 Showtime according to this and I can try to catch up on the comments Six minutes late, I'm not doing too bad here. Oh Fun times fun times. Oh Look, my son is in here. My son should be doing homework Hey, son, are you a winning son? Are you doing homework son? Insert beam here Afternoon all kinds of people Let's see Is that we gonna be an 8-bit special assuming base zero if base one have to wait until 256. Oh, yeah Hmm Yeah, let me think about that. I don't know man. I I'll agree with Corey here I should do something special for one of those two or maybe both of them Maybe both of them. What can we do at 255? There'll be something. I don't know I come up with something Hello from the UP Yes, Marcus, I'm late was I am I always late Marcus my son will comment on that I'll let him go ahead and comment on that. So Let's see must insert super chats to begin stream we'll go with that Well, let's see We have to somehow fun times new home office. Yes. Yes. Click all those affiliate links and all that stuff Please fund my home office project It's kind of stalled at the moment because I'm waiting on Not really waiting. I mean I got to the point where I could the plugs are installed and everything else I'm just waiting on the contractors because they got a mud and drywall That's just scheduling at that point and I'm impatient. So when they asked when you when I would like it done I'm like yesterday like last week the moment it could be done. I wanted it done. So that's the whole thing there Yes, I may I'm off Purchasing pizza today. That is why my son's here to see exactly when this is over. So he knows the Time at which pizza is coming. Oh The thumbnail though. Yes, there is a Ubiqui in the thumbnail look at that or I'm working on some Deeply I'm now I'm deeply technical technical. I don't know if that's the right word technical videos on Ubiqui Deeply technical maybe kind of there's I Me and Jay kind of dove into it and I want to do a good technical explainer on how these work So I can put it all together me and Jay from learning TV been discussing it and talking about all the cool fancy things You can do with the Ubiqui how it works strategies and ideas But also in addition to I want to talk about TOTP and still how you can use Ubiqui Not just for the OTP that the Ubiqui can do but the TOTP methods and Fun things like that That's obviously a big question. I figured that's a good discussion to have here today. I Don't have a ton of time Mudding and taping is the worst. Yes, it is there is no doubt about that and I probably can pull up For those that want to know the current status of it Let's see if I can't share that out share Share screen Chrome tab That's what it currently looks like and So the walls are done the plugs are installed They work the plugs are all in functioning order now. Look at that I got all the extra gold on but these are the seams that you must mud and tape to Get the studio finished a few people asked me about drops in here. That's not really something that's going to be an issue That's why there's not going to be much of video and so I'm wearing in this the Desk is going to go like right here and this whole little I don't know if you can really see the mouse there But my desk is going in this area here All of my rack and everything is on the other side of that wall That's for all my computers will be so the only thing in here is going to be monitors Therefore I don't really need any drops or line drops put in at all if I ever wanted to I could always add them Of course, but I don't really need to for the nature of how this room is going to be set up and laid out It's not not really a necessary feature So there's not any wiring drops in there. So saves me the trouble So there's not going to be a wiring video directly related to this particular room Do I have a picture of the other side? Nope still don't have one. I've been reworking on the other side. It's actually I finished that I didn't take another picture It's done on the other side to when I move the server. I'll do it is pretty much how that'll work So yes Yeah, the ubiquity reach the other video I will is uploading and will be published after this I didn't have time to publish it before this is all the details that we know from reading the indictment about the insider bridge insider breach So too long didn't watch Tom video It's really simple Mr. Mr. Nick Nick sharp the not so sharp Nick sharp Decided that his high level of working at ubiquity as Something cloud something developer. I don't know exactly. I forgot his title at the moment I do have it in the article, but Nick works there. Nick decides he's going to pretend to be a threat actor by extracting data and Oops while he was extracting data the VPN dropped they then exposed his public IP He had and because he had to it's not a matter of principles of least privilege His job entitled him to a lot of access inside the ubiquity Therefore, he was able to pretend to be a threat actor who got in but of course he got in using his credentials so When they exposed that his credentials were used against his home IP when he accidentally let the VPN down that gave him The correlation data the FBI raids Nick's house now This is where things get dumber is they raid Nick's house and then then Nick says I'm gonna go contact Krebs and do a whole whistleblower story because after the FBI raids your house and Gathers evidence on you. Why not dig the hole deeper? So That's in the indictment too Yeah, it is just a met oh Pizza fund We're three dollars away from the five dollar pizza. So Oh Man Yes, I'm going to be making a wire guard 