YouTuber Spotlight – Hak5

Technically “Hak5Darren,” but we can get past silly technicalities when talking about the longest running tech show that I’ve been interested in on YouTube – ever.  🙂  Hak5 is a hacker/security/modder/tinkerer show that in no small way has influenced The Wacky World Of MultimediaJay and its more offbeat approach to things.  Plus their distinct lack of drama and insistence on keeping ownership of certain rights when joining networks has contributed to the show’s longevity in a day and age when even web shows can be cancelled on a whim like it’s still TV (TekZilla -> TekThing anyone?).

Two freebies for those wondering about this show’s influence on me.  The raster clips for time lapses in my videos hail back to the early days of Hak5 when they still called it “Hak Point 5” and “Jay’s Geekhouse” was at least partially inspired by the old “Hak 5 House.”  🙂

Channel Overview:

Hak5 was first introduced to me as a hacker show which doesn’t do the show justice.  It’s more along the lines of tinkering with things.  Part of that of course is hacking and network security, but I’ve also seen my fair share of mods, voiding warranties, snooping around “under the hood” of certain devices, and even iconic pet named tech thingies like the WiFi Pineapple.  🙂  Calling it a hacker show clouds what the show’s about and gets people thinking Hackers Vs. Security Admins at Defcon or something.  😛  Needless to say, as one of my favorite shows of all time on YouTube with a ton of longevity to boot, it’s definitely worth watching. 🙂

What First Got Me Watchin’:

Hak5 is basically the last remaining show that I still watch from the IPTV Introduction I watched on TechAnvil’s long gone channel back when he was doing Tech Vlogs in 2006.  (The exception being TWiT, which was audio at the time as Leo had returned to his radio roots).  Yes, we’re talking about vintage YouTube here from when I was first getting started 10 years ago, a.k.a. back in the day.  🙂  Nowadays the video is a who’s-who of shows that aren’t around anymore – except Hak5 of course.  🙂

The show being described as “hack scene” kind of veered me away for a bit due to my more multimedia presentation focus, but ultimately my curiosity got the better of me…  🙂

Fun stuff.  I was thinking I’d be looking at a Linux command prompt for an hour, but in my younger and dumber days (emphasis on the dumber) the idea of “hacking” meaning modding something was… a tad of something I hadn’t considered.  :o)

I actually sent the USB Hacksaw to the security admins at my 925 at the time and they were like, “Whoa hadn’t thought of that.”  Been paranoid about USB Autorun ever since.  🙂

By season 3, Hak5 was a show I wanted to binge watch.  Screw Netflix.  😛

I made plans to binge-watch from the beginning, and….  I’m still making plans all these years later.  😛  Duhhhhhhhhhhhhhhhhhhhhhhhhhhh lol.  :o)

I still watch the show, but just not in the way I wanted to back in the day…  🙂

The Hak5 Channel Today:

Besides still being around, Hak5 has become an umbrella of sorts.  Today they’re hacking things in 2 seconds apparently…  🙂

For things that just can’t wait until the next Hak5 show, they have ThreatWire, the first of their other shows I found out about.  🙂

TekThing is under their umbrella too these days.  Makes me wonder if the Hak5 folks are out to rival the TWiT network…  🙂  So long as what happened with Revision 3 doesn’t happen with these groups anytime soon.

This entry has been a long time in coming, but here’s to wishing all the best for Hak5 for decades to come.  🙂  They also have handled team changes exceptionally well too, so I’d say they even serve as a great example of how to develop a show like this in the first place.  🙂

Let’s close with a recent experiment of theirs with 360 degree video.  Cool stuff for the up-and-coming VR technology out there.  🙂

Trust Your Technolust indeed.  🙂

Advertisements

…Yeah. :-P About That “Ashley Madison Thing…” :-P

There were two reasons for me to hop on the microphone about this story.  I could either jump on the bandwagon with all the other folks chiming in on this, or I could chime in because there was a nerdy element to it somewhere…  😛

I chose the latter.  🙂  Here’s my commentary as well as other folks’ two cents from YouTube on this matter.  🙂

MultimediaJay RadioStyle:

