Category: Uncategorized

https://youtu.be/ILkBLm2p26A

Yubikey

I was really glad to have the opportunity to do this video, Yubikey by Yubico has been on my radar for a long time. A lot of people I speak to are security professionals and it’s really become the norm for them to all be using Yubikeys, but the question is why?

Why do I need this?

Passwords as a concept are now redundant alone, the mix of human nature and computers that can brute force to test thousands of passwords a second have made it increasingly difficult to keep systems secure.

Ideally, we should all be using password managers with randomly generated passwords and a second factor (2FA) of security. The most common types of 2FA are SMS, one-time passwords (OTP), and hardware keys like the Yubikey.

2FA

Although any 2FA is an additional line of defence SMS 2FA is flawed, I can assure you that the S’s in SMS don’t stand for secure! But is still better than nothing.

Next in line are the OTP’s these are normally generated in apps like Authy or google authenticator, much more secure than SMS, and generally are as secure as the device that holds the app. They work the same as the SMS in that you get a shortcode that you need to input in a short amount of time. A great idea but a bit of a pain in practice, it’s always a rush to get the code in quick or wait for a new code to be generated which is fine every now and again but when you are regularly logging in to multiple systems regularly it can become a bind.

Hardware keys like the Yubikey’s have no need for imputing long codes or use of SMS they just need any available port or NFC and a simple touch of the device sends the full key securely and that’s it. It’s fast easy to use and extremely secure, the only thing you need to do is remember to keep it with you for when you need it. There’s a lot more on why this is a lot more secure than other methods you can find out here.

Does it work?

So in this day and age, I hope everyone knows the risk of Phishing, sending a malicious email, often in the hope that a user will click a link that imitates a website and then attempt to login into the imitation site this happens all the time, it works, unfortunately. With 2FA enabled the password is useless alone without the second factor, even if they collected your code from the above methods they would only have a limited window of time to use the code, and in the case of the Yubikey “replaying” the code wouldn’t work at all.

Review

I’ve said a lot in the review in the video but in short, I really like the Yubikeys, how they work and how easy they are for improving security. If you’ve ever had an issue with your accounts being phished or hacked, this is pretty cut-and-dry the solution to your problems. Easy to set up and easy to use, if I had my way this would be the new normal. If you’ve enjoyed this video and post you might like another infosec one.

https://youtu.be/m28APgM0Yfg

Home Center 3

This is my first hands-on with the Home Center 3 (HC3) from FIBARO. The HC3 is an IoT hub for controlling your smart devices be they FIBARO’s or other manufactures. Currently, the HC3 only supports Z-Wave devices but has the hardware to work with Zigbee and 433Mhz and 868Mhz. These extra protocols are not yet implemented in the software but are due to be added soon, which bring me to my first point:

Software

The software on the HC3 is very intuitive in my opinion, It can be a little bit complex but I feel that just because of all the functionality they have available to use.

Software updates are regular it seems in my limited time with the device but time on the forum shows this is historically true too, the FIBARO team seem to release stable and beta updates every few weeks with new features and bug fixes, unlike a lot of devices when you buy a FIBARO HC, support doesn’t end when you take delivery they still regularly update the older devices which are good to see!

Forums and support

FIBARO hosts a very active forum that adds a lot of support for the Home Centers, it’s home to a lot of guides and information. I find it really encouraging to see a community like this that are all helping out and making the experience even better with things like self-written Quick Apps and troubleshooting setups.

The developers of the devices can also be often found in the forums answering questions and taking feedback, which goes towards future updates. On top of this if you have bought through a FIBARO installer you will have their support as well as FIBARO themselves directly.

Integrations

The setup of Z-Wave devices is seamless, and I’ve found setting up with Alexa and Google home simple (Subscribe for future guides on this!). All my devices show in my Home or Alexa app and devices can be renamed so you can use voice controls.

Automation’s are set up with Scenes and you have the choice of writing the code directly or simply using a block. If you’ve not seen block before you simply drag and drop the devices and the actions that you want to complete into your scene and it’s as simple as that. In the video, I show a simple example of how easy it is and just how much flexibility you have.

Review

I’ve been using the HC3 for a few weeks now and I’m happy with the stability and the sheer amount of flexibility that you can get out of the hub.

There’s definitely a balance between functionality and user-friendliness and I think the HC3 has struck a good mix. In the Smartphone App, they have gone too heavy on the user-friendly side which is perfect for me, If I need to make changes to how things work I use the web interface, if not I have the App where I can quickly run scenes and toggle devices. Probably the best bit of this is you can give the App to other less savvy users and they will still get all the functionality of the system without the ability to make changes.

As I’ve said in the video we will have plenty of content coming up on the setup of integrations and lots of other FIBARO products. Why not subscribe on YouTube to get notified of our next videos! If you enjoyed this content you might like our OpenWrt Guide.

https://youtu.be/HeTxzx55TzE

The VF-K2 is a multifunctional smartphone video kit from ViewFlex, In the box, you will find a tripod, a phone holder, a shotgun-style microphone, a wind and pop filter and finally a bag to keep it all in.

First impressions

Opening the box, the first glance is very good just from the weight of the kit, all of the stand except for the legs is made of metal and it shows in the quality, it will be a very strong and durable little kit that I have no doubts will stand the test of time. The overall flexibility of the unit you couldn’t ask for much more and using standard fittings like the cold shoe (or H bracket) just makes it easier if you want to upgrade your filming down the line to something like DSLR.

The Mic

The Mic is really directional, so much so in a couple of places during the dubbing of this video I just turned my head while speaking (a bad habit of mine while filming!) but you could hear my voice fade. This might sound like a negative but it really isn’t, you don’t want anything except what is straight in front of a shotgun mic to be recorded and this mic does just that exceptionally well! I just need to get out of my bad habits!

Flexibility

Plenty of sizes for any phone, mine in the video was 80mm (8cm) and I measure the max to be 100mm (10cm), the ability to rotate the phone using the thumb turn on the back is a nice feature I’ve not seen in any other kit like this before but is probably ideal for those making TicTok or Instagram video’s with that portrait view whereas things like youtube your probably more likely to use landscape, but either way it has you covered.

Final thoughts

Overall a great little kit for newcomers to content creation, and plenty of room to upgrade in the future! If you’ve enjoyed this review you might also be interested in our review on the Uhuru Video Creators Bundle.