My son has been bitten by the bug. The massive money making, lines around the block, international juggernaut that is Pokémon. He has a book with all of the current pocket monsters names, stats, pictures, regions and more in it. Right now, he is a walking, talking Pokédex.
To that end, he was introduced to the card game through other kids at school. This was kind of exciting, because I was a huge Magic: The Gathering kid, and TCG’s are my jam. So, I started he and I out on some pre-constructed starter decks from Target/Amazon. Now he’s hooked.
Normally, I wouldn’t be excited to get my son into something this potentially expensive. There are, obviously, much cheaper games to play and ones that don’t have the same far reaching marketing machinations. However, this is something that we’re actually bonding over. I get to teach him how to play, how to think strategically and about deck building. Stuff I had to learn on my own. He also gets access to all the various accessories I’ve accumulated over the years. Things like card sleeves, boxes, carriers, etc.
Typically, I’d say that Pokémon is a game that is far too basic for someone who played Magic so heavily in his early years. However, it has some level of charm. The game is simplified and often doesn’t take quite as long as an average Magic game. There are also a really simplified set of mechanics that don’t require understanding how “the stack” works. Overall it’s just very fluid. While I generally prefer my games to be a bit more crunchy, I still find myself seeking him out to play a game before dinner or in our spare time.
Spending time with kids was something difficult for me to understand as an adult. Communication is often my biggest issue as I don’t typically understand how they’re processing the world. This game has helped me by focusing our interactions into something we can both understand and agree on, while having fun.
So, yeah. I guess Pokémon has helped me bond with my son. A sentence I never thought I’d write.
Note: I technically missed this post, but it’s still good.
October is National Cyber-security Awareness Month. While many people ignore it as something that they don’t need to learn about, even basic awareness can help you be massively more secure than the next person. Generally, low level attackers are just looking to get access to the easiest to targets, because anything more than that requires exponentially more investment from their already razor thin margins.
Love them, or more accurately: Hate them, they’re here to stay. There are methods to make them less of a pain and more secure at the same time. Many tools to secure passwords and implement second factor authentication are already freely available and easy to implement.
Use a Password Manager
By my current count, I have somewhere in the neighborhood of 400 accounts on various sites, services and tools. Some of these are defunct, some of them might still have my account information in them. The good news is, because I use a password manager, each one is unique. That means if the security for that site isn’t all that great and they have a data breach, my password can’t be used to exploit any other sites.
Both Android and Apple have built-in password managers in the form of iCloud Keychain and Google Passwords. Both can help you not only generate a strong password, but can store it securely online and sync it to other devices. They also offer features like auto-fill on sites and apps when you visit them. These features are usually enabled by default, so you actually have to ignore them to not use them.
If you’re not jazzed by the default tools, or want something more robust for secret keeping, Bitwarden is a fantastic tool for storing your passwords, second-factor tokens, notes, identities, licenses and more that can sync with pretty much any device that has access to the Internet. The software is open-source, and can be self-hosted, but their own hosting costs only $10 a year which is an amazing deal. Other options, like 1Password are also good choices due to their multi-platform efforts, more robust syncing and rigorous approach to security.
In short: Don’t keep reusing that password. Get a password manager and stop reusing your passwords.
When dealing with passwords, you’re putting a lot behind a single code. Why not add an additional layer of security? A 2FA or second-factor is usually a one-time code either text’d to you, emailed to you in the form of a special login link or in most cases, a code that your computer or phone generates in response to a key that the site generates for you. To set this up, check your account settings and see if there is an option. Many sites are beginning to offer this feature as it provides an additional hurdle for attackers to breach.
Setting it up is usually easy too. Generally you scan a QR code in your password manager, or setup a phone number to send the codes to. Once done, you’ll login and then be asked to type in an additional code. Most good password managers will already have queued up this code in your clipboard, so often you just have to paste the code. Nice!
Yup, that old chestnut. However, you don’t have an excuse. Storage (especially online storage) so cheap in the current economy that often you’re paying fractional cents (USD) for gigabytes of storage. Combine that with some really excellent tools that all but automate the process for you, and backups are easier to get going than password management.
Don’t trust online storage, or you’re just strapped for cash? Check with a friend. You can encrypt data on a spare drive with VeraCrypt or similar and ask him to keep it in a cabinet at home. Better yet, do that with a couple of friends and now you have multiple offsite backups!