ReviewTechUSA:

The Archfiend:

The Young Turks:

MundaneMatt:

Hak5 Threatwire:

Secular Talk:

The Folks At TWiT – Tech News Today:

Regarding The Passing Of Aaron Swartz

As a testament of how much my job has been running me into the ground over the past several months, my recent appearance on Out Of Continues Episode 59, as much of a technical mess as it was, was where I found out about what happened to Aaron Swartz, a very passionate technologist and outspoken advocate for internet and information freedom who took his own life earlier this month.  I never really ran in too many of his types of circles techwise, but the minute I found out about his ties to RSS, that was something to tip my hat about.  RSS, or Really Simple Syndication, was one of those things that revolutionized the Internet by allowing for so many things that have made the Internet into a successful form of mainstream entertainment, such as podcasting, vidcasting, blogging, etc., to work.

For those who aren’t all that geeky, what RSS does (and this blog has an RSS feed) is allow you to use an RSS reader to subscribe to stuff, which flips the traditional model of the World Wide Web in reverse and makes things much easier.  In the early days of the web, you had to know what you wanted and know where to look to find the information you were looking for, usually accompanied with a ton of long page loads because things were via dialup back then.  🙂  I vividly remember those bad old days of trying to look online for stuff on my high school library’s clunky old computer with its 28.8k modem (not even 56k lol) that kept cutting me off with no message whatsoever so suddenly my Netscape Navigator web browser would just stop working (yeah – that long ago lol) and I’d think the Internet had broke.  😀

Search engines such as Google helped change that a bit but you still had to know what to search for, so the process still began with you, plus you had to know how to Google really well to get decent results.  RSS on the other hand finished that switch by allowing people to subscribe to stuff online and then have the option of having stuff delivered to them instead of having to go look for it every single time, so with news for example if I really liked XYZ News reports I could subscribe to their RSS and see the stories every time I opened my RSS reader instead of having to constantly go to their website and see if there were any new stories.

This alone gives me reason to tip my hat to the late Mr. Swartz, but his defense of internet and information freedom only multiply that several times over.  He was a big defender of things like Net Neutrality, opponent of things like SOPA and PIPA with their “chew the meat spit the bones” style of combining internet-crushing regulation with noble-sounding ideas like protecting US trade secrets.  So what happened to him?  Here’s Hak.5’s report on it.

What we had here was grey area on both sides.  Was what Aaron did with JSTOR right?  Was what the government did in response the right thing to do?   Depends on who you are in both cases.  One thing that I hope everyone can agree on though is that there is a war on to crush the freedom of information even in this so-called “Information Age.”  Our schools are infected with these philosophies and worldviews today that discourage critical thinking and thinking for oneself and even the concept of objective information, rights/wrongs, etc., instead focusing far too much on people’s subjective internal feelings and expression, until of course someone breaks a law and gets arrested, at which point their own feelings on whether certain “wrong stuff” is right goes completely out the window.  😛  We have legions of people, including politicians and other people who can vote on things, who don’t think for themself and can’t even debate a simple point.  Meanwhile also in society today are legions of lobbyists, other politicians, people with money, etc., who seek to take advantage of the aforementioned folks who don’t think for themselves or can’t articulate a point in civil debate to twist things in their favor.  …and in the middle of this?  Information – and its freedom – constantly in the crossfire.

I mentioned on Out Of Continues that if the state of internet and information freedom contributed to Swartz’s suicide I can see why.  Broadband, after a decade of progress going from dialup to broadband and limited to unlimited access is now under siege from power-hungry and money-hungry interests all over the place who want to limit what information can be seen online while squeezing every last penny out of people’s already near-empty pockets.  It’s almost like these people want this decade to undo the last decade or two and bring us back to the bad old days.  Will anyone stop them?  Depends on how many people out there know what’s really going on versus the bobbleheads who don’t think for themselves who get fleeced and patronized by the people causing all of these problems.  In any event though, with how things are today, if Swartz was in any way further depressed by this sort of stuff it’s rather easy to see why.