2p of sense guide definitely coming soon. Let's go pizza. Oh I am not putting hardwood floors in so what's actually gonna go in the studio is going to be a Mostly cement floor with some throw rugs to dampen the sound so that that now I'm putting in Carpeting on one side of my basement because there's two projects going simultaneously. I'm building a big game room There matter of fact for those you that want to know how this is laid out. I think I have a picture I can share real quick So we can have all the dimensions on it So this is the layout and so we have the This room right here the small one down here is a studio This is the staircase and then this larger room, which is a lot more space. It is actually a 22 foot by 33 foot room That 22 by 33 foot room is going to be the family room. That's going to be carpeted I'm doing a cement floor a stained black cement floor along with carpeting That's like throw rug type carpets part of the reason I'm doing that is because the service lines if you ever have to service my sewer system at my house the service access Is in the studio area So I don't want to put any carpet down there in case it ever I have some type of incident with my sewer lines or I have to work on them I would be pulling up the floor to get to the access So I'm leaving that floor open where we just roll the carpets up put them out of the way And we could access the sewer lines in there. So kind of why I did that way The less mud you put on the less mud you have to smooth off you've never watched me mud have you I am not good at either one of those. That's why I hired contractors Oh, let's see Yes mold resistant drywall, uh, they refer to it as green board here in the us, but it's Whatever the mold resistant type is. I've always called it green board Anyone else to chat using ubk in a c Gis environment for a a Yeah, I uh, I am not See, let's see. Do do do Ooh, should I get an ltt desk pad for my office? There's a thought What your guard can be super interesting for a site to site a home or privacy vpn. Yes, um It does work good for that. It's it's not bad in terms of that Vpm and no kill switch. Yep vpm and no kill switch. Yep, pretty much Oh, let's see How cheesy I hope you're referring to the pizza I'm gonna keep doing homework. So have fun. I'm being geeks Marcus. We hope one day you join the geeky among us My son is really more he my son's a gamer, but he's not quite geek He's not as interested in tech as the rest of us Oh, yeah, he also tried covering things up and changing log retentions. Absolutely Uh, I don't know if I'm gonna go to the novi pedex. Well, that's amazing But I know my cousin will be there Different story different topic The best pizza is free pizza. That's not bad How's the camera video coming along slowly, but surely, um, I actually had posted on twitter a cool time lapse video that I did with the Astrology stuff. So that's still on my to-do list Hacker news had a good comment from former court described in our details role and why he had all the access You know, I seen that But it's unverified. That's why I didn't I didn't cite that in my uh In my thing I tried to cite only Things I can cooperate. Uh, so someone claiming on hacker news to be an x employee of ubiquity Is kind of a fuzzy. I can't prove it I the person would really have to show something that they worked there before they could be believable Uh, I didn't want to go through the vetting process. So I'm not saying for sure. They don't I'm not saying for sure They do. Um, I just tried to be extremely careful with what I report For example krebs on security Reporting that this was a catastrophic breach as told to him by a whistleblower Turned out to be the person doing the breach So you can see how even if you do verification for something such as the person working there The person may have alternative motives. So now krebs has his own, you know Problems with that so to speak. I mean, I don't know that there's any journalistic problems krebs were really onto I don't know what he's if he's maybe he has by now is I didn't look recently if he put out a statement or not Um, I was gonna go check krebs. I think he did update the article just to say we know more now type thing But um, that kind of puts you in a weird situation because does krebs Get named at all as the person they did it uh in the united states journalists are protected from revealing the sources of their information So krebson is not Liable he doesn't he's not required and obligated to reveal that information to anyone if this is the same person That said this was like that but all evidenced in the indictment says it was this person that did it They just didn't name krebs in there. So What password keeper do I use? I'm a big fan of bit warden. I bit warden all the way So I've uh got a few videos on it. I still to this day use bit warden Any way to remote access next cloud or c file on a raspberry pi without port forwarding maybe using zero tier Yeah, zero tears a way to do it without Without having to do any of that. So if you use something like zero tier, that's what avoids the port forwarding That's one of the reasons overlay networks such as zero tier are an important aspect for people who are behind carrier grade Nat or just want a level of security that doesn't require any port forwards So yeah, that's absolutely a good solution for that The ipv4 cleanup project Yeah It I don't know. I I think steve gibson was ranting about it right and rightfully. So you're just gonna break a lot of things um Trying to do that. I don't know I I'll I'll maybe do a video on it. It's it's the um Act of