Seriously. Much of the botnet, malware and ransomware problems can be fixed with having a good backup system to restore from. Keeping important stuff encrypted and safe is also free and easy to do with little to no intervention on your behalf and storing data is cheaper than ever.
Scams, Phishing and Spam
You are the weakest link in your security. You’re vulnerable to persuasion and are the keeper of all the keys. Often attackers try to exploit this fact and trick you into providing secrets or data directly. These attacks will usually come through email, as it’s not time sensitive, but occasionally they’ll come through instant messaging or text services. No matter their origin, you should watch out for some tell tale signs:
- Asking for information they should already have.
Is the other end asking you for information they should already have, like a password, or personal information?
- Misspellings and grammatical errors.
I never understood this one, but I’m glad it’s here. Often attackers are not English speaking, or just have poor language skills, making their messages difficult to read or use mannerisms that don’t fit.
- Weird looking links.
Usually attackers will try to hide links by using HTML to mask them to look legitimate. One tactic you can use is to hover your mouse over the link, most tools will show you a tooltip of where the link actually points to. If any part of it looks off, don’t click on it.
- When in doubt? Call them.
Lots of attackers try to masquerade as official looking email. If you’re not expecting anything from them, or you’re suspicious, just call or reach out in another manner. Generally, if this information is needed, a person will be able to confirm or deny it.
I can’t believe I actually have to address this in 2019. So many devices now try and force updates, and so many people try and disable or ignore them. Honestly, this is the easiest issue to remedy. Keep your stuff up-to-date. If you hate the problematic time that updates present themselves, try and configure it to run at a time when you’re not going to be active, like overnight. iOS, as an example, will run updates and backups overnight so long as you’re connected to wifi and plugged into a power source. Something people do automatically before going to bed.
I’m not an avid Joe Rogan watcher. I know he’s done some notable interviews with famous people and that has gotten him and his show a lot of attention over the years. I just never bothered to watch it.
He recently interviewed Edward Snowden, who released a new book called “Permanent Record”. The interview is a long one, and fascinating to listen to. If you care at all about this country, you owe it to yourself to listen to someone who was, basically, exiled because he spoke truth to power.
I normally don’t like being involved in politics. Confrontation is something I avoid and politics is usually full of it (instead of compromise from both sides). Last night, however, I was thrust into it by some of my classmates in college. Needless to say, they have some kind of questionable beliefs that make me genuinely scared for the future.
The night began with discussing some casual child abuse. Now, we have laws in this country about how you’re allowed to treat a child. After all, the child is unlikely to be able to know the full ramifications of it’s actions, nor defend itself when attacked and generally makes an easy target for excessive aggression. The fact that we’ve codified this as a specific set of laws should be enough for people.
However, it appears as though many people are still, at least outwardly, okay with casual child abuse. My professor was wistfully talking about how the nuns at his childhood school would routinely beat up the students there and that his fear of nuns is deeply rooted due to it. He also described how his coach on various sports teams would rough him up, to the point of black eyes and whatnot. Both of these accusations seemed not only normal to him, but acceptable and the proper course of action when dealing with children.
Many of the students in class seemed to think this was an acceptable solution to what they perceive as the current issues with children misbehaving. Instead of understanding what the problem is, working through it and finding a solution to the problem. Like an adult. Corporal punishment is a savage and backwards way of making children behave, in fact, I wouldn’t be surprised if it made problems worse later in life.
According to my class, not only has he done nothing wrong, but other than some minor slips of the tongue, he’s been great. Despite the laundry list of things that he has done in the last few months that will likely take decades to fix, if they’re ever fully fixed. Despite the very public and very obvious character flaws that both he and his VP have, especially when dealing with women and minorities. Despite all this, they want him to stay.
I wish I could say that this is an abnormal class and that there are still people who don’t think child abuse is acceptable, and that being a toxic personality on the international stage is not very presidential. However, there many more people around me that believe the same things. There are even public officials at the tax office who have been caught failing to register people to vote if they identify democrat.
I know it’s not all broken. I know there are people out there who are not blindly following this strange 50’s-esque mentality of might makes right, let the men do the talking and women and minorities need to get back into their proper places. I know these people exist… but I feel disheartened and discouraged. I’ll vote, but I’m so tired of trying to fight this that it’s almost easier to just give up.