Password Management
The two best ways to maintain strong passwords are the following:
- Use a password management system (LastPass, 1Password, etc.).
- A huge benefit is that you can often implement an infrastructure system-wide administration control password management among a group of workers.
- They usually cost money to use for some fancy features
- Use coding-based passwords with entropy characters for complexity. You can write out code-based passwords for which you can swap out keywords or phrases that only you know the association to, along with using random entropy characters. This allows you to write out your password if you maintain your decryption methods a secret. The human mind is often amazing at decrypting known key phrases. . . . Usually. . . ..
- Example:
- Written-out code: Apple + Life + City + FavD
- Decryption:
- Apple è Pie;
- Life è 42;
- City è LALALAND;
- FavD è Wall-E
- Actual password: Pie42LALALANDWall-E
- A more complicated example would include random filler characters to enlarge passwords and increase password complexity.
- Written-out code: ! + Apple + Life + abcde + City + @ + 0982 + FavD + *
- Actual password: !Pie42abcdeLALALAND@0983Wall-E*
Important
Never save your passwords through your web browser (Chrome, Edge, Firefox, etc.)! Passwords that are “remembered” or “saved” through the web browser are stored in plain text, and they can be easily accessible through the web browser. All you have to do is search online for “show *web browser* saved passwords” and you can easily find instructions to look up the saved passwords in a web browser.
Mark Your Calendars: Obsolete Operating Systems
Operating systems do have expiration dates, known as sunsetting or end of life. When operating systems reach their end of life, they often no longer receive any security patches or new features. Below are some sunsetting dates of popular operating systems:
Microsoft Windows
- Sunsetting of Windows XP
- April 2014 (12 years of support)
- Sunsetting of Windows Vista
- April 2017 (10 years of support)
- Sunsetting of Windows 7
- January 2020 (11 years of support)
- Sunsetting of Windows 8
- January 2023 (11 years of support)
- Sunsetting of Windows 9
- Never (forever) (This is a joke: Microsoft skipped Windows 9 just as Apple skipped iPhone 9. That likely came down to marketing.)
- Sunsetting of Windows 10
- October 2025 (10+ years of support)
Apple
- ~3 years of support for most recent OS
- No official statement
- Just a side note, the root certificate “IdentTrust DST Root CA X3” expired on September 30, 2021, that made older computers and phones receive certificate warnings when visiting certain websites that use Let’s Encrypt certificates. The affected devices were Apple computers running macOS 10.11 (“OS X El Capitan”) or less, computers running Windows XP Service Pack 3 or less (which sunset in April 2014), iPhones with iOS 9 or less, Nintendo 3DS game systems, and PS3 game consoles. Let’s Encrypt, Certificate Compatibility. I received lots of calls from people. . . .
“Internet Is Down” Stories (Or, I’m Not Crazy)
October 4, 2021
Facebook, Instagram, and WhatsApp went down to the public from roughly 11:40 a.m. to 6:00 p.m. eastern time. Alex Heath, “Locked out and totally down: Facebook’s scramble to fix a massive outage,” Verge, Oct. 24, 2021. Reports also stated that this affected internal systems that disrupted employees’ abilities to communicate and work. This outage required Facebook engineers to visit the main U.S. data centers in California to manually restore services. Id. This was not as bad as when Facebook, Instagram, and WhatsApp went down for almost 24 hours on March 13, 2019. Thomas Ricker, “Facebook returns after its worst outage ever,” Verge, Mar. 14, 2019.
December 7, 2021
Amazon Web Services (AWS) cloud servers went down from 10:45 a.m. to 6:00 p.m. eastern time. Richard Lawler, “An Amazon server outage caused problems for Alexa, Ring, Disney Plus, and Deliveries,” Verge, Dec. 7, 2021. AWS are virtual webservers hosted by Amazon that help various internet companies to function online with video streaming and other online processes. The affected services included Netflix, Disney Plus, Alexa AI Assistant, Kindle eBooks, Amazon Music, Ring and Wyze, Tinder, Roku, Venmo, Amazon Flex, Amazon warehouse machines, and work apps for Amazon delivery workers. Id.; Richard Lawler, “Amazon outage isn’t just online: delivery vans and warehouse bots aren’t moving packages,” Verge, Dec. 7, 2021. The horror. . . . The horror.
January 5, 2022
Kosovo banned cryptocurrency mining to try to prevent more rolling blackouts. “Kosovo bans cryptocurrency mining after blackouts,” BBC News, Jan. 5, 2022. This happened after a declared 60-day state of emergency in December 2021. Id.
February 2, 2022
North Korea suffered numerous internet outages for almost two weeks. . . . That was caused by one American person known as P4x, who hacked the country’s internet. Andy Greenberg, “North Korea Hacked Him. So He Took Down Its Internet,” Wired, Feb. 2, 2022. North Korea spies reportedly hacked P4x while they were primarily targeting western security resources to steal hacking tools and software vulnerabilities. Id. P4x used distributed denial-of-service (DDoS) and other vulnerabilities to attack North Korea’s internet infrastructure and its own national homebrew operating system, Red Star OS. Id.