In This Episode: Accessing accounts while traveling, encryption, and vulnerabilities.
This week the TEH Podcast is hosted by Leo Notenboom, the “Chief Question Answerer” at Ask Leo!, and Gary Rosenzweig, the host and producer of MacMost, and mobile game developer at Clever Media.
(You’ll find longer Bios on the Hosts page.)
Top Stories
- 0:00 LN: Another travel related thought exercise: you’re in another country, and you lose everything – phone, wallet, laptop, etc.. How do you prepare?
- 2:19 GR: Two Factor issues.
- 4:48 Connect with computers at home. Trust another person.
- 5:40 LN: Essential email accounts.
- 7:40 LN: Authy Two Factor.
- 10:57 GR: What if I can’t rejoin the internet world?
- 12:00 GR: It’s similar to getting connected when setting up a new computer.
- 20:00 LN: Backing up password vault.
- 24:50 GR: Services with no customer support
- 26:00 LN: Protonmail experience. And Fastmail.
- 29:00 LN: What “end to end” encryption means. Some people don’t really get why it matters.
- In light of this article: This Is the Data Facebook Gave Police to Prosecute a Teenager for Abortion (I’ve got an article in pipeline for early september)
- 35:15 Art and detail of encryption.
- 40:30 Government back door? Levels of intrusion.
- 45:00 It is a non-issue if end-to-end encryption is used.
- 49:00 Social ramifications are huge
- 52:00 LN: Headlines overstating things. For example: yet another Mac/Zoom vulnerability where the headlines are way scarier than they should be.
- Most vulnerability reports these days are ‘gated’ by phishing, so it’s in our control. Or is that “bad” news?
- 56:00 GR: Or, gated by “physical access.”
- 1:00:40 LN: Ransomware
Ain’t it Cool
- 1:02:00 LN: (rerun) Internet radio (Radio Garden), esp with upcoming travel (I’ve been using TuneIn)
- 1:05:00 GR: Embassytown by China Miéville
BSP: Blatant Self-Promotion
- 1:07:15 LN: What’s a Screenshot, and How Do I Take One?
- 1:07:48 GR: 5 Reasons Finder List View Is The Best
On your question about using end to end encryption with a group of people.
Create a key pair for the group. Each person in the group has the “receiver” key that is not the key for just themselves. Anyone can send a message to the group using the public key. Any replies would be made using the public key and the rest can decode it.
Interesting. Hadn’t thought of that approach. There’s a key distribution problem (how to do that securely), particularly as people join the conversation (if it’s one they can), but that’s solvable. Thanks! -L
Call Mom. My son and his fiancé robbed while they slept on an overnight train trip from Florence to Munich some years ago. Luckily the conductor had taken their passports, but their other ID’s, money and credit card were gone. When they arrived in Munich, my son call my wife (about 2 a.m. here) collect on a pay phone. She called Western Union and they received cash in an hour. And you thought Western Union was just for telegrams. (Actually they don’t do those anymore.)
So here’s the problem with that: it sounds exactly like a very common and popular scam. Right down to the “Western Union” part. (Once you send money that way you CANNOT get it back. Scammers know and love this.)
I would recommend something more — like some way to absolutely positively identify yourself to a loved one you happen to be calling. Or some other way that is completely in your own control.
Except this was a phone call from our son whose voice we could easily recognize. So unless he was under duress, it seemed unlikely that it was a scam. We also were aware of his itinerary. You are obviously not anyone’s mom, Leo.
Indeed I am not. But I’m on the listening end of story after story of people being scammed in exactly this way. It’s great that it worked for you, but I want everyone else reading this to remain on guard. My preference remains that you have a different backup plan in place.