desperation. I don't know so They're trying to find a few more ip addresses here Hey, a fellow follower passed away. Well, that's sad to hear. Um Would you kindly do a mention shout out? He was a massive fan of yours and he was very proud of you made it onto our show uh So shout out to josh. Well, hopefully um, yeah, that's sad. That's tragic. I am sorry to hear that Especially, you know, anyone's passed away. It's rough. That is rough Uh, hey, tom. What do you think of the new ui coming to xcp and g in zen orchestra? I'm excited They are working on development now so far I'm not going to dive much into this because I'm not ruling out that I did something completely wrong I didn't get the s3 bucket thing working. I tried it. It doesn't work. I don't know what I I'm not saying I'll I'll post in our forums before I uh Determined that there's any bugs in it I just know I did it and it didn't work, right? I I really can't rule out that it's not me Oh Let's see Uh, do you dabble with 3d printing cases or other weird attachments and brackets? Uh, have you Think about not really? Um I don't really do a lot of 3d pretty my staff does all the 3d printing They print lots of goopy things and occasionally useful things. I don't really do I I don't play with it much myself Oh, you're referring to nick, okay Uh I don't know of any good ones for true nas Sorry on that one. It comes to photo sharing. I know I did the senalogy one and and as I said in the senalogy video The reason I'm doing this is because senalogy has a pretty solid turnkey app for that. That's There's not I don't know of anything good. That's turnkey that works well. So yeah can Use that or extra managed spam emails on a network as well. Do I have to do end point security? I don't know that there's any type of mail management at all that could be incorporated into The edge router. I don't not that I can I'm aware of I don't think it's any I don't think it has any proxy functions like that could be wrong. I don't really use edge routers um So yeah, I'm not sure spam filtering is a different topic Yeah, four billion dollar in market capitalization and Yeah Bitwarden is awesome. I am a big fan of it One of the questions that comes up and this is something you can do in bit warden And let's talk about that because this seems like a fun thing to actually show a demo of So inside of bit warden and this is one of my lab systems we're going to Share the screen here. Hey look, this is a familiar screen. Many of us have seen let me Make it a little bigger. Now if I fill this in with bit warden I'm going to and it's not going to show on the screen, but I'm going to head and just paste this in Now with doing nothing else It just pasted my 2 fan for this particular instance One of the things you can save inside of bit warden besides username password is your 2fa your tootp Now here's the question. Is it really two factor? If I have all of my factors in one place and this is kind of a struggle you have of Well, is it and this becomes kind of a fuzzy thing that I'm going to work on a video for where I kind of explain When you should when you shouldn't and essentially If you're a end user and you don't really want to bother with, you know, phone apps and things like that with tootp Using bit warden is great. It's way better because now you've got two factors for the website And that solid as long as someone doesn't get in your bit warden But one of the rules I've been generally coming up with when do I or when don't I say things in bit warden Really comes down to the different sites. I'm using so I use bit warden for my personal and for my business For my business stuff my lab stuff even though it's in a lab I still turn on 2fa because I can and I can turn it on on this lab demo system I've got set up for this little true nasty mini, which is just back in my lab right now I can just save it in bit warden confidently anything else that is really critical to the business Even though I trust bit warden. I still want to have two separated Physically separate credential storage management systems So I don't save everything in bit warden when it comes to that for my 2fa I use if you're familiar with it. It is and actually we'll put let's just pull it up So I don't have to spell it This is what I'm using on my phone for 2fa And this is all part of a discussion. I'll end up Did I put it on the wrong tab? Yep, hold on You get it in the right tab. There we go Agus authenticator is a uh open source Free secure android two step verification system. It's great. I really like this tool It allows me to organize it. It has a few different options in here. It has different backup options It will let you get the codes back out if you need to I think this is a great 2fa application and uh, It sells me on the confidence of it because it's not attached to any cloud It will generate a file that is encrypted if you want it to to get that things out of here It is a really nice app. So when I get around to doing my updated 2fa video I'll be talking about bit warden some about ubiki and of course also about this um so the uh Getting things done uh with 2fa. This is one of my ways to do it So like I said bit warden's awesome But there are some challenges if you want to put everything in one basket But overall I still think it's pretty solid if you don't have anything else How do you handle 2fa across a team that needs access to one account? um You it depends on the system. So being in the it business space We will well, there's a couple different ways we do this actually most of the time all the systems we have Have different like we set up each person with their own account You can set up admins and things like that But sometimes you have to uh, keep another phone in a safe that has some of the 2fa stuff for other things on there That's one of the other methodologies can do it. So it's definitely There's ways to handle that most of the time everyone just gets their own account. So everyone has their own 2fa and you're not sharing Hey, that's awesome. You guys use uh Internally with the core team as well, but we're just solid. It's how we manage uh passwords here It's just been we've been using it for a while now. I absolutely They they keep coming out with more features. They keep coming out with better things It's really nice the way bit warden handles it And one of the things I love about the 2fa thing is when you paste into username and password It copies the 2fa code right to the if you have the tootp in there It'll copy it right to the clipboard. So you just got to click paste on the tootp and it just works It just makes life better Uh, which ube key do you use? Uh This is the um What is this one? This is my demo one I got in right now firmware hacks It's one with the touch on it. The ube key touch is I don't know what they're called The one with the touch on it. How's that? So hopefully that'll help. Uh, let's see Thomas Star Trek generations christmas movie is uh Sure Am I planning a review of the microtik cc 2 1 6? um, no Not on my radar right now. I don't Do I I may or may not the I don't the microtik reviews The number of people that ask me versus the number of people that actually take the time to view the video is pretty low Um, so I'm not yeah, I don't know that I'm going to do a microtik review on that I've seen people ask about it, but I I don't know. I don't know if there's enough interest in it There's always a few people asking I it's a maybe It's uh Well, I least serve the home does a good job of it. Like just watch serve the home I don't really have any more to add than they say on it. So Yeah, ipv pro blocks keeps selling for more money in the secondary market. Yeah, they're going for a lot of money So For true nascale, we have quite a few photo apps. Yeah, uh probably more docker ones available for that so Let's see This free nas true nas have better nfs quota. So I've never used quota support. So I don't know I know they have it. It's actually something I have never used. I've never had a use case Where I said I need quota support on here. So I don't know nfs works amazing on true nas quotas Never used them. So I don't know. I don't know at all Is it overkill to run network cable every room probably? Um So many things are going wireless. It's maybe One of those things that don't matter in another 10 years as much You're critical things like your gaming computer or Uh devices like cameras still need to get power and doing poe is great. So running them to places You need cameras makes a lot of sense running them to places where you know, you have a desktop computer Maybe even a laptop plugged in makes sense. Uh, it makes less sense to run one into the bathroom But feel free. I mean, it's easier to do it when you're building the house than after you built the house Stuck in which way to go with a homelab build mixed drive sizes running windows vm True nas proxmox with mixed drives. Would you suggest? I would true nas works best with, um Uh, what do you call it? Um the same drives. So I don't recommend mixed drives for that I don't know if I can really help and outside of that Yeah, all the keys in the same place That's where the problem is What phone do I use? Uh, currently this is a Pixel 4 tomorrow. I'll have a pixel 6 according to the tracking number Uh pixel 6 pro tomorrow I never use ios. So I have no help on what you should be using for ios the fdroid uh tool the the ages tool is not for um ios I got I got nothing on ios. Nobody here at my company uses ios. So it's not really it's not really been an issue uh Is there a way to run bit warden in a synology without using a domain name in ssl? Uh It's a headache when you don't have a proper ssl cert So you can also use a reverse proxy to get the ssl you'll get an error And you can overcome the error, but you'll end up with weird problems Um, if you don't set up a proper ssl cert for bit warden And you don't have to have it publicly exposed to do that We my uh bit warden is behind a proxy Uh or reverse proxy. So it's not publicly exposed at all It's only accessible over when you're outside the office over a vpn So you absolutely can set up bit warden with a proper ssl with a reverse proxy and not have it publicly exposed But yes, it works much better when you don't have to click through those error messages because you'll find every now and then It just stops syncing and we found out that We were doing something when we were first testing bit warden We found out if it doesn't have a valid ssl You can check the box to allow it to accept it But sometimes it stops syncing and you have to like force it to sync. So you can kind of make it work Oh, let's see What else wow lots of stuff Yeah, the bit warden internal tootp that is really cool great feature Uh, let's see scroll down here Uh, what do I think about d-raid and zfs? Great to see they're innovating Ubeck we connect not really they have some new vpn stuff They're working on that. I haven't really dove much into it's neat looking I I don't know They need a more clear roadmap for me to really tell you about it because that's people have asked me about it And even I go they need a roadmap for this thing They have the whole identity thing and some stuff