Liked The Internet of Things is a Complete Mess (and how to Fix it) (troyhunt.com)

This might seem painful right now (and frankly, it is), but it’s also a very exciting time in IoT. It feels like the very early days of the web where everything was a bit of a kludge we hacked together but we made things work and it turned into something amazing. That’s where I think we are now with IoT and as infuriating as it often is, it’s an exciting time to be a part of it and well and truly worth a few lighting problems here and there.

Liked Data Breaches, Class Actions and Ambulance Chasing by Troy HuntTroy Hunt (Troy Hunt)

I’m in no way against penalties being issued to firms that suffer data breaches and outcomes such as the FTC achieved against Equifax seem quite reasonable. This was a case where Equifax didn’t just fall well short of their obligations to secure customer data in the first place, but they did a woeful job of handling the incident after the fact. The “up to $425 million to help people affected by the data breach” settlement seems fair in this case and it was achieved by an independent government agency, not by lawyers looking to cash in.

There will, of course, be many cases that are simply settled out of court and we may never know the result. I dare say this is often the desired outcome of these class actions; strike a deal that’s appealing enough to avoid extensive court time, give those in the breach who joined the action a pro-rata’d slice of the settlement and the law firm keeps a big chunk of coin themselves without ever seeing a courtroom. Each one of those lawyer advertisements earlier on is there for one reason and one reason only: to make money for the firms involved. They’re not charities, this isn’t for good will, it’s simply business.

Liked How I Finally Fixed My Parents Dodgy Wifi With AmpliFi by Troy Hunt (Troy Hunt)

I moved on and extended the network out to my jet ski with their Mesh products, did a ground-up build in my brother’s house (which I remain jealous of) and just last month, released a free course on UniFi commissioned by Ubiquiti. Clearly, I’m a UniFi convert.

But UniFi isn’t for everyone. It’s a “prosumer” product which means it’s great for everyone from technical people installing it in their homes through to professionals building out entire shopping centres or stadiums with the gear. But it’s not great for non-techies; there’s both design and setup involved and frankly, a heap of features they’ll never need. That’s where AmpliFi comes in, Ubiquiti’s consumer line for the home.

Bookmarked Padlocks, Phishing and Privacy; The Value Proposition of a VPN by Troy Hunt (troyhunt.com)

To be clear, using a VPN doesn’t magically solve all these issues, it mitigates them. For example, if a site lacks sufficient HTTPS then there’s still the network segment between the VPN exit node and the site in question to contend with. It’s arguably the least risky segment of the network, but it’s still there. The effectiveness of black-holing DNS queries to known bad domains depends on the domain first being known to be bad. CyberSec is still going to do a much better job of that than your ISP, but it won’t be perfect. And privacy wise, a VPN doesn’t remove DNS or the ability to inspect SNI traffic, it simply removes that ability from your ISP and grants it to NordVPN instead. But then again, I’ve always said I’d much rather trust a reputable VPN to keep my traffic secure, private and not logged, especially one that’s been independently audited to that effect.

Troy Hunt explains that even with HTTPS, there is still a need for VPNs and the added security/privacy they provide.

As the old saying goes, privacy isn’t necessarily about having something to hide, it’s also about not having something you want to share; if you’re depressed and going to beyondblue.org.au then you may not wish to share that with other people. If you’re having trouble with alcohol and visit aa.org.au then you may not want to share that either. If you’re pregnant and hopping over to pregnancybirthbaby.org.au then, again, you may expect to keep that information private (let us not forget the story of how Target managed to “data-mine its way into [a teenage girl’s] womb”). Just looking up those URLs I was imagining what sort of conclusions would be drawn about me if someone had access to my connection! (No, I’m not a depressed alcoholic teenager who’s expecting…)

Bookmarked We Didn’t Encrypt Your Password, We Hashed It. Here’s What That Means: by Troy Hunt (troyhunt.com)

A password hash is a representation of your password that can’t be reversed, but the original password may still be determined if someone hashes it again and gets the same result.

Troy Hunt discusses the difference between encryption and hashing when it comes to passwords.
Bookmarked

Troy Hunt reflects on the discussion of the Australian Government’s development of an app that would allow users to identify and be identified if in contact with the coronavirus. He suggests that privacy is not an absolute.

Bookmarked Sharenting, BYOD and Kids Online: 10 Digital Tips for Modern Day Parents (Troy Hunt)

I was invited into the local ABC Radio studio to comment on this piece and online safety in general so in a very meta way, I took my 7-year old daughter with me and captured this pic which, after discussion with her, I’m sharing online:

Discussion quickly went from sharenting to BYOD at schools to parental controls and all manner of kid-related cyber things. Having just gone through the BYOD process with my 10-year old son at school (and witnessing the confusion and disinformation from parents and teachers alike), now seemed like a good time to outline some fundamentals whilst sitting on a plane heading down to Sydney to do some adult-related cyber things!

For Safer Internet Day, Troy Hunt provides a number of tips when it comes to digital parenting. He argues that everyone needs to find there own balance, but this needs to involve guiding children, managing administration duties and living with the chance that anything shared could be made public. In the end, the message that eminates from Hunt’s piece is the importance of being an active parent.

Digital controls can never replace the role parents play in how the kids use devices; they should be complimentary to parenting rather than a substitute for it.

Some other useful pieces on this topic include: