah, but what if there are neanderthals there might be neanderthals still roaming The halls. I'm pretty sure there are neanderthals. Nobody ever makes fun of the denisovans. Why is that? It's harder to say I don't know Well, isn't isn't the latest thinking that actually we didn't kill the neanderthals We just slept with them enough that they became kind of assimilated them like the Borg possibly the thing is that uh Well, that's that's kind of the thing. It's like is it In the bulk of the population might have just passed away and then the whatever remnants became part of the human genome yeah Sort of In spain in particular this evidence that they there was a meeting of the ways when the Homo erectus came up through Gibraltar And met the neanderthal population and it seems that they interbred rather than killing each other Last I heard but I could be that could have changed since I left Usually coexisted as well unless they were after the same exact Thing right because lines of letters comes from it's from the neanderthals There are plenty of animals that share the same eco ecosystem Yeah, it's only if there's a resource Yeah, if there's a resource that scares maybe water becomes a problem or something and they have to share a water course And they don't really want to share and then someone loses. Yeah Well folks It's time for us to go. Thank you again, Bart. This was great No, absolute pleasure. Um That I delighted to be on anytime. You'll have me because it was really good fun We've got we've got I know we have some other topic ideas that we were kicking her out So we'll definitely make that happen Excellent. Well, I look forward to it Will you guys enjoy your day? It's got it's it's already getting late here. So my day is almost done, but enjoy Yeah, have a have a good rest of your Friday Okay Have a great comic book day everyone. Yes