Jump to content


Forum Moderators
  • Content Count

  • Joined

  • Last visited

Community Reputation

65 Excellent

About Jeber

  • Rank
    Still Version 1.0 beta
  • Birthday 02/03/1954

Contact Methods

  • MSN
  • Website URL
  • ICQ
  • Yahoo
  • Skype

Profile Information

  • Gender
  • Location
    Richmond, Virginia
  • Interests
    Pets, plants and 'puters, and the really big questions in life, like "Why am I here". Not humans or me as a person, more like "Why did I come into this room"?

Previous Fields

  • Main System Specs:
    Mac desktop 27" Retina 5K iMac 3.2GHz Intel Core i5 32GB DDR3 RAM Magic keyboard and mouse Windows desktop Dell XPS motherboard i7-6700K processor 3.4GHz 64GB 2666 DDR4 RAM NVIDIA GTX 1060 6GB 250GB SSD (OS drive) 1TB HDD, 2TB HDD, 5TB HDD (Data drives) MS keyboard and mouse
  • Secondary System Specs:
    MacBook Air 2014 Microsoft SurfaceBook 1st. generation
  • Other System(s) Specs:
    Big iPad, medium iPad, little iPad. iPhone XS Max Apple watch 4th gen Good friends Alexa, Cortana, Siri, and OK Google.
  1. I'm hoping to get all things like this written down before senility finally claims me. So basically, the key is providing a code similar to that generated by the Google/Microsoft/LastPass authenticator? That makes sense. So I can "register" it on any site that allows that form of 2-FA?
  2. One thing about computer technology; no matter how long you've been around, something new will always come along to make you feel like you don't understand a thing. I'm all in favor of 2-factor authentication. I've long appreciated the weakness of passwords. But a recent incident involving a very popular password manager service, which I've used for over a decade and won't name because nothing that happened was their fault, I realized that there are serious shortcomings with depending on relying on 2-factor authentication that uses codes sent to you via text message or codes generated with a generator stored on your mobile device. The only fool-proof method of 2-factor authentication available at the moment is to use a physical key, sold under brand names like Yubi® keys and easily available from Amazon or, now, Google. You still use a username and password on each site you want to make extra secure but you also need a physical key that, by USB, WiFi, Bluetooth or NFC, "unlocks" that site and allows access. Anyone else without your key but in possession of your username and password wouldn't be able to log in to the site. Now that comprises just about everything I understand about these keys. Despite owning a set of USB and WiFi keys, I know little about actually using them. If just owning them made me more secure, I'd be all set. Unfortunately... My primary question is; Are these keys used the same way a password manager is? In other words, can my credentials from multiple sites be stored on them? Every explanation I've seen in print or video relates to using them to secure a single, usually Google, account. But can I use a single key to access any site that lets me use one for 2-factor authentication? Another way to ask the same question, is the key assigned to me as an individual or is it assigned to the site I first use it on? If I register it as a device to allow me access to my bank does it erase the credentials that allow me to access my Gmail, or will it authenticate me on any site where I've registered it as me? I can't imagine the developers expect us to carry a key for each service we want to use one for, but there are a lot of things I can't imagine that turn out to be the case.
  3. I've done tech support over the phone for 2 companies. Thinking back on those experiences makes me sad...no, suicidal.
  4. One of the best aspects of this forum is the ability to ask a question and get honest, simple, down-to-earth answers that are informative and easy to understand. For years I've seen references to physical security keys like Yubi keys. I've always been big on security. I use 2-factor authentication anywhere it's offered, even if many sites employ it in a way that makes it inconvenient and cludgy. Based on what I've read it seems that Yubi-type keys provide the same basic security that 2-factor does. The key is registered to you (somehow) and the fact you have it in your possession and can plug it into your USB port proves you are you. Looking closer I see there are a couple of different standards, U2F and FIDO2 appear to be the most common. That's pretty much what I know about these things. So, my questions... Are they really useful? Is using a key more secure than having codes sent to your phone? How do you employ these if you're logging in from a phone or non-USB tablet? Can they be used at work, using different credentials, or do you need a separate key for each account? Is there value in spending $20-50 for a replacement for text codes? Any other info or opinion welcome.
  5. I bet 99% of the members of this forum know that nearly every product sold to clean computers and their screens is nothing more than relabeled isopropyl alcohol. Alcohol is a good cleaning agent, but I wanted to pass along a tip that we discovered at work, where we clean hundreds of computers a day. The highest percentage of alcohol that should be used on computers, TVs, monitors or screens is 70%. It would seem like 99% would clean better, but actually, it poses a risk. We found that 99% alcohol, if not wiped off immediately, begins to etch into the plastic computer body. It's too strong for general cleaning. It might be fine for glass but not computers, TVs or their screens and monitors.
  6. I've got 3 iPads, all running Chrome. I had to select which Google account I wanted to synch to during installation but after that no problems. My folders in "Desktop Bookmarks" are identical to those on my other devices.
  7. A barely belated happy birthday wish, Eric. Hope it was fantastic.
  8. My roommate just asked me a question about file sharing I don't know the answer to, so I'm asking you all. At work he has a homegroup with two computers in it, one a Windows 7 machine and the other running XP. He wants to share files between the two. Each computer can see the shared files, but when trying to open them he's getting an error that says, as best as he can recall, that he doesn't have permission to open the file. He hasn't set any permissions on the files. (This is a lawyer's office and the files are mostly text documents) Any ideas on what the problem might be and how to resolve it?
  9. Blonde beach bunny to her blonde girlfriend, "I had dinner last night with a Brazilian". Girlfriend, "Wow, how many is that?"
  10. I have a friend (no, really) who has found out that a third party has access to his work emails. This man's a lawyer, so this is a fairly serious issue. The emails were sent from his work server to another attorney. His server is on a privately owned domain and maintained by a friend of his. We don't know what setup the other attorney has for her email. I told him, and I hope I was correct in my advice, that the maintainer of the server should be able to look at the logs for that domain and see which IP addresses logged in during the month in question. Eliminating the IPs that are known should expose the unknown. Turns out the server logs are only kept for 60 days, and these emails were from December of last year. Of course they could have been accessed any time since then, but we'd only be able to find the culpret if the access was within the last 60 days. So without discusiing hacking techniques, what advice can I give him on how best to determine how those emails were obtained? I suspect if the hacks were made more than two months ago he may never find out who did it or how. What are your suggestions for methods to harden their server against future attacks? Obviously, being lawyers, their emails are frequently very sensitive and I believe they would spare no expense to make sure this doesn't happen again.
  11. Just a confirmation: I upgraded my desktop (the one I use these days is a hand-me-down corporate Dell Optiplex 780, very average specs) to Windows 10 on the 30th. Used it for a week, had some issues and decided to downgrade back to 7. The downgrade took forever (in geek terms, actually about 1.5 hours) and I was informed I could upgrade again if I wanted later. I outlined my adventure here.
  12. P.S. While I adore my Motorola Moto G phone, I'd never own a Motorola Surfboard modem/router. Just my opinion, for what it's worth.
  13. Since I'm remembering back a few years to my D-Link help desk days I have to state up-front I may say something that doesn't apply to your situation. Like Eric, I'm unfamiliar with the particulars of Comcast's service, so that may also lead to inaccuracies in my comments. Most carriers provide an outside box that connects from the last mile of their cable to your home. From that box they run a cable, usually coax, to your router. As far as your internet connection goes, you can use any cable modem you want. Modern modems act as routers, they provide IP addresses for all the devices connected to your home network, both wireless and ethernet. If Comcast provides your TV service you'll need a splitter that takes the single coax input from their outside box and provides 2 outputs. One output goes to your TV box and the other to your modem/router. You'll need to connect to the modem with an ethernet cable to set it up (change your SSID, enable WPA2 Personal for encryption and change the default LAN password). The defaults set by the modem manufacturer are well known and vulnerable. Like Eric suggests, put your modem/router near the middle of the house, away from other electronic devices and as high up in the room as possible. If you have a cell phone you can usually find an app (like WiFi Analyzer for Android) that will let you test the strength of your wireless signals from various points around the house. Naturally you'll want it to be strongest where it's going to be most needed. (edited to correct terminology)
  14. My deepest condolences to you, Fran. While none of us are immortal we do live on in the memories of our friends and loved ones. May you find peace in the memories of your years together.
  15. Daniel is one of my California friends and I've been on his advanced copy list for several years, ever since I told him I found, read and loved his first self-published book, Daemon. (He sent me an advance copy of Influx for my birthday...he's that kind of friend.) He really is an outstanding author and fascinating guy. I recommend all of books without reservation, provided you enjoy tech, thrillers and a bit of sci-fi.
  • Create New...