The only hope that any geek can have right now is that this man’s death won’t be in vain, and that the discussion of the old saying, “Information longs to be free” will fire up even more following these events.  =(

Stupid Things People Do In The 21st Century

So The Consumerist ran a story about some bozo at this past week’s Democratic National Convention who in the heat of a politically-charged moment flashed her Medicare card in the air in front of the TV cameras putting her Social Security number on national television.  Seriously, how stupid can people get?  Sadly though, this is not an isolated incident by any means.  So many people nowadays do really dumb things and then we wonder why things like identity theft are so widespread.  Here’s a few pet peeves of mine that no doubt contribute to this century’s problems with the world being a little too wired.

  • Using Real Names In Online Addresses And Identities – This should be a no-brainer, but you’d be surprised how many people in a spurt of uncreative non-genius decide to go with their real name as their User ID in an e-mail address or on a site like Facebook because they can’t think of anything else.   Seriously now, don’t complain about 21st Century “Stalker Internet Culture” and/or identity theft when somebody can type Something.com/yourname into their browser and hey look there you are.  😛
  • Mandatory Sensitive Information On Online Job Applications – With most HR recruiters bawling about bazillions of job apps per position these days, it’s utterly appalling that job applications require mandatory Social Security numbers and other sensitive information that ends up being stored on a server for at least 90 days, so all these job hopefuls that are never even considered for a position get to have their SSNs sitting on an app server at a company that might never hire them, and who knows how well that server is maintained in terms of security and updates?  Seriously, compared to systems with customer or employee data, how much priority do you think an application server would get relative to other systems in the company in terms of security and maintenance with your average resource-strangled IT department these days?  Hmmmm…..  :-\
  • Phone Answerers That Are Awful With Credit Card Information – Some small businesses like pizza places in my neck of the woods are trying to be more high-tech these days by allowing you to order pizza with a credit card over the phone.  Unfortunately, like most non-tech people, many of these restaurants do it badly at best.  I’ve seen pizza shops where whoever takes your order repeats every digit you say over the phone out loud.  Yay.  Thank you very much for blurting out my credit card number to everyone within earshot of you.  I think I’ll check a recent transaction log for fraudulent activity now.  😛  The worst case of this that I’ve dealt with involved one place that used a cellular swiper where one night the lady delivering the pizza couldn’t get any signal on the swiper so she called it in on her cellphone and all-but shouted my number and expiration date to the entire neighborhood.  I no longer order from that restaurant.  Coincidence?  😛  Probably the worst example would be pizza places that do all of this AND require CCV codes.  Great, so the person taking my order may say out loud enough information for someone to steal my card, including the CCV code, or may write it down on something which will end up God knows where for someone to steal and make bogus transactions with.  These businesses should quit buying all these new systems if they won’t deploy them properly or educate their people on proper handling of sensitive customer information.
  • Tech-Illiterate Friends And Family Defeating The Purpose Of Online Usernames – This is a common gaffe I see in online gaming where a bunch of folks who know each other in real life play an MMO under usernames and call each other by their real names, sometimes their real surnames (“Well Mr. Smith we sure pwned that raid boss.”).  It just makes me want to cringe.  Seriously, we’re getting to a day and age where soon everybody will have to be like celebrities wearing sunglasses everywhere we go at the rate we’re going.  😛
  • “I Took This Picture, Therefore I Should Immediately Put It On The Internet.”  Remember that crazy party last week where you got drunk off your you-know-what and your friend Jimmy was walking around with a smartphone snapping pictures to treasure that moment forever?  Well it’s the morning after and in the midst of your brain-pounding hangover, hey look, Jimmy put everything on Facebook.  Now your whole family and friends know what a debaucherous drunk you are, but wait, there’s more.  Jimmy has no clue that his privacy settings are set wrong so all kinds of people can see that you’re a crazy drunk now, including the hiring manager of that job you so wanted to get.  You check your voicemail.  “We’ve decided to go with another candidate.”  Right.  These kinds of incidents shouldn’t happen, but sadly they do.  😛
  • Setting Privacy Settings Wrong – Gotta love when websites give people privacy settings but people using said websites can’t be bothered to actually use them.  Then we wonder why we have incidents like this Massachusetts incident from earlier this year where some high school girls’ Facebook photos wound up on a porno site.  :-\
  • Sharing Logins On The Job – One of the biggest problems I faced at my last Fortune 500 job where I got to help out with IT stuff.  Too many people got in trouble for stuff they didn’t do because they found out the hard way that sharing logins doesn’t absolve them from responsibility if the account is misused.  Usually these problems were caused by non-techie supervisors and workers sharing logins because they couldn’t be bothered to wait for IT to finish making logins for new hires, or one person had wireless access on their account and the others didn’t but needed it and the person with access couldn’t be bothered to open tickets for 20 other people to get that access.  All in all, sharing logins in a corporate environment is a shortcut/workaround that’s never worth it.  😛
  • Passwords On Post-It Notes – Hey there non-techie supervisor.  It’s nice that you can’t remember a password for beans, but you should at least pretend to try to hide the Post-It Note with your login information instead of having it sitting on your desk next to your keyboard, or taped under your keyboard.  😛
  • Monkey See Monkey Do On YouTube – Hey look.  All these other people on YouTube are making such and such types of videos.  Shouldn’t you too?  The answer of course is no.  😛  I’ve seen some videos that will no doubt embarrass their creators in a few years, but hey, everyone’s doing it, and after they get embarrassed or called out enough, they can always play the “oh I was just ACTING” card.  Yeah, like we’re supposed to believe you consciously came up with the idea to name a fictional character LOLMadDude250614 before starting your YouTube channel even though you never referenced yourself as a fictional character for the first 150 rant videos until so-and-so called you out.  Riiiiiiiiiiiiiiiight.  😛
  • Forcing People To Say Sensitive Information Out Loud – Okay.  I just stood in line for over a half hour.  Now I’m finally to the front of the line, and I’m supposed to verify my identity by telling you my Social Security number with a line of people standing in back of me.  Really?  Maybe I should wear a bright orange shirt with my SSN on it while I’m at it!
  • Using Sensitive Information As Passwords, Etc. – Hey look.  HR just got this new system thingie online, and our default password is part of or our entire SSN.  Yeah.  Uhhh…. Ever heard of keyloggers?  😛
  • Really Dumb Passwords – Sad to say, there’ve been times where I’ve seen things like “Password” as a password.  Enough said.  😛
  • People Complaining About Password Policies – Yes Mr X.  You work for XYZ Corporation and handle sensitive customer information.  Of course you need to have a password that’s harder than “1234” and will need to change it every few weeks.  Wouldn’t want someone to brute force your account and send a nasty e-mail to your boss under your name now.  😛  Seriously, it’s like a work equivalent of parents saying, “My house – my rules.”  If companies are like “Our systems – our rules” just play along and follow them lol.  😛

I think this has gone on long enough, but it’ll suffice to say, whats-her-name flashing her SSN on her Medicare card at the DNC was only the tip of the iceberg with how people can be so behind the curve on this kind of stuff these days.  😛

Indeed, This Generation Has No Floppies =(

Had a flashback to a security issue I stumbled upon several years ago while browsing Ars Technica today.  Ugh, why are these types of incidents still happening out there?  =(

Ars Technica – Chinese Hackers Steal Indian Navy Secrets With Thumbdrive Virus

The sad part is, I learned about these kinds of exploits years ago.  Back in October 2006 Hak.5 way back in Season 2 did a show where they demonstrated how an innocent-looking USB drive could install a hidden program that “backed up” any future USB drive inserted into the computer and e-mailing the contents over a network.  After I saw this I actually reported this to my company’s Enterprise Security group the next day and they were interested in learning how to defend against this exploit too.

Although the production value is very crude compared to what they do today, here’s the YouTube version of that show from way back in 2006.

At the core of these kinds of problems lies a fundamental difference between removable storage nowadays and the removable storage of yesteryear.  Some people are tempted to say that all these flash memory cards and thumb drives are the floppy disks of the New Millennium.  That is NOT true at all.  Floppies didn’t have the kind of Autorun capabilities that today’s removable media has.

Autorun is really where these problems come from.  Autorun’s been on CD-ROMs for years but most CDs being write-once media wouldn’t be as vulnerable to this kind of exploit as something that could be rewritten to.  That’s how Autorun has passed under the radar of so many people, because they see Autorun and think CDs and think because CDs were safe everything will be safe, and that’s exactly the kind of technogaffe that malware writers who write these things will be looking for.

Really, I’d rather Microsoft hadn’t tacked Autorun onto everything under the sun.  Is it really that hard to just click My Computer and the drive to access the drive?  😛  Fortunately, there have been official Microsoft writeups on disabling Autorun, and another alternative to simply disabling everything or banning USB drives (like the DoD wound up doing after a similar attack on US systems that’s linked in the Ars article up top) is to configure computers to simply ignore Autorun.inf files, like in this Computerworld article.

http://blogs.computerworld.com/the_best_way_to_disable_autorun_to_be_protected_from_infected_usb_flash_drives

I guess you could say that floppies were so special that there’ll just never be another technology like it.  🙂  That however is the hard yet funny reality these days.  Point being – if it has Autorun- BEWARE, and hold down the Shift key while inserting the removable media.  🙂

ISPs Should Exit The E-Mail Business

Hey check it out.  Comcast is ticking people off again.  :o)

Stop The Cap! – HissyFitWatch: Frustration XFINITY – Comcast’s Nationwide Sporadic E-Mail Outage

Of course, I should probably give Comcast a break here.  All the e-mail nonsense I’ve dealt with in the past year has had one thing in common.  ISP ACCOUNTS!!!

On my own Death Star account when AT&T slapped DSL and U-Verse customers with bandwidth caps last year I immediately began the process of “De-AT&Ting” everything so I could leave AT&T without having to switch a bunch of stuff around.  One of the ways I “De-AT&Ted” was by setting up some non-ISP mail accounts and finally joining the GMail Revolution.  In its early days GMail was only for folks willing to tie the account to a mobile phone (maybe to plug Google Voice?), but when the service was opened up to everybody I set everything up and immediately observed that the GMail account worked better than the AT&T account.  The AT&T account had outdated POP-based mail technology, GMail was up to date with IMAP and worked much better when accessing e-mail on multiple devices.  The AT&T account is very much a backup, if I even want to use that account anymore.  I actually have another backup account from my pre-AT&T days that I could use instead of that one if I really wanted to.

Then there’s the e-mail schtuff I’ve been dealing with when helping my Dad out with technology.  He’s a tad old-fashioned, and still using AOL Dialup for everything (I’ll wait until you folks stop laughing  :-D), but the last time I helped him out with computer stuff we both wound up all worked up over….. ISP-provided e-mail that wasn’t working right.  😛

Why do ISPs even bother with e-mail accounts anymore?  They might as well stop dealing with all the hassles of running and maintaining e-mail servers and just recommend third-party mail-only services to their customers.  I was reading once where some cable internet packages offered 4 or 5 e-mail addresses as part of the bundle.  Seriously?  Do I really want the whole darn family to have ISP e-mail accounts and then later on everyone will have to send new addresses to all their contacts if I ever change ISPs?  😛  ISP mail accounts these days are better as a backup than a primary account, and ultimately more trouble than they’re worth.  After all, why would anyone want to have an e-mail address that would need to be replaced if they moved or didn’t like their ISP or got banned by their ISP, etc.  Sure mail services can go out of business (one service I used in college as a backup to my college e-mail now no longer exists), but that would be a better reason for someone to have to send updated contact info to everybody than “Oops I’m moving” or “Oops I got sick of my ISP.”  😛

Meanwhile, if ISPs would stop trying to use this bundled service stuff third party mail providers like GMail could get more business, heck maybe even sell more premium service where if someone liked a mail service enough they’d be willing to pay a few bucks per month for a larger account or something.  At the end of the day though, this Comcast mess isn’t the first time I’ve seen ISP mail accounts mess up, and I’m sure it won’t be the last.  😛

One wildcard here would be GMail for Google Fiber if Google Fiber started going places, but Google Anything these days seems to hold its own quite well despite Google being a huge umbrella in the tech world these days.  🙂