Category Archives: Uncategorized

A Happy New Year From All Of Us At Hoddys Guides

Hoddys Guides Happy New year!

Thank you

The new year reminds me to reflect. This year has been great for Hoddys Guides. When we started the channel not so long ago we would never have thought we would have had multiple videos with over 10k views. Our OpenWRT install guide on Xiaomi routers just hit 100k, so we want to start off this post by saying thank you!

This year has also been a long one and we had to step back from creating content for a few months, but I’m happy to say, that ends soon! The new year brings new content for Hoddys Guides and a few new ideas.

Whats coming in the new year

First off, the time off has given us time to reflect on what people want to see and it’s pretty clear that the OpenWRT content and Microphones are where it’s at. That doesn’t mean we won’t be open to new tech. In fact, we have got some great new products to dig into that we think you will like.

We want to push testing in the new year. If we are reviewing a Mic then we will try and test it in different scenarios. If a product says it can deliver gigabyte speeds we are going to try and prove that claim. We want our content to not only be about opinion but the hard facts and make sure products deliver!

We’re ecstatic to say OpenWRT v21 is finally out and we have been waiting for it for so long. We started the OpenWRT guides video and quickly realised it would be outdated almost immediately. Now the new version is out we can restart that project in the new year. Stay tuned as we have some new routers coming too!

We would love your feedback, get in touch

The community is great and building fast, we’ve lost count of the replies we’ve made. Happy to report that Youtube and discord are very active for comments and discussion. We might add a forum to this site as another means this year if we think it will get used.

We wish you all a Happy New Year from all here at Hoddys Guides. As always, we’re open to your suggestion so if you have any feel free to reach out!

Fibaro Z-wave Smart Wall Plug

This is the second product from Fibaro I’ve unboxed and reviewed and the quality and design hold true with what I’ve said before, they really know how to put together a good bit of IoT.

It’s really when you look at what sets the wall plug apart from the rest that you begin to notice the attention to detail, lets be honest there are thousands of brands all producing similar IoT switches so why would you want this one?

All the usual suspects

It does everything you would expect for starters and as much as any of its competitors which is that it uses either Z-wave or WiFi (depending on the version) to control your socket outlet and switch the power on and off, simple, effective and reliable I’ve found.

Watt else?

In addition, the Wall Plug acts as an energy meter, it measures the amount of energy being consumed in Watts this data can both be logged with your Z-wave gateway (for instance the HC3) and be displayed by the built-in LED’s.

Bright ideas

Next, we have the ring of RGB LED’s on the face of the plug, the default as above the LED’s are set to display the power consumption of the appliance in use and gives real-time feedback of power use. This however is not the only option, the LED’s can be configured to be triggered by anything using the Home Center Gateway, so you could set it up as a flashing light when your door contact gets opened or a night light for when you have switched your Fibaro light switch off in the room! Just a few ideas off the top of my head but the possibility are endless.

Conclusion

My final thoughts are that the Wall Plug holds up with what I’ve come to expect from Fibaro products. Setup and pairing were quick and simple. I’ve had no issues with reliability whenever I’ve triggered the device it always does as is told and quickly too. No complaints at all and I’m happy to recommend it.

YubiKey – Is this the next step for password security?

Yubikey

I was really glad to have the opportunity to do this video, Yubikey by Yubico has been on my radar for a long time. A lot of people I speak to are security professionals and it’s really become the norm for them to all be using Yubikeys, but the question is why?

Why do I need this?

Passwords as a concept are now redundant alone, the mix of human nature and computers that can brute force to test thousands of passwords a second have made it increasingly difficult to keep systems secure.

Ideally, we should all be using password managers with randomly generated passwords and a second factor (2FA) of security. The most common types of 2FA are SMS, one-time passwords (OTP), and hardware keys like the Yubikey.

2FA

Although any 2FA is an additional line of defence SMS 2FA is flawed, I can assure you that the S’s in SMS don’t stand for secure! But is still better than nothing.

Next in line are the OTP’s these are normally generated in apps like Authy or google authenticator, much more secure than SMS, and generally are as secure as the device that holds the app. They work the same as the SMS in that you get a shortcode that you need to input in a short amount of time. A great idea but a bit of a pain in practice, it’s always a rush to get the code in quick or wait for a new code to be generated which is fine every now and again but when you are regularly logging in to multiple systems regularly it can become a bind.

Hardware keys like the Yubikey’s have no need for imputing long codes or use of SMS they just need any available port or NFC and a simple touch of the device sends the full key securely and that’s it. It’s fast easy to use and extremely secure, the only thing you need to do is remember to keep it with you for when you need it. There’s a lot more on why this is a lot more secure than other methods you can find out here.

Does it work?

So in this day and age, I hope everyone knows the risk of Phishing, sending a malicious email, often in the hope that a user will click a link that imitates a website and then attempt to login into the imitation site this happens all the time, it works, unfortunately. With 2FA enabled the password is useless alone without the second factor, even if they collected your code from the above methods they would only have a limited window of time to use the code, and in the case of the Yubikey “replaying” the code wouldn’t work at all.

Review

I’ve said a lot in the review in the video but in short, I really like the Yubikeys, how they work and how easy they are for improving security. If you’ve ever had an issue with your accounts being phished or hacked, this is pretty cut-and-dry the solution to your problems. Easy to set up and easy to use, if I had my way this would be the new normal. If you’ve enjoyed this video and post you might like another infosec one.