Jun 22, 2019
Republicans and Democrats are getting together to save the news industry, listen in to find out more
Walmart is going head to head with Amazon on food delivery.
Who will win the security login battle Single sign-on versus 2F-A
I am planning a Security Summer for my listeners. I will have some free courses. I will also introduce you to some of the software that I use for my clients and how you can use it too. Also, I have some limited opportunities for businesses who have had enough with their security issues to work with me and my team and put their security problems to rest once and for all. So watch out for announcements on those.
For more tech tips, news, and updates visit - CraigPeterson.com
Below is a rush transcript of this segment; it might contain errors.
Airing date: 06/22/2019
Republicans and Democrats are getting together to save the news industry, Walmart is competing with Amazon on food delivery, and Single sign-on versus 2F-A.
Hello, everybody, Craig Petersson, here. We have another jam-packed show for today. We are going to discuss some of the technology that's affecting our lives, including, of course, some security stuff just some amazing things. Did any of you catch the tweeted story from Samsung this week? Well if you did, you got it before they deleted the tweet. We're going to talk about today. Hey, if you have a Samsung SmartTV, you're going to want to hear this.
We've got Google trying to go after Apple but in the end praising them for what they are doing in the same competitive arena. That's going to open up a whole topic of discussion on two-factor authentication and single sign on's. I'm going to go through it and explain it to you today. We will talk about the difference between software and hardware tokens, Google Authenticator, some of the other competitors out there so that you can understand what's going on and what it's all about. It is an important topic everybody needs to understand.
I also came across another article this week that had an interesting take on our First Amendment and the state of affairs in Washington DC and the Republicans and Democrats. It appears they are having a harder and harder time getting along much these days. However, it looks like there is a bill moving through Congress that is going to affect you the way you use Google, your Facebook account, and even the news in your local town. We'll delve into what that is all about.
I have to tell you about this little bracelet, called the Pavlock. Deep fakes are in the news again.
Here's another big thing, too. I should do some little small webinars on these. But man, it might be time to switch to a privacy browser. We'll to spend a bit of time talking about those today.
I'm going through the clock in my head thinking man, and we are not going to have time to do all of this.
Oh, and Walmart, we have to talk about this. Absolutely. Let's talk about it right. By now you know that we have some, just Goliath, some behemoth companies that are out there. That includes retail giants like Walmart and Target who've been fighting with each other over market share, of course, for a long time. If you know anything about marketing and color choice, you know, you always choose the opposite color. Did you know that they make whole color wheels specifically for figuring out the exact contrasting color of your competition? If your competitors' logo color is blue, then you use red. The other two colors that used are yellow and green. It's interesting to look at that, and I found that analysis quite interesting. Anyway, we have these two big competitors, Target is Red, and Walmart is Blue. Doesn't that go against the whole red-state blue-state thing based on shoppers? Both, of course, have added online stores. If you think about another large company, who could have owned the online business world had they made different decisions it would have been Sears Roebuck. Think about it. Sears had a vast catalog and distribution business that had been successful for 100 years plus before Amazon was even an idea. Amazon kind of nailed retailers, including Sears.
Now Amazon Prime with their purchase of Whole Foods and their online service from Amazon is starting to eat the lunch of both Target and Walmart. So both of them are fighting back. Walmart's now taking aim at Targets product called shipped, spelled shIPT. They are providing for it looks like it's going to be $98 per year for unlimited delivery service. Right now they have a service that is ten bucks or $9.98 or something to have all your stuff delivered to you if you go to one of their stores that offers grocery pickup. Right now, it is available in about 2500 Walmart stores, and you can go and pick up your order for free. However, what a convenience this is going to be. Right now it's only being offered in a few markets, Houston, Miami, Salt Lake City and in Tampa. The pricing may change, well, probably will change. Target just lowered the pricing of their InstaCart shIPT, as well. We'll see how this all goes but unlimited delivery of your groceries. Wow!.