they're doing but yeah I don't I don't have a clear roadmap on it just yet. I haven't really dove into it Thanks for your awesome tutorials. It feels like you're uh, like you are reconfiguring my home lab 2fa is one of the next things on my list Oh, where are you with s1 now that huntress combines with defender? Um, so even testing the managed av it just kind of depends on situation. It's cool when someone has a Uh, we actually have a split of this We have some people that are wanting to use the managed av because they don't want to do They don't want to get the whole suite of s1 because it's more money They want just huntress. We are also a reseller of huntress and we've helped some People deploy this and it helps them do the managed av portion So it's still managed av is still not the same as s1 because microsoft defender while is actually a pretty good system I'm not going to tell you otherwise defender actually scores relatively well s1 adds a lot of enhancements beyond what just defender can do I am working on an updated video of s1 because once we got away from buying it from enable and we buy Uh, we use directly s1 now. We're not getting it through Uh enable we get it through what they call packs eight. They're a reseller of it That's actually the easiest way to get it by the way. Um, so once we took care of that, um I'm I want to do an update video because it's so much better Any tips on how to how to add unify protect From my four drive unvr into my unify controller I Don't know no tips or help on that unify is deciding to run on their hardware not Somewhere else. There's hacky ways to do it. I I don't really I've never tried. I know there's people out there doing it It's outside of the scope of something I've tried Would you trust xc xcp and jostler emny and in production versus home lab use? Um The problem is there's not an easy way to notify you when there's a raid problem So It as long as you've come up with a method by which you can monitor the rate array Uh, it's solid and reliable. It's a matter of you having a methodology that if a drive fails in that rate array Can you see that failure? There's ways to do it You just got to monitor the logs and check the mdm and there's you can export syslog over to a syslog server That you can set a trigger on it as long as you've got those things set up It just doesn't have a native Notifier built in to tell you if the rate array has a problem by the way use zfs not mdm I would use zfs, uh because zfs is In the system. So I would actually recommend that for xcp and g but the same answer You have to be able to monitor the zfs array I don't use it, but I know offi is popular that does have an ios and google uh and android app I've never tested any alternatives to the ube key. So I don't know You give support to a remote phone like android or iphone which tool you use I don't understand that question We we don't if you're asking if we do phone support, we don't I don't I don't understand the question though Oh, let's see I like bitwarden, but doesn't always recognize a new password when I enter it the first time on a site Likewise, it doesn't autofill every time neither does any password manager because some site designers are morons I i'm just going to call them out if they're not using Standard ways that they format the fields the password manager whatever that password manager is has to play catch up with Oh, what are they calling it today? What do they call the username field? Well, they call the password field and get it up to date Um, this is just a challenge sometimes for the password managers and you can say but I tried last pass and it got it But then you may find one that Last pass doesn't get that bit warden has each one of these is just reading through the fields and understanding it So this is why password managers are often working against a challenge of designers with I have a dumb idea instead of following and calling it the password box Let's call it something different because that's Somehow better. I don't know Uh Did I ever play bbs games? No, not really never. Uh, well, I mean I don't remember many mostly I was there for the data man Back back in the bbs days. It was all about me just gaining knowledge and I was a big reader of things So I was mostly in the bbs is to find what books I could download and what books could be shared You know hacking books and everything else that were available back then or any type of You know always downloading the latest copy of the uh jargon file and things like that So I was never never a big bbs game person though I know there were a few but they were never none of them were so memorable that That I remember so Uh Throw darts into I don't know that they're blindfolded, but they're definitely throwing darts over at ubiquity Um They do what they do. They know they have a core product that makes them a lot This is the one thing if you're a one-trick pony and you're only doing one thing There is the fear that there could be a market shift that makes you not the one-trick pony because someone else Does that trick better or the same or has met it? So I don't blame companies for taking the revenue they have and innovating on different ideas I don't know what goes on internally there. We have a little bit inside of something that went on internally I don't know what goes on internally for some of the decisions they make Um, some of the things seem really off base. Sometimes they have really on base things that are doing well, so I'm trying uh s1 on pac state and their support has been great so far. I mentioned you guys and the support Uh guys