FBI recommends passphrases over password complexity - Longer passwords, even consisting of simpler words or constructs, are better than short passwords with special characters

Date Published: Sat, 22 Feb 2020 19:17:32 +0200

This is not new as we heard last year how the person who came up with the original password formatting recommendations had apologised for them. Then the case was made also that changing a difficult to remember password every 30 days will usually result in humans either writing it down or changing just one character every month.

Now the case is being made that a longer phrase that a human can remember will likely be better than a short password with non-alphabetic characters in.

Sooner or later sense will prevail like it did for cholesterol and healthy fat in diets... Just funny how an idea form 30 or 40 years ago just sticks and won't come unstuck.

See FBI recommends passphrases over password complexity | ZDNet

#technology #Security

Image/photo

Longer passwords, even consisting of simpler words or constructs, are better than short passwords with special characters.

Enjoy The Extra Day Off! More Bosses Give 4-Day Workweek A Try - Slashing meeting hours and doing away with open-plan offices all helped

Date Published: Sat, 22 Feb 2020 18:34:28 +0200

Companies around the world are embracing what might seem like a radical idea: a four-day workweek. The concept is gaining ground in places as varied as New Zealand and Russia, and it's making inroads among some American companies. Employers are seeing surprising benefits, including higher sales and profits.

"Core to this is that people are not productive for every hour, every minute of the day that they're in the office," Barnes says, which means there was lots of distraction and wasted time that could be cut.

Simply slashing the number and duration of meetings saved huge amounts of time. Also, he did away with open-floor office plans and saw workers spending far less time on social media. All this, he says, made it easier to focus more deeply on the work.

The company didn't police how workers spent their time. But if performance slipped, the firm could revert back to the full-week schedule. Barnes says that alone motivated workers.

Yep it may not work for all forms of jobs such as restaurants, call centres, etc as employing extra staff for extra shifts could raise costs? Fact is the "modern" office accounts for hours present but that tends to become the metric (no matter what the balanced scorecard says). When we think 4IR I realise that it is not just education that needs a complete overhaul...

See NPR Choice page

#productivity

By choosing “I agree” below, you agree that NPR’s sites use cookies, similar tracking and storage technologies, and information about the device you use to access our sites to enhance your viewing, listening and user experience, personalize content, personalize messages from NPR’s sponsors, provide social media features, and analyze...

How to install open source Tiny Tiny RSS on a Raspberry Pi - Read your news feeds while keeping your privacy intact

Date Published: Sat, 22 Feb 2020 18:06:13 +0200

Tiny Tiny RSS (TT-RSS) is a free and open source web-based news feed (RSS/Atom) reader and aggregator. It's ideally suited to those who are privacy-focused and still rely on RSS for their daily news. Tiny Tiny RSS is self-hosted software, so you have 100% control of the server, your data, and your overall privacy. It also supports a wide range of plugins, add-ons, and themes, Want a dark mode interface? No problem. Want to filter your incoming news based on keywords? TT-RSS has you covered there, as well.

This is on my bucket list later in 2020 to migrate away from Feedly / InoReader to TT-RSS. I use RSS extensively for reading through 400-500 news posts a day and there is no way I can do that by visiting every site. Without RSS feeds I'd be lost.

So the installation instructions here will work for free on a Raspberry Pi at home as there is no need to host this service. TT-RSS is included free often with cPanel hosting and Softaculous, and is a lot easier to install, but if you don't have that hosting already then the Raspberry Pi method is as good and there is no hosting costs.

See How to install TT-RSS on a Raspberry Pi

#technology #opensource #RSS

Image/photo

Tiny Tiny RSS (TT-RSS) is a free and open source web-based news feed (RSS/Atom) reader and aggregator. It's ideally suited to those who are privacy-focused and still rely on RSS for their daily news. Tiny Tiny RSS is self-hosted software, so you have 100% control of the server, your data, and your overall privacy. It also supports a wide range of plugins, add-ons, and themes, Want a dark mode interface? No problem. Want to filter your incoming news based on keywords? TT-RSS has you covered there, as well.