You might have seen on the news that they are proposing that their delivery people will wear a camera can go right into the home and stock your fridge. However, for those of you that are crazy busy and don't even have time to swing by Walmart or Target to pick up groceries, Walmart anyways is going to put them right into your refrigerator. You can watch them on your computer or smartphone as they're in your home. I find that a little bit nerve-wracking. But you know, I'm nervous.
Let's think back a little bit. We were house shopping some years ago. And we were looking at homes in downtown Nashua, which is down in Southern New Hampshire in about the center of the state. We looked at some beautiful old houses, and you know, they don't make them like that anymore. I course you know I went into the basements and up into the attics, I want to see what are the beams like and how's it been held together. We looked at one home that had the logs, yes full old trees that were holding the floors up and some of the floors were warped because of that they were just so old. These homes were a few hundred years old. But these homes in Nashua were very well built. Some of the beams in them were 6x8, and some were even bigger than that. It was of course, very dry wood because it was over 100 years old, just beautiful. But one of the things they had in them was a butler's pantry with an outside entrance where the ice delivery guy put the ice. They didn't have to enter your home. He could open a little door that opened right into the back of your refrigerator. Do you remember those? I know, of course, you never really used them, unless you're one of my very much older audience. But the refrigerator would have a block of ice at the top. And of course, the cold air would come down from the ice and keep the stuff in your icebox cooler. They had direct access into the icebox from outside. Why don't we do that? I am sure someone can come up with a refrigerator, or you know a locked butler's pantry, or something so that Walmart or another third party can enter that part of the home or at least gain access to the fridge without having full access to the house. I think that's just a great idea. We've seen them already, Amazon and others doing deliveries into a garage. I know many homes have an entrance at the front, particularly when you get further north, up in Canada. There they are a popular solution to keep the cold air from filling your home as you you're come in from the cold outside. It is a place that you can take off your big heavy boots and everything else. It's only partially heated. And then you can go into the house and then take off your coat and everything else, you know, something like that, wouldn't that be great? A place, like that, you could give access to these delivery people. With Walmart, you're must buy their $200 door lock that you put on your front door that allows them to gain access to the house. How about if they only had access to a pantry? What a great new design concept? Flashback 150 years, I think that's kind of cool. For $98 a year, I might seriously consider signing up for this and see how it goes. You know, Whole Paycheck. I mean, Whole Foods might not be the best ones to have your weekly grocery delivery from unless you have a small family and a lot of income, then why not? All right, that I think that might make some sense.
Before we get into our big topics, let's go through a couple more real kind of quick ones. What is happening in Congress? Here is an article I found out in the Salt Lake Tribune, an opinion piece. It was talking about the News Media Alliance. Now, this is an alliance that represents some 2000 news publishers, mostly local newspapers, but also has some national papers, including the Washington Post, and also includes some digital-only news site. What the news media alliances been saying is, "Hey, listen, look at the newspaper industry." Have you guys seen the stats on this? It is crazy how many newspapers have gone out of business in the last ten years.
According to Pew Research, newsrooms have lost nearly half of their staffs in the last ten years, and since 2004, so the last 15 ish years, the US has lost about 1800 newspapers, and that's mainly weekly papers, these weeklies tended to be our local papers. In the town I live in, we used to have a few local newspapers, there were at least two. There's one that was focused in on coupons and another one that was focused in on local news. Nowadays, people are going to the Patch, which is a local/national effort. I think it was Yahoo that started the Patch and you might want to check it out.