recognize to you. Yes, they know us. Uh, I actually well Not just at pac state, but inside a set in the one they know us as well We've actually had to use their support like almost zero But we already knew set in the one we knew what was missing from it because when we signed up We were in the beta program for enable when we were in the beta program They gave us full dashboard access later and this is where I am confused as to what happened There were features that seem to vanish and that's when we realized that Once if you were to buy it through enable today You don't get the same dashboard that we got when we initially started with enable because they changed the way they implement it That's what made us switch from enable over to pac state for center one because we weren't getting all the features And now we are so but uh, yeah Hello switcherlin dunkel aura from switchman Uh, let's see Some site designers are morons. I dude. I can repeat that a lot I I I used to have a web development. Uh, I used to do web development I've had web developers working for me and I've met a few of them that I'm like, why would you do it that way? Why would you that's not innovation? So Yeah Ah, yeah site designers that break elements such as filling in passwords because why I don't know Uh, maybe I don't like doing wi-fi reviews that much. So maybe uh Yeah The standards they want for fields, right? Well, let's see What s1 product to use for jimber deployment? Uh Complete I don't remember the name of it the the big one Biggest issues I moved away from an uh issue. I moved away from you. I couldn't get an email notification When something happened on the s1 pac state dashboard. It's fantastic. Yes When do you plan? It's just ibp6 only network For for 20 years. It's the year of ipv6 And no, it's not um, I don't know I have a feeling there there's a small chance that the internet won't even work the same way before ip6 ever gets fully implemented So it's not on my to-do list at all. Um, it's not it's not Really really really low priority I if i'm really bored and nothing to do i'll dive in ipv6 That's when i'll do it or for some reason the world changes and i'm wrong Too many developers are interested in using the latest bloated framework instead of making usable website That's a thing So let's see Uh What's the first big tech project you did just for fun? I don't know that any of them are I don't know that I can really think about that one. That's a uh, that's not an easy answer Saying that right there. So that that's Because I don't know what I I mean anything I do just I want to build an array or anything like that Is that just for fun or sometimes it's for use in my lab? So hard to say So the year of the linux desktop I think could come before the year of ipv6. How's that? And and i'm not exactly someone who thinks the year of a linux desktop is coming anytime soon either There we go the year of the ipv6 will be two years after the linux desktop at least at least I won't argue that point. You're probably not wrong at all Um, what was I doing? Well, I don't have I'm gonna give it I'll give you guys 10 more minutes. Uh, because then I'm gonna get a pizza for my son Oh, let's see Oh, okay. Well, yeah the electric utility side now. There's actually oddly enough I'm using it is the year of ipv6 if you're using a phone because phones use ipv6. So yes um The ipv6 is actually the back end for a lot of the phone networks And uh, so that's the thing Three years from now, not likely I mean, we are reaching an ipv4 exhaust. We've reached an ipv4 exhaustion, but I'm not that worried about it. So Oh, let's see So do you advise customers block out on ports or is that outdated advice? That's pretty much just a headache. Um, and it adds It adds the illusion of security. I mean, I guess you could block out on ports And Maybe some c2 servers going oh, I can't get out on this odd port number for some reason Or maybe c2 servers are using HTTPS or port 80 for a lot of command and control and it won't do any good at all It's it's really old advice There'll be there'll be someone that argues me that you should do it. It's part of proper locking things down and Yeah, I don't know I Like open vpn and wire guard those are the vpns. I like to use so We will switch to hex measure. Yeah Uh outbound 53 reroute to our block. So, um, this is a challenge because with H with dns over HTTPS That's the x workaround. You got to actually block dns over HTTPS You can do a rewrite rule for port 53 that way when your dns is going out it can rewrite it To a different dns server But this sometimes breaks iot devices that expect to be able to talk to their dns server Even though you've redirected them some of them may not like that redirection So that can be sometimes a challenge you'll run into we run into people and You know, it's it's really where we offer a limited amount of some home user consulting We don't know our rates for it by the way matter of fact home users are often more Sometimes more difficult people to work with because they often have these crazy rules They set up and then they break all their iot things then they block everything and we're like You have to start releasing some of this if you want it to work So we help unwind some of the overbearing protections they put in that broke anything because you are Telling me you want your cloud enabled garage door opener to work But I don't want anything accessing the internet without my implicit permission Which one do you want to work your implicit permission? Well, you told the garage opener couldn't get out That's why your garage door opener isn't opening anymore. I don't know exactly. I don't have the perfect both world scenario for you When does the usa conversion and metric fit in with the timetables being discussed before after the year of legs before after ipv6 Look, all's i know is if you switch the united states From you know some type of measurement like kilograms Versus pounds. So there's just going to be mass confusion Gotta get a dad joke in there Yes, I just did a we just did a uh Home lab shows so check out our home lab show where we discuss open vpn versus wire guard. So I have an entire 40 minutes of rambling about open vpn and wire guards. So Do you got a groan we get this no one liked my dad joke? Uh groan x2 fair enough fair enough Yes, uh the home assistant does work for people who don't want the cloud enabled But then you have to find all the proper devices and get them working with the home assistant Which sometimes creates its own challenge. It's not impossible to do which is more work than the Automatic it connects to the magic cloud things. So Yeah, uh Let's see Hey, cool. You are doing av broadcast engineer. That's cool. There's a lot that goes into that Ah, yes, it's america. We measure we measure everything in freedom units Yeah, I like z-wave. Uh, I've gone in on z-wave stuff That's what I have here at the office and uh, that's what's going in at my new studio is z-wave Separate iot completely separate network by a firewall set dns ot devices to pi hole or similar That's actually the problem if you set the dns to some of your iot devices the pi hole, they may not work. So It depends on the iot device Yeah, zig b is just such a simple solution just to press button and go I think zig b works great and it's enough of a standard that it's easy to find lots of devices that are on zig b I um, I use a button to open my garage door. So, uh I don't even have my garage door open or tied to wi-fi zig b or anything else because I it isn't it isn't i'm not that opposed to uh pressing the button I actually have an old school garage door opener and i'm fine with that Yeah, it's not not that big of a deal to me Not that big of a deal All right, make sure got a couple more minutes here because I got that I got ordered pizza and upload my video matter of fact, I can kick off the upload right now because I need to upload the video for The because it's done rendering What is it unify insider? Do do do Yeah insider threats really challenging that whole unify thing is just a mess Um, I feel pretty ubiquity on that one. I mean no one wants the insider threats. That's just someone Inside the company being a dick. I mean honestly So that's uh Oh, oh my gosh Chris I didn't realize chris had a video on it already Chris's video is a lot longer than mine Maybe I should watch chris's before I upload mine. Anyone watch chris's video from crosstalk I didn't even know he did a video until i'm uploading mine and it popped up so did um Do you use the same accounting your phone and computer account for what? My current garage opener has a physical key you gotta slide it open by hand old school dumb door. That's all right though Armstrong method absolutely Yeah, I don't um I have a big motorcycle so i'm okay with that so yeah chris has chris has a video on it so I didn't huh chris was quick to get this out there Oh, it's funny. I the the first comment. Let me actually switch this To chris is laughing. I'm looking at the comments on record any of you watch chris's video on this I haven't yet. I just I discovered it only moments ago So But I like the first comment on here I trust chris and tom lorence for the correct info So cool That's on her and this is um crosstalk solutions ubiquity reach mind blowing new info. I like the chris completely click baited it I haven't even decided the titles. I'm just uploading right now. So Oh, you posted about seven hours ago. I don't watch a ton of youtube I do sometimes at night. So What did he talk about for so long on it that it's that long? I think mine's eight minutes seven minutes long Are you in over the whole thing? Oh, see, I don't have to apologize. Uh, people were mad at me because I didn't go hard on Uh, ubiquity and I said we don't know and your lawyers tell you to be quiet I said that in my january video. I said it again in the crev's video I'm going based on what crev said. I'm going on what ubiquity didn't say and uh, so I didn't really have to apologize What do I think about the future of ubiquity versus cisco? They both have a long future ahead of them Do you use the same email account on your phone and your computer? Yes It was good ubiquity situation a good example of two things why you want your host your own controllers to Uh, why you should use a key like ubiquity um Yeah, and I said the same thing you're gonna have to You can do and this is part of the problem. You can do everything right You can do compartmentalization you can do principles of least privilege you can follow with all those things and still Have a threat actor because someone still has to organize all of those high level things if someone at a high level decides that they want to be the one to Do the insider threat they have a high level of privilege aren't going to be able to do it That's all there's no way you can really protect against it The best thing you can do is have some immutable audit logs that allow you to Unravel what they did and hopefully that's even enough to turn knowing that you have such logs that stop people from doing it But some people Are just bad What I was mentioning level one's latest vid which what video did they do? Oh true nasty