Google warns Huawei users not to sideload Gmail and YouTube - but it's the source that you get the app from that counts and if Huawei does the checks it should be fine

Date Published: Sat, 22 Feb 2020 10:57:01 +0200

Hundreds of thousands of LineageOS users (myself included) have used the sideloaded Gapps for many years without any issues at all. It all depends on where you source the apps from. If Huawei is now getting the apps and testing them out themselves, the apps should be fine as long as you get them from Huawei (ie. through Huawei's app store) and not via an known 3rd party site.

It is true that Google cannot vouch for the security of apps in Huawei's app store as they don't test them, but let's not confuse users. They could add that if the apps were thoroughly tested by Huawei and it is ensured the apps are obtained from that verified source, they should be fine to use, but again Google is not part of the process so it must be Huawei who vouches for that. Anyway Google's "checks" don't hold a lot of water judging by the amount of malware in their apps that keep getting taken down after the fact... maybe Huawei does an even better job!

See Google warns Huawei users not to sideload Gmail and YouTube

#technology #android #huawei

Image/photo

Google has released a statement detailing what Huawei’s US Entity listing means for the smartphone manufacturer’s upcoming devices.

Graphene Batteries FINALLY Hit the Market - They will charge much faster and will be safer than existing Li-Ion batteries

Date Published: Fri, 21 Feb 2020 22:32:29 +0200

There is already a 10,000mAh battery bank coming to market and hopefully in the coming year we'll see the higher end phones getting these batteries. Testing has been successful with up to 100W charging (which would fry a normal battery) and seems life cycle use will be about 2,5x longer than existing Li-Ion batteries.

See Major Breakthrough: Graphene Batteries FINALLY Hit the Market

#technology #batteries

Image/photo

Previous Samsung graphene video: #^https://www.youtube.com/watch?v=Go2g_BNpG_Y Gary Explains video: #^https://www.youtube.com/watch?v=uIMegpibt1M --- About ColdF...

How to install desktop Ubuntu on your Android device - I tried it and it works really well with LibreOffice, desktop Chromium etc

Date Published: Fri, 21 Feb 2020 22:10:17 +0200

The only requirement for this to run is a rooted phone (which my Pixel 2 XL is) and the instructions were pretty easy to get Linux Deploy to work. Once that was in I could choose from a variety of Linux distros such as Ubuntu, Arch Linux, Debian, etc and depending on which one, then also the version and some desktop UIs. Its not everything as I noticed I could install latest Ubuntu with MATE desktop but did not see Kubuntu by default, although I see there is a custom option too.

Internet browsing and app installs are working fine, but I was having trouble mounting a local folder on the phone to browse its data, and also to browse my computer. But I could access my Nextcloud server and get files from there. It works perfectly fast enough.

To be honest a phone's screen is a bit small to do decent work on, so I see two useful scenarios maybe for this:
1. Boot it as-is and display via Chromecast to a TV screen, and just connect a Bluetooth keyboard/mouse to operate it.
2. Boot it and with its in-built VNC server you access it with a VNC Viewer from any other computer to control it.

Why? Well because you have this "desktop computer" all configured in your pocket wherever you are with browser, documents, office software, all your settings etc ready to go.

It's just a pity there is not better documentation on tweaking some of the settings. But I'll do a short video tomorrow on what my set-up looks like.

See how to install it at How to install Ubuntu on your Android device

#technology #andriod #linux

Image/photo

Read the post: #^https://goo.gl/9kNlWu How to download and install Ubuntu onto your Android smartphone or tablet. Download the AndroidAuthority App: #^https://pl...

How to Boot a Raspberry Pi4 with a SSD to make it more reliable and about 17x faster than with a slow SD card

Date Published: Fri, 21 Feb 2020 17:51:53 +0200

This is still a workaround as Raspberry Pi has still not given us a way to natively boot from a SSD drive. This gives you a taste though of how SSD booting will really improve the speed and reliability of especially Pi 4's.

Watch Boot a Raspberry Pi4 with an SSD to make it reliable and fast

#technology #hardware #raspberrypi

Image/photo

Enough is enough! I waited for more than half a year to boot my new Raspberry Pi 4 from SSD to increase its speed and reduce the chance of losing my valuable...

What and How to Teach to Win the 4th Industrial Revolution - it will require nothing short of restructuring public education at all levels, not just Grade-12

Date Published: Fri, 21 Feb 2020 15:23:07 +0200

Many not-for-profits are directing their efforts to provide equitable access to public education. However, putting more students in a broken, dysfunctional system won’t yield the outcomes and impact we want. Instead, the very structure and process of education will need to change if we are to provide students with the knowledge, skills, abilities and competencies they need for jobs that have yet to be created.

What’s more, unless we address the gender social and cultural stereotypes, the 4IR could make gender inequity worse, not better.

One goal should be to create entrepreneurial schools and universities, and by that I don’t mean teaching children how to start businesses. Instead, creating the entrepreneurial mindset is about the pursuit of opportunity with scarce resources with the goal of creating user defined value through the deployment of innovation. Creating a successful business is but one of many ways to do that.

So bearing in mind the scope of change required and how long the education system takes to adapt... we have a challenge. So how much focus do we truly have on changing and readying the education system? WE hear lots from politicians and industry (sales people?) about 4IR but how much are we hearing from educators about all the changes they've made to their system? Do educators understand 4IR and what they need to change?

Watch an interesting video about the paradigm shift required within education to help make 4IR happen at How Should We Educate Children to Win the Fourth Industrial Revolution? – Innovation Excellence

Image/photo

The Innovation Excellence community is home to articles, webinars, videos, training and education - powering growth in the innovation management profession.

Venture-Capitalists warn: Pumping millions into an AI startup? You mean, pumping millions into Azure, AWS or Google Cloud... Cloud computing for good AI is expensive!

Date Published: Thu, 20 Feb 2020 23:20:29 +0200

Seems AI is no magic bullet yet and its still early days. For AI start-ups especially their margins are lower and they are more like traditional service providers in that they will likely roll out customized deployments. The sky-high costs of cloud compute time for machine learning and the painstaking human effort needed to clean up the data needed to train AI systems are also major financial sinkholes.

If you're not a hyperscaler, or close pals with one, eye-watering cloud bills can reach tens and hundreds of thousands of dollars, or even spill over to the millions of dollars – something most startups cannot afford.

The human labor required to clean the training data can be outsourced to third parties, but these services quickly rack up in costs, even if you pay people poorly, and run into privacy headaches. AI software has to be retrained regularly to adapt to the dynamic nature of data, and algorithms written and tweaked for specific customer or application workloads.

See VCs warn: Pumping millions into an AI startup? You mean, pumping millions into Azure, AWS or Google Cloud...

#AI #technology

Image/photo

And forget SaaS-y upstarts: These machine-learning darlings are more like traditional service outfits

What DNS encryption means for enterprise threat hunters and admins - new browsers will be enabling DNS over HTTPS (DoH)

Date Published: Thu, 20 Feb 2020 16:13:56 +0200

For security operations center (SOC) teams the negative effect of DoH is that it blindsides them to malware communication that can more easily masquerade as normal HTTPS traffic in the corporate network.

"As a network operator… I need to see what my users and applications and devices are doing in DNS in order to know which one of them is an intruder, which one of them is malware, which one of them is part of a botnet, which one of them is a poisoned supply chain… I have to be able to see that in order to keep my network secure, and so anybody who comes along with a project like DNS over HTTPS that says ‘Yeah, we want to make it impossible for the network operator to interfere with DNS operations’, they don’t understand my life at all."

DNS encryption, while bringing some good, disables some of your protections. This affects primarily network-based security solutions, underscoring the importance of having a quality, multi-layered endpoint security solution in place.

The article unpacks some of these issues as well as suggesting some plans of action. Bottom line is these new changes are coming and a decades old paradigm is changing. If you are involved in network admin or security threat monitoring you need to stay up to date with this as it evolves.

The problem here is that whilst this challenge is all very valid, the article is "published" in partnership with ESET who wants to sell their solution to you. It's important to not just default to buying solutions and services to try to solve this whilst neglecting your own admins. Your network admins need to be constantly upskilling to understand and advise about these threats as trusted internal advisors with the organisations interests at heart. Network admins who do not stay up to date risk becoming irrelevant and the organisation is then at risk of being sold any 3rd party solution that can likely cost and arm and a leg over time.

See What DNS encryption means for enterprise threat hunters

#technology #security

Image/photo

The dawn of the DNS over HTTPS era is putting business security and SOC teams to the challenge.

Subscribe to GadgeteerZA Blog Posts