October 16, 2017

Link: But, KRACK! ☍

Natasha Lomas for TechCrunch:

Security researcher Mathy Vanhoef publicly disclosed a serious vulnerability in the WPA2 encryption protocol today. Most devices and routers currently rely on WPA2 to encrypt your WiFi traffic, so chances are you’re affected.

But first, let’s clarify what an attacker can and cannot do using the KRACK vulnerability. The attacker can intercept some of the traffic between your device and your router. If traffic is encrypted properly using HTTPS, an attacker can’t look at this traffic. Attackers can’t obtain your Wi-Fi password using this vulnerability. They can just look at your unencrypted traffic if they know what they’re doing. With some devices, attackers can also perform packet injection and do some nasty things. This vulnerability is like sharing the same WiFi network in a coffee shop or airport.

The attacker needs to be in range of your WiFi network. They can’t attack you from miles and miles away. The attacker could also take control of a zombie computer near you, but this is already a much more sophisticated attack. That’s why companies should release patches as soon as possible because chances are most attackers just learned about this vulnerability today.

At this point, this is something to be concerned about, make sure you’re updating things, and realize that nothing is entirely safe from vulnerabilities. There’s a great guide of which devices and vendors have issued updates already (I’ll be doing some updates tonight on my personal Ubiquiti equipment and the Aruba gear we use at work).

Update: Apple has confirmed that this has been fixed in the latest iOS betas. This is yet another reason to run the updates for your devices on a regular basis.

Link: One Person’s History of Twitter, From Beginning to End ☍

Mike Monteiro:

There was a time where Twitter was a place you went to fuck around, and accidentally made friends and got smarter. It’s been years since I’ve felt smarter after being exposed to Twitter, but trust me, those days were real. They happened.

College-me was into Facebook during its earliest days, but moved over to Twitter for the reason of it being something new and people you didn’t know in real life. Often getting real-life friends to join required a pitch of ‘what’s the point?’ and the fact that it was sort of stupid and fun made it enjoyable. Outside of the ongoing stress that it causes because I tend to have similar views as some of the people I follow in the tech and sports worlds, the company’s tone-deaf responses also leave a bad taste in my mouth.

I’ve all but stepped away from Facebook because of the sheer creepiness and stupidity that exists there, and typically use Twitter through a third-party client, but I often wonder if I left, would I really miss much?

Link: Last Week Tonight’s Coverage of the Equifax Breach ☍

Once again, John Oliver is able to mix comedy with something truly terrifying that we should be outraged about. Instead, we seem more fixated on celebrity gossip or what may be happening in the White House circus. If this were the early 2000s, I suspect Equifax would be in more trouble, along the lines of Enron, Worldcom, and other corporate mega-scandals.

October 10, 2017

Link: Jason Kottke on Halt and Catch Fire ☍

Jason Kottke:

…I got to appear on AMC’s Halt and Catch Fire last night as a background extra. (Mild spoilers follow.) This season of the show is set in the 90s, but this episode flashes back to the 70s soon after Gordon and Donna get together. My scene takes place during this flashback and is pretty short. Gordon is at a gas station, waiting to use the pay phone. A man (that’s me!) exits the station with a 6-pack of beer, gets into his car, and drives off after Gordon crosses the pavement to the phone. And that was it! But as a big fan of the show — and I refuse to have any chill about this — it was one of the coolest experiences I’ve had in forever.

As Halt and Catch Fire is currently one of my favorite shows, I’m incredibly jealous of Kottke’s experience. Selfishly, I also wish the series would have a fifth season, as that would cause a jump to around the time of the dot-com bubble.

October 6, 2017

Link: AIM to Shut Down December 15 ☍

Michael Albers, VP of Communications Product at Oath (Verizon):

If you were a 90’s kid, chances are there was a point in time when AOL Instant Messenger (AIM) was a huge part of your life. You likely remember the CD, your first screenname, your carefully curated away messages, and how you organized your buddy lists. Right now you might be reminiscing about how you had to compete for time on the home computer in order to chat with friends outside of school. You might also remember how characters throughout pop culture from “You’ve Got Mail” to “Sex and the City” used AIM to help navigate their relationships. In the late 1990’s, the world had never seen anything like it. And it captivated all of us.

AIM tapped into new digital technologies and ignited a cultural shift, but the way in which we communicate with each other has profoundly changed. As a result we’ve made the decision that we will be discontinuing AIM effective December 15, 2017. We are more excited than ever to continue building the next generation of iconic brands and life-changing products for users around the world.

When this site was in its infancy, I was communicating with other Mac nerds and real-life friends using AIM. It seems that the big shift away from AIM started with SMS and continued when The Facebook baked chat in. In my own use, iMessage was the final nail in the coffin, and I haven’t thought much of AIM in the last few years. Still, I do remember the days of waiting for the sign-in to happen over a dialup connection and the excitement of wasting some time after school and it does make me a bit nostalgic.