But this organization of these smaller newspapers and a few larger ones, are saying, things are tough right now. Look at what Apple just did. Apple put in place a brand new system that allowed papers to consolidate. So for ten bucks a month, you had access to newspapers, that are part of Apple news, I signed up for it, on a trial basis, to see what I thought and I was disappointed myself. There was hardly any news included. It was some magazines primarily. And most of the time, I don't care about magazines. I once in a while will look at Architectural Digest, looking at these homes and beautiful designs. But other than that, I had no interest. I'm not a sports guy at all, so I don't care about sports magazines. I don't care about the glamour stuff. I'm kind of as you know, a techie guy, so I didn't like it. I initially thought it would be great because heck, I do subscribe to a couple of newspapers and I do that for one reason I need to stay informed, right? Every week I prepare to talk to you guys, and I'm trying to find some of the best tech articles out there just like this one I found in The Salt Lake Tribune talking about a long tail, a weird little newspaper, at least if you don't live in Utah, or Salt Lake. I do a little bit of that. I thought, Man, this might be a boon for the newspapers because they might get 50 cents or a buck out of Apple, at least, if I spend a lot of time reading the newspaper. I don't know how it is all set up or how the Apple payment works. However, what these guys are trying to do with the News Media Alliance, are petitioning Congress to provide them with an exemption. Now, you know, I am not fond of the antitrust laws. I think, you know, by now that I'm somewhat Libertarian. I sit in the middle of most of these arguments. However, I don't think we should bail out big businesses that go bad. When they fail, when GM fails, or Chrysler fails, we should let the free market take care of it. We should let them fail. It sucks at all these people are going to lose jobs and pensions and everything else. But it should be a cautionary thing to them. They should be looking at that and saying hey, listen it is probably not a wise decision to acquire this other company because we are not going to get the bailout at the end of all of us if things go sour. That's where I'm coming from, and you may agree or disagree with me. What is happening right now is we've got Senator Kennedy out of Louisiana. He is a staunch Republican, and he's very conservative like-minded, in a lot of ways with me. And he is getting together with someone that I don't agree with very often. And that is Senator Klobuchar of Minnesota. She's running for the Democratic presidential nomination right now. Senators Kennedy and Senator Klobuchar have gotten together, and they put together a bill in the Senate. And there's also a house version, co-sponsored by Georgia, Republican Collins and Rhode Island Democrat Cicilline. What they're doing is they're saying, Hey, listen, let's give newspapers a four-year antitrust exemption.
They've got safe harbor, that way they can get together and
figure out how news content and advertising can be equitably
divided. My thinking is, maybe these newspapers can put together a
little Alliance of their own, you know, for maybe 20 bucks a month
or something or perhaps only 10. All of these newspapers, and
remember it is 2000 news publishers, you can gain access to their
publications. Even if I wanted to subscribe to all of these papers,
it's too much of a hassle for me to subscribe to them all.
Additionally, for me, I worry about them all having my credit card
because they many won't use PayPal, many of them won't use Apple
Pay because they don't want to pay the Apple tax. So you can't
subscribe through the Apple Store. That means that I now have to
keep tabs of 20 newspapers, subscriptions, and each one has my
credit card information. That means I have to watch to make sure
they're do not get hacked. If they get hacked, I need to try and
get my data back and remember to go and give them the new credit
card numbers after I cancel the credit card the one they had got
breached. I'm glad to see Republicans and Democrats getting
together. Obviously, some Democrats are against it, and some
Republicans are against it, and others are for it, and everything
else. It is not a universal thing. I think that we have to protect
our newspapers are our media is our first line of defense against
some of the government corruption that inevitably happens.
Unfortunately, most of these news media outlets nowadays tend to be very partisan, right? They won't say anything negative about their guy or their gal, right. However, they will rip on every small little detail about the other guy. It bothers me. It is of benefit to the publisher because they have some income and don't have to cater to their demographic quite as much as they might have had to before. Plus, it exposes people to more points of view. I think it's an absolute win. No question about that. No question at all. If you go to my website at Craig Peterson dot come, you'll see that my wife and I worked on quite a big article on two-factor authentication, single sign-on, again, that's at Craig Peterson dot com.
We had a little bit above this last week, where we talked about
Apple and Apple's new sign in option you've probably used, or at
least you've seen this option on many, many of the websites that
sign in as Google are using your Google login or your Facebook
login. It ties into our last article about Google and Facebook
sucking profits away from these newspapers and putting it together.
How does it tie in? Well, it ties in because of my concern about
the number of logins, hundreds, right? If I sign up to hundreds of
newspapers, I would rather have one sign in option. I'd rather have
one payment for everybody. I like a consume as I much as want a
type of methodology. It's just like these streaming audio services.
