Weekly output: password peril, mobile-hotspot help, Facebook’s Oversight Board

I had been holding out hope that I could return to business travel, even if just once before fall or winter, to cover America’s return to launching astronauts to space–SpaceX’s Demo-2 test flight of its Crew Dragon capsule, scheduled for May 27. I’d put in for a press pass and had a confirmed assignment from a name-brand client, and I was willing to figure out how I’d not lose money on the trip later on. But on Monday, I got the e-mail that many other journalists received, saying that NASA could not accommodate me at the Kennedy Space Center because social-distancing dictates required drastically limiting the number of press on site.

I’m not surprised and I’m not that upset. I’ve already seen three launches from the press site at KSC–the penultimate and final Space Shuttle launches and the February 2018 debut of the Falcon Heavy rocket–and that’s three more than I had any reasonable expectation of seeing 10 years ago.

5/5/2020: We still stink at passwords, and there’s really no excuse, Fast Company

I got an advance look at a study published by LastPass, the password-manager service that I used to use. The study confirmed earlier reports that people reuse way too many passwords but reported curiously high adoption of two-step verification–but did not gauge how many of us now employ password managers.

5/8/2020: All of the COVID-19 Data Upgrades That Cell Phone Carriers Are Offering, Wirecutter

I inventoried the ways that the big four wireless carriers as well as their prepaid brands and their major resellers have made it easier to share your smartphone’s bandwidth with nearby devices via its mobile-hotspot function. As you can see in the comments, it looks like I got one service’s information wrong; Google Fi has raised the limit at which it will slow down your connection, but not in a way that will lower most customers’ bills.

5/9/2020: Facebook’s Oversight Board, Al Araby

As one third of a panel discussion on this Arabic-language news network, I talked about Facebook’s new Oversight Board and its odds of changing things at the social network. My main point: While this equivalent of a Supreme Court is empowered to reverse Facebook decisions to take down or keep up content, Facebook’s automated rankings of the priority of content appear to be outside its orbit.

Weekly output: Google’s “security hold,” how to read wireless-carrier rankings

Both posts this week had me circling back to topics I’ve covered before and learning something new, which is always nice.

7/25/2019: Locked out of your Google account? Why it can sometimes take days to get back in, USA Today

Once again, I tried to shed some light on how Google goes about resolving a forgotten password for a Google account. This time, I got the company to document a hitherto-undocumented “security hold.” Alas, much of the process here remains mysterious, and the reader in question here may have only gotten her account back so quickly because I inquired on her behalf.

7/26/2019: Why so many wireless carriers seem to have “America’s best network”, Fast Company

My work updating the Wirecutter guide to smartphone service required me to spend a lot of time with studies ranking the performance of the big four wireless carriers, so I decided to write an explainer about how these surveys get their results and how you should interpret their findings. That effort revealed a couple of finer points about these projects that I was able to add to the Wirecutter update, which should be up any day now.

First impressions of 1Password

After several years using the same password-manager service–and then paying for its premium version–I’ve spent the last few weeks trying an alternative.

I can credit a sales pitch that included the italicized phrase “completely free” for this departure: 1Password’s offer of a free membership to journalists, in celebration of World Press Freedom Day this May 3. But I was also overdue to spend some time in a password manager besides LastPass.

So far, I’m impressed by the elegance of the interface but a little put off by how persnickety 1Password can be to set up. You don’t just create a username and password, you also have to type in a complex and random secret key to get going.

Having read this Toronto-based firm’s documentation of how this extra step helps ensure that a successful guess of your password still won’t compromise your account, I get where they’re coming from. But I’m not sure I’d recommend it to just anybody, especially not when LastPass’s free version suffices for many casual users.

Further time with 1Password’s Mac, Windows and Android apps has revealed other things I like:

This time has also surfaced one thing I don’t like: an incomplete approach to two-step verification that seems to require choosing between running an authenticator app on your smartphone or employing a weird Yubikey implementation that requires running a separate app instead of just plugging a standard USB security key. That’s no better than LastPass’s inflexible notion of two-step verification.

I’d like to see 1Password improve that and support the WebAuthn standard for security-key confirmation. But I’m prepared to give them some time, based on everything else I’ve seen so far.

Weekly output: Chris Vickery, post-phishing advice, hyperloop competition

It was a back-to-work week after the previous week’s time off. In addition to what you see here, I filed a USA Today column that should go up tomorrow morning and a thousand-word feature that won’t run for a few more weeks.

8/15/2017: How companies leave your data online without your knowledge, Yahoo Finance

This post was the product of my one work appointment while on vacation in the Bay Area, a conversation with data-breach detective Chris Vickery.

8/17/2017: These college students are vying to build Elon Musk’s hyperloop, Yahoo Finance

I drove up to College Park Tuesday morning to see the test hyperloop pod that this UMD team is taking to a SpaceX-hosted hyperloop competition at the end of this month, then used part of my resulting writeup to discuss the overall feasibility of the hyperloop concept for transporting people. In the process, I got to employ a quote that I’ve had sitting in Evernote since last November.

8/18/2017: You got phished. Now what?, USA Today

This ran about a week after I filed it, thanks to my original e-mail not being addressed to the right editor and the right editor a) missing my re-send of that e-mail and b) being really busy. Fortunately, phishing and e-mail security in general are both evergreen topics, so this summary of the advice I gave to a friend’s dad was at no real risk of getting scooped.

 

Weekly output: LastPass, wireless bridges

At the start of this week, I had different topics in mind for each of these two columns, and then things happened. I also made a quick run up to New York Thursday for a few tech events, then wrapped up the visit with a pilgrimage to the top of One World Trade Center. I’ll repeat the D.C.-NYC trip tomorrow but will stick around longer–CE Week runs Tuesday through Thursday.

6/16/2015: My Password-Manager Service Got Hacked. Things Could Be Much Worse., Yahoo Tech

I had filed a different column by the time my editor and I separately decided: Hey, this news about a password-manager service’s security breach is column-worthy. After this piece went up, LastPass updated its original blog post with a clearer explanation that’s worth reading.

USA Today wireless-bridge post6/21/2015: Wonky Wi-Fi on one device? Take it to the bridge, USA Today

In this case, I hadn’t filed anything–I couldn’t, because I was waiting for an answer to a reasonably simple technical query from a company that had already exhibited… let’s say, a slow PR metabolism. Fortunately, a reader had e-mailed a question that I could answer without needing any spokespeople to chime in first. It didn’t hurt that the headline came to mind almost instantly.