Digital revolutions happening under our eyes

Written on 1 October 2019, 04:48pm

Tagged with: ,

In the beginning, there was the internet.

Then Steve gave us the smartphone and put the internet in our pockets, along with the thousands of apps to entertain us and crush the candies.

Soon after, Facebook and Twitter started to connect us. We liked it, and later on, Instagram and WhatsApp took off and filled the social media gap.

Then it was time to Netflix and chill. The streaming services filled our TVs with movies and our headphones with music and podcasts. Out of the pirate bay.

Without even realizing, during this time Amazon removed the friction in the online shopping. Same day delivery became the norm and the Black Fridays + Prime Days changed the expectations about shopping deals.

Changing the way we move and travel took a bit more time. But once we got Uber and Airbnb, there was no going back. UberEats, the electric bikes and scooters were really inevitable.

Workplaces had to keep up, and so remote work, co-working spaces and hot-desking became more and more familiar.

Now we leave in a world where we can have a nomad life. We no longer own a place, but we explore the world and jump from one AirBnb to another using Uber. If we want to drive, we DriveNow. We can work from anywhere and get paid directly in our Revolut account. We ride a Lime to the nearest grocery store where we pay with our phone. When we go out running, we use our wearables to see how we did and share the results with the world. We go out after swiping left and right, and there’s a 2/3 chance to meet our significant other online rather than in real life. When we are tired, we use UberEats to order pizza and take the couch to binge the most popular Netflix show.

Welcome to 2019! 🤩

How2factor

Written on 27 September 2019, 12:38pm

Tagged with: ,

So, I made how2factor.info.

It all started a few days ago, with my PayPal account being inaccessible because I no longer had access to my Google Authenticator app. I described the issue in a previous post, and the conclusion was that’s ultimately up to us, the users, to make sure we do 2FA right in order to fully enjoy its benefits.

The story was picked up by Troy Hunt, one of the most important figures in the infosec world, and his conclusion was:

How do normal everyday people get by if we techies struggle?!

Troy Hunt – Weekly update 157

Well, I decided to do something to help the normal everyday people 🙂

How2factor.info tries to keep things simple. There are tons of things that I did not cover: the differences between 2FA and MFA, the blurry lines between something that you know/have/are or the advantages of the Universal 2nd Factor (U2F). I also didn’t want the instructions to be complex.

But that was on purpose. The goal was to make 2FA less scary for our non-techie friends.

I also did not go too much into the 2FA limitations, including the things that 2FA cannot fix. Some people even argue that you don’t need 2FA at all if you’re using a complex passord and a password manager. The bottom line is that 2FA represents a massive improvement over 1FA and it prevents the vast majority of account takeover attacks.
2FA is better than 1FA in the same way two locks are better than one lock:

Security is not binary,  which is obvious if you give it even a moment’s thought. A locked door is more secure than an unlocked one. A door with two locks is more secure than one with a single lock. A locked door with a locked gate in front of it is more secure than one without a gate.

John Gruber

The outline of the website is more or less the hierarchy of authentication as described by Troy here. There is also a helpful part at the end, where I linked to several step-by-step guides to set up 2FA on popular websites. I also created a separate page with my own notes about enabling 2FA for popular websites.

Some things that did not fit in

If you are forced to answer security questions, then cheat: your first pet name was gAoEh0jRN1LbscAC1reoL9F2De6 and your mother maiden name was W5kmtuWIcIl0hxc2p6PW80ImIdB. Save these in your password manager in case you forget them 😉 The idea is to avoid providing personal information that can be easily retrieved by someone else.

How to back up hardware keys? Google Advanced Protection program actually forces you to have two keys (one primary, one backup). Dropbox offers you rescue codes – which you can print and/or store in your password manager.

The making of

I built the website using Carrd. Incredibly easy to use, HTTPS out of the box, no worries about the hosting and looking good on every device on Earth. Some of the background images come from the awesome people who offer them for free on Unsplash. The logo image comes from icons8.com, and yes, I know it looks like more like a bucket and less like a lock. Finally, the font combination was inspired by Pieter Levels and his Make book, while the color scheme was recommended by coolors.co.

I spent more than 10 hours on this little project. If how2factor.info convinces a single person turn on 2FA then it was worth it.

Escape velocities

Written on 25 September 2019, 10:38pm

Tagged with: , ,

Back in the secondary school I worked on a physics project about the escape velocities. Really interesting stuff – it was the first time when school intersected space – but looking back 20 years I can’t help but notice that I was missing the big picture. Here’s why.

The escape velocity is the minimum speed need for an object in order to escape from the gravitational influence of a celestial body. For the Moon, it’s 2.38km/s at its surface. For Jupiter, it’s 60km/s. For a black hole, it’s infinity.

There are 3 important things to remember when talking about the escape velocity:

  1. it is independent of the mass of the object. It doesn’t matter if you’re shooting a small bullet or a big spaceship. However, the escape velocity depends on the mass of the celestial body
  2. it assumes that the object travels in vacuum, not in an atmosphere. So no friction
  3. it assumes that the object is no longer subject to thrust after reaching the escape velocity

With these 3 things in mind, a good example to illustrate the escape velocity would be an imaginary cannon launching a projectile on the Moon. Launch it with an initial speed inferior to 2.38km/s and it will come back; anything above that will cause the projectile to leave the gravitation influence of the Moon (well, until it reaches the gravitational sphere of another massive body).
On the other hand, using the Earth as the celestial body is a terrible example. Not only Earth has an atmosphere (until an altitude of about 100km) which introduces friction and makes the object mass and shape important, but in a subliminal way, everybody would imagine that the object reaching the escape velocity is a rocket. But at the Earth surface, the escape velocity is 11.2km/s, and no material known to man would resist the combined effect of the brutal acceleration and aerodynamic forces or heating.

So how did Apollo missions did reach the Earth’s escape velocity? Well, in short, they didn’t.

(more…)