Did you sign up for Apple Music? I've done it. Do sign up for
amazon music? Do you sign up for Spotify, which I've never done it
all, but a lot of people have. Spotify is very popular with older
people. Or do you sign up for Pandora, which I've also done? I like
Pandora think they have some of the best algorithms out there.
Which service is the best for you to sign up? How do you sign up?
Well, having this single sign-on can be useful. However, the big
question is, do you trust Google and Apple. We've talked about some
of the problems with the two-factor authentication, especially when
it comes to using your cell phone. That's where they send you a
verification text to type. They text a code that you type into the
website, and a lot of sites will do that. Okay, well what happens
if you are a specific target? If they've narrowed you down, if you
are the CEO of a decent company, you could be a particular target
and not just a part of the wide net that some phishing scammer out
there might be using. It's dangerous because if the bad guy has
your phone number, the text comes to him. Well, we're not going to
get into that right now. But what I want to do is talk about the
single sign-on a little bit more two-factor authentication, Apple's
new single sign-on where you will be able to log in using your
Apple ID, I think right now is probably the preferred way to do it.
Or at least it will be the favorite way to do it. It's not out
quite out yet.
Apple, remember, they make their money not by selling your information, not by selling your data which is how both Facebook and Google make their money by and by the way, I don't think that's a bad thing. Okay, don't get me wrong you need to understand all the trade-offs. Apple tries to have privacy in mind. I love that. And that's part of the reason I've been supporting Apple more recently, although I've disagreed with things that Apple's done. I've disagreed with things everybody's done, right. That's what you get for being a little bit in the middle of the road here. But let's explain what's going on. Those are all called single sign-on's. And that's where you can use your one ID, which would be your Apple ID, your Google ID or your Facebook ID to sign into these websites. And that can be a good thing for a lot of people. Because now you only have to remember the one complicated password as opposed to a whole bunch of them. You know, I prefer to use a bunch of different passwords, different email addresses everything as that's more secure. But the Apple's Single Sign On is going to be a win for a lot of people. Now, let's talk to you guys and gals who are in more of a security, conscious space. If you're just a home user, maybe you're a little bit older, and things get confusing, it's hard to track stuff, you're going to want to use that Apple single sign on when it's available.
However, If you are a business professional and you own a business, you are in accounting or finance or human resources, or maybe security, you're going to need to do things differently. You're going to want to use a suitable type of two-factor authentication. There are two types, software, and hardware. You know already that I prefer One password for my password management and to generate all my passwords. Well, it has an authenticator built into it, which I use whenever possible. Google has a free one available, as well called Google Authenticator. Here's how that works. When you go to a website, and you sign up for the two-factor authentication using one of these authenticators, what's going to happen is that you are going to be presented with it a little QR code that you can scan with your device. That means that when you go into your device, Google Authenticator, for instance, you scan the little QR code that the website is giving you for the authenticator, you do it with one password. Now your smartphone using the authenticator can generate a code that's going to be unique, and it changes every 30 seconds. Now what happens is, when you go to go back to that website to login, you're going to give your username, give you your password, which is something you know, along with something you have. Then it's going to ask you for the authenticator code. You can copy it directly, you can type it in, or you look it up on your Google Authenticator app or in one password, and bam, Oh, there you go. You are now logged in. That is the most reasonably secure way to login, use one of these authenticator apps, use it on a site that allows you to use an authenticator. The next level above that, which is what we use in my business, because we do security work, right? We help businesses manage their security. We do security, not just gap analysis, but effectiveness gap analysis for companies, and we help them keep track of it. What should you be doing? You know, we have the newsletters and things for business owners for sea level people aimed directly at them, right so that we're not just boring them with stuff. It is the stuff that your smart uncle doesn't know. But you need to know as a C-level person in a business, Right? We're at that level, and we use some unique hardware tokens. You've seen probably some of these before RSA has their secure ID, and DUO, company we've been using for a couple of years now has theirs. And these are little things that might go on your key chain, and they're showing this number, the changes every 30 seconds. Sound familiar? That's like the authenticator. I think that's all great. And then there are hardware tokens. These tokens go into your computer. They are things like the Yubikey, the Titan, which has had an issue recently. We use these hardware tokens. We have to put those into our machine to be able to use it. We have to enter the right passwords and things. Then and only then can we log in. So there you go, there's a quick rundown of what you might want to use to increase your security. If you're a home user, when it's available, start using the Apple single sign-on or start using the Facebook or Google login, Google is probably the safer way to go because you are less likely to have your information stolen. The Facebook one is the one I trust the least. If you are a subtle need of slightly higher security, maybe you've got some retirement money, some investment money, you're going to want to use one of these authenticators like Google Authenticator. If you are like me, you're going to use something like one password, which is a little bit better, right? Because one password has it all in a single place and has your passwords and generators everything. Ultimately you have the specific hardware tokens that plug into your USB port, or they also connect via Bluetooth to your devices.