scale is that one? That's cool. I like wendell me and wendell chat from time to time. He's great The video and chris was quite good on on how we all got it wrong. Uh I don't know that we all got it wrong, but okay Any any info you have in the cloud is successful by their internal staff just grumps and employees. Yep Don't believe everything you read. Yeah Yep, uh, let's see Wow, tom is cool. I'll highlight the comment because I like it Well, let's see Read the charges against this against the employee So it was interesting the charges and evidence error, but maybe much detail for people like it Yeah, I actually covered the the the indictment's really short. It's only a couple pages Um, so yeah, there's a there's a lot to unpack there. I mean, I maybe I'll watch chris. Hey, it's chris I'm gonna watch chris's video too. I was just commenting. I don't know when chris joined But at least I know he's here now, but yeah chris. Um, I didn't know you I didn't know you did a video So good job on getting it out there fast because boy, there's a lot to talk about But did you but did chris use my joke about uh, you know, mr. Nick sharp being not so sharp because You know, why not? Ah Let's see Cheers Now there's a krebs response article too. Oh good. I mean it kind of puts krebs in a weird situation I don't think krebs had to let's pull up the krebs article right now. Um Um I because it krebs didn't get named But I mean he's kind of part of it now So let's see what he said Oh, my joke came after the video Play spotted the unusual downloads Continue reading. Okay. So yeah, krebs has a response Sharp faces for criminal charges including wire fraud, intentionally damaging protect computer transmission, interstate communication with intent to extort making false statements to the fbi Yeah Do do do he's in trouble Spoiler alert. He didn't address anything. Yep. Doesn't look like it. Uh, charge profile says poverty aggregation By the way, for those of you that don't know If you want to dig deeper um If you want to do a little bit more big in here folks That's our guy here. Um So this is he and this is links to everything. So if anyone wants it, he's got a key base profile For what it for what it's worth He calls himself thrive dub. This is his twitter his reddit Don't worry. There's nothing on there if you want to look at it. He does follow brian krebs though. Isn't that interesting? He does follow brian krebs. So that's at least one thing on there there's uh Yeah, someone did say that too. That was another comment I seen Despite this, uh, despite what this picture may make you think it was not big brain time No, it was not But uh, yep, there's there's all his links for anyone that wants to see it and you can see him on linkedin where he had his Listing of his job and things like that. So Yep That's about that Uh, does he have his linkedin here? No Well, I guess he doesn't find a job after you probably not No, the didos people. I don't think they've stopped or caught those He doesn't look happy in that photo, but I don't know. I'm not here. I'm not here to judge either I don't judge people by their looks I just I'll judge him by their actions and I think his actions make him a dick So we'll call him nick the dick because that's I said I did see that in my video. I'm sorry. That guy's a dick That's just awful to do something like that Uh, he will have a few years of lock up to look like yeah Yeah, I don't know man. He's The guy's just Yeah, I I mean that's just a really crappy thing to do. So That's all I got that's that was my opinion at the end of my video for so spoiler If you don't feel like watching my video, I just cover a few basic things quickly Uh, I ran through it just to have you know people who have DM'd me and said tom. Did you know I'd uh facebook messages and everything else I'm like, yeah, I've seen it. I was like that's interesting. So Uh Oh me and sam we will commiserate over this one when uh, the whole enable thing is done It's it that's an upcoming video probably We'll we'll dive into the enabled topic, but that's not today because that would we don't have enough time I got to order a pizza So thank you everyone for joining definitely a good time as always I will dive into soon the 2fa video talking about ways to store your 2fa Sorry iphone users that you won't be on the list because i'm uh Uh ages user and they don't have an iphone version For that, but I will be talking about the deeply me and jay from learn next tv We'll talk about some integrations because we're both doing some independent videos on this of doing some integration with ubikey and Linux and unlocking your desktop with it, uh, then I will also just be doing some more generalized uh 2fa stuff I mean and by the way, I have an entire video already on tootp So if you check my channel If you don't know how tootp works This is an older video, um Let me see But I do have a whole video on how tootp One time of works. I even have a bash script that allows you to do it in there. So yes all kinds of fun stuff So I will be I will be covering that soon This is like chris said right here from cross talk 2fa every day 2fa all day every day. So uh, you can't get enough of it Absolutely. All right. Thank you all for joining and uh, take care See you in the forums and twitter and all the places you can usually find me Facebook's random for those of you that have found me on facebook You may have noticed that i'm not on there all the time It's kind of I go on there. I reply and then I disappear for a while again. So So that's that's how we uh Handle all that. All right. Thanks everyone. Take care