If you want me to put together a little course on this, let me know, and I'll be glad to do that. A class that can show you how this all works and gives you some links and, and also some little video of how to do it, how to use it. I'll be glad to do that.
I've got to mention this one here, by the way, we've got our security summer coming up here in starting in July. And this is going to be some in-depth training about the significant back to essential points that you've been missing. Right, this is going to be a brass tacks course. We will be getting down to the brass tacks. So make sure you keep an eye out for an email from me about it. By the way, we got a new signup form at the top of the website pages Yay, finally got it all working at Craig Peterson.com, you will see it up there. But there's a lot to cover. And these are going to be 10 to 15 minute short segments that you can watch, and it's going to be kind of a summit format. I want everybody to get this. There's no charge, absolutely free to attend and free to watch all of these. You can ask questions during them because I want to get everybody up to the right level. I really want everybody to understand the brass tacks. So keep an eye out for that.
We are getting down to the last articles for today. Alright. Go right now to Craig Peterson dot com, you'll see right at the top of it should be on every page. Now, a little thing that will come up that gives you the option to provide me with your name and email. And I'll sign into my weekly newsletter, which has the security tips and will also tell you about the security summit this summer.
There was a Tweet from Samsung, then they deleted their tweet,
but they had little tweet this past week that The Verge is quoting
will prevent malicious software attacks on your TV by scanning for
viruses on your TV every few weeks. Well, there you go. Samsung, at
least for a few minutes, acknowledged that their TVs, like every
other smart TV out there, is vulnerable to hacks. So here's my
advice to everybody. If you have a smart TV, I turn off all of the
Smart TV functions, everything, turn off the microphone, turn off
the ability to run Roku or Plex or whatever you're trying to run on
it, turn it off. Then I use a standalone device. Now I do use an
external Roku for one of my TVs.
The problem is that over time support for the software that's in your TV will not be available anymore. My absolute preferred platform if you can, and this is from a security standpoint, is the Apple TV. I have the Apple TV for my main TV. I say get the Apple TV, but I don't make any money for this recommendation. Apple isn't a sponsor, and they don't pay me anything and never have, Right. I was on their advisory board for three years, and they never paid me a dime, right. I am telling you this because I think it's essential that you have an external device and one that can get regular hardware and software updates. It won't have a microphone built-in. It won't come with all the security problems.
You might remember, WikiLeaks revealed the CIA had developed a
piece of software called Weeping Angel. And that turned Samsung
Smart TVs into listening devices okay.
Then less than a month later, later, security researchers found 40 unpatched vulnerabilities on Samsung Smart TV operating system. Be careful and remember these are TV manufacturers, not security experts, people. Stick with those who make smart devices for the TV stick with an external Roku or maybe an Amazon fire or my recommendation, get an Apple TV, turn everything off inside your TV and use that external device.
We're out of time. That's it for today. Visit me online Craig Peterson dot com. Make sure you sign up for the updates so you can keep up with what's going on and you can be part of my security summer summit.
Take care, everybody. Bye-bye.
More stories and tech updates at:
Don't miss an episode from Craig. Subscribe and give us a rating:
Follow me on Twitter for the latest in tech at:
For questions, call or text: