Term for computer data consisting only of unformatted characters of readable material
POPULARITY
Random but Memorable turns 150! 1️⃣5️⃣0️⃣ (It's official, we're old.)
Brought to you by TogetherLetters & Edgewise!In this episode: RIP SkypeMeta threatens to cut off Facebook in Nigeria over huge fines Facebook Allegedly Detected When Teen Girls Deleted Selfies So It Could Serve Them Beauty AdsHow cardinals are using social media ahead of the papal conclaveVatican to cut phone signal during conclave to elect new popeOpenAI says nonprofit will retain control of company, bowing to outside pressureThe Signal Clone the Trump Admin Uses Was HackedMessaging app used by Trump official suspends operations after reported hackDespite misleading marketing, Israeli company TeleMessage, used by Trump officials, can access plaintext chat logsSay goodbye to traditional returns – Walmart, Amazon and Target will refund your money without asking for the product backE.P.A. Plans to Shut Down the Energy Star ProgramFTC bans hidden fees for live events and short-term rentals, effective May 12Weird and Wacky: MoviePass explores a daily fantasy platform for film buffsGoogle is finally building its own DeX: First look at Android's Desktop ModePopemobile to become health clinic for Gaza childrenTech Rec:Sanjay - VERT.shAdam -
Episode 3 - What Is A Plain Text Program? What Is A Plain Text Program? Today I'm going to go into more detail about what I mean when I say Plain Text Program. I want to emphasize that this is just me. Others may have different ideas on this topic. This is how I try to write Plain Text Programs. I will feature other people's work that I still consider to be Plain Text Programs that do not follow all of these guidelines. I want to thank the hosts on the monthly HPR Community News podcast for inspiring me. They had questions. I also want to thank those making comments. I'm new to Hacker Public Radio and I will try to be more timely responding to comments in the future. What Is A Plain Text File? Text files are usually edited in a text editor or in a word processor and saved with the .txt extension. They consist of a string of characters. Text files can be divided into lines using the newline character, n, or the carriage return and newline characters, rn. You don't have to type these characters. Your editor puts them in for you. Text files do not have to use the .txt extension. Most programming files, like .php or .c files are plain text. I will only be discussing programs that are open source and that store their code in text files. Plain text configuration files often have no extension. For my Plain Text Programs I use config.inc. There is no difference between text files and plain text files. People often say plain text files to distinguish them from word processor files like .doc or .odt files. Plain Text Programs use text files to store text like a title or a blog post. When I talk about Plain Text Programs I also mean something more than this. That's what this podcast is about. No Database? Plain Text Programs do not use a database like mysql or postgres. Also the file system does not imitate a database, creating keys, indexing, etc. Instead the file system performs the database functions by accessing files which can be text files, graphics files, or other files. These files can be all in one directory or in multiple directories in a single directory tree. If password security is required in a Plain Text Program that runs on the internet I make an exception to the single tree rule to allow passwords to be stored outside of the webspace. So the assets a Plain Text Program accesses are just files in the file system. No HTML Or Other Markup Required I have no rule against allowing html or other markup. But I do not assume that the maintainer knows how to do this or wants to learn it. The reason I started writing Plain Text Programs was to avoid html markup. I want to be able to type text files, save them, and upload them, without being concerned about anything except the text itself. The text files holding the content are written in block paragraph style with a blank line between paragraphs. Text files are not required in a Plain Text Program but most Plain Text Programs do use some text data which should be stored in text files. If this is a web application, links can be copied and pasted from the browser with no additional markup required. Other assets in the directory, like .gif, .jpg, or .png images, display automatically. I use the file names for meta data like title, caption, or sort order. I can also sort chronologically using the file timestamps. If there is a hierarchy of directories the program can use the directory name of the child directories for the link text. For instance the Delta Musicians directory tree can have a Table Of Contents at the top level that lists the musicians in alphabetical order. Each musician gets their own subdirectory and the name of that subdirectory is used to generate the link and link text for that page. Then, each page can use Dirt Simple Photo Gallery and the program generates the caption from the image's file name. All configuration is also done in a text file. I use a well documented config.inc file that initializes php variables. The maintainer of the application is never required to edit source code. Does Plain Text Mean There Is No GUI Interface? No. I write mostly web apps so they run in the browser interface. Also, Plain Text Programs do not require a GUI. It could run in a terminal or as a cron job. The program could play a music playlist or run a slideshow with no input at all. What Do I Have To Know To Maintain A Plain Text Program? The maintainer of the program will have to be able to 1. Create and edit text files in a text editor or word processor 2. Copy and paste links, iframe embeds, file names, titles, etc. 3. Rename files 4. Upload and download with ftp Executive Summary A Plain Text Program does not use a database like sql. Instead it stores the assets in the file system and accesses them using the file system. A Plain Text Program does not require html or other markup. Text assets are written in block paragraph format. If the maintainer prefers to use a word processor instead of a text editor that's fine as long as the files are saved as text files with the .txt extension. Most word processors support this. Plain Text Programs can support links if the links are copied and pasted into the text file with no markup required. Plain Text Programs can support iframe embeds if the embed code is copied and pasted onto its own line in the text file. All of the assets for a Plain Text Program are stored in a single directory tree. This is one of the main advantages of Plain Text Programs because it makes them easy to backup and restore so they are very portable. I sometimes make an exception to this if I want to save a password on a webserver outside of the webspace. A Plain Text Program uses the file and directory names for meta data like titles, captions, or sort order. The file timestamps can be used for chronological sorting. All configuration is done by editing a well documented text file. The maintainer should not have to edit the program code. The maintainer should be allowed to edit the program code. I will only discuss open source programs that store the program itself in text files. More Questions? I thought so. Comment on Hacker Public Radio or at Gamer+DBN. I will include links in the show notes.
They were storing your password in PLAIN TEXT!!!
01 Plain Text Programs Hi. I'm here to talk about Plain Text Programs, what they are, what they do, why they're good, and why they're not for everything. Right up front I'm requesting feedback on what I have to say. I'm on Mastodon and I'll start a thread for each podcast or you can reach me by email. My Mastodon address is @hairylarry@gamerplus.org My profile is at https://gamerplus.org/@hairylarry And my email is hairylarry@deltaboogie.com Also you can Network With Hairy Larry at https://deltaboogie.net. In the future I plan on doing podcasts on specific Plain Text Programs, some that I wrote and some that were written by others. Any program that I will discuss will be licensed with a free culture license. The first thing I want to emphasize about Plain Text Programs is that there's no database like SQL or LLM. All text data is written in plain text files stored on a file system. Now, I love databases. Before I retired I was a database programmer. And as a database programmer I learned a lot about the difficulties maintaining programs that rely on databases. There's a lot of cool stuff you can do with a database that's just not reasonable to try with plain text. Now that I'm retired I don't really want to work that hard anymore. I want programming to be easy and fun. Plain text does not mean there can't be images or other media. Image files like .jpg or .png can be stored in the file system just like text files. No worries. A big advantage of Plain Text Programs is portability. To back up a working program you copy the directory tree that holds the program's files. To install or restore a Plain Text Program copy the tree onto a system or server. I usually work on Linux using the PHP programming language. This is of course my preference. Any language running on any file system can be used to write Plain Text Programs. My minimum install will usually have a configuration file, at least one program file, and a set of text files. Some of the Plain Text Programs I use all the time that I wrote are Websites Dirt Simple Photo Gallery Plain Text Blog Not Actually Plain Text Blog Network With Hairy Larry Internet Radio MixRemix - Creative Commons Jazz KGPL Utilities Backup The Web Server I also use Plain Text Programs that other programmers wrote Music Folder Player https://github.com/ltguillaume/music-folder-player Free PHP File Directory Script https://halgatewood.com/file-directory-list Simple Image Browser https://github.com/SammysHP/SimpleImageBrowser Links to these programs are in the script. So these are mostly websites or web applications but Plain Text Programs do not have to be outward facing. They can just be an easy program that you write to automate a task that you have to do periodically. Like my Backup The Web Server program that I wrote in bash. I write my Plain Text Programs websites so that updates and additions are made with FTP. FTP is a well established secure way to transfer files from your development system to your web server. Another good option, particularly for static websites that are generated on the development system and then mirrored up to the server, is rsync. I believe that simplicity is the key. I have written complicated Plain Text Programs including the social network writing game, Collab. But I think a simple one page or few pages design fits the plain text paradigm better. Well, I'm going to call this a wrap for now. I plan on covering specific Plain Text Programs in future podcasts and I may occasionally step back and look at the big picture or discuss ideas and specifications for future projects. Thanks for listening. I appreciate all your comments. You can find the plain text script with the link to the comment thread and all other links at home.gamerplus.org, a Not Actually Plain Text Blog. Comment thread link. https://gamerplus.org/deck/@hairylarry/113142858145586294
Enhancing FreeBSD Stability With ZFS Pool Checkpoints, Plaintext is not a great format for (system) logs, Initial playlist of 28 BSDCan Videos released, Installing FreeBSD 14 on Raspberry Pi 4B with ZFS root, A practical guide to VPNs, IPv6, routing domains and IPSEC, How to mount ISO or file disk images on OpenBSD, and more NOTES This episode of BSDNow is brought to you by Tarsnap (https://www.tarsnap.com/bsdnow) and the BSDNow Patreon (https://www.patreon.com/bsdnow) Headlines Enhancing FreeBSD Stability With ZFS Pool Checkpoints (https://it-notes.dragas.net/2024/07/01/enhancing-freebsd-stability-with-zfs-pool-checkpoints/) Plaintext is not a great format for (system) logs (https://utcc.utoronto.ca/~cks/space/blog/sysadmin/PlaintextNotGreatLogFormat) News Roundup Initial playlist of 28 BSDCan Videos released (http://undeadly.org/cgi?action=article;sid=20240630100913) Installing FreeBSD 14 on Raspberry Pi 4B with ZFS root (https://axcella.com/blog/2024/02/03/installing-freebsd-14-on-raspberry-pi-4b-with-zfs-root/) The following components make up my setup: Raspberry Pi 4B, 8 GB RAM (https://www.raspberrypi.com/products/raspberry-pi-4-model-b/) Official Raspberry Pi 4 Power Supply (https://www.raspberrypi.com/products/power-supply/) Geekworm Raspberry Pi 4 11mm Embedded Heatsink (P165-B) (https://geekworm.com/products/raspberry-pi-4-11mm-embedded-heatsink-p165-b) Geekworm for Raspberry Pi 4, X862 V2.0 M.2 NGFF SATA SSD Storage Expansion Board with USB 3.1 Connector Support Key-B 2280 SSD (https://geekworm.com/products/x862) WD Blue SA510 SATA SSD 2 TB M.2 2280 (https://www.westerndigital.com/products/internal-drives/wd-blue-sa510-sata-m-2-ssd?sku=WDS200T3B0B) 4K 60Hz Micro HDMI to HDMI Adapter (to connect to a monitor, can also run headless with just power and network cable connected) A practical guide to VPNs, IPv6, routing domains and IPSEC (http://undeadly.org/cgi?action=article;sid=20240706084626) How to mount ISO or file disk images on OpenBSD (https://dataswamp.org/~solene/2024-06-15-mount-iso-file-openbsd.html) Beastie Bits DeadBSD Series - There have been a few FreeBSD derived OS's over the years, some stay, many others fade away. In this series, DeadBSD's, we will be revisiting those long gone BSD's and see what we missed out on. Fury (https://www.youtube.com/watch?v=3xl2BdlBjg0) CultBSD (https://www.youtube.com/watch?v=hmT1fXuOyos) Tarsnap This weeks episode of BSDNow was sponsored by our friends at Tarsnap, the only secure online backup you can trust your data to. Even paranoids need backups. Feedback/Questions 569 - RobN - A Thanks (https://github.com/BSDNow/bsdnow.tv/blob/master/episodes/569/feedback/Rob%20-%20A%20Thanks.md) Send questions, comments, show ideas/topics, or stories you want mentioned on the show to feedback@bsdnow.tv (mailto:feedback@bsdnow.tv) Join us and other BSD Fans in our BSD Now Telegram channel (https://t.me/bsdnow)
In this episode, Ben sits down with Phil Bonello, Co-Founder and CIO of Plaintext Capital. Phil is an industry veteran, having spent time at Messari, Ikigai, and Grayscale before launching Plaintext. Phil is a fundamental investor who understands what moves crypto markets intimately. He has a proven ability to find emerging trends and then find creative ways to express related trades before the narrative gets hot. Let's get into it. Connect with the guest Plaintext Capital https://plaintextcapital.com/ Follow Phil on Twitter/X https://twitter.com/PhilJBonello Disclaimer Ben Jacobs is a partner at Scenius Capital Management. All views expressed by Ben and the guests of this podcast are solely their opinions and do not reflect the opinions of Scenius Capital Management. Guests and the host may maintain positions in the assets or funds discussed in this podcast. You should not treat any opinion expressed by anyone on this podcast as a specific inducement to make a particular investment or follow a particular strategy but only as an expression of their personal opinion. This podcast is for informational purposes only.
Subscribe to DTC Newsletter - https://dtcnews.link/signup Hello and welcome to DTC Podcast, I'm Eric Dyck. Today we're reheating the concept of microwave cookery, with Anyday founder, Steph Chen, and her Marketing Lead Danielle Walsh... We learn about the family business origin of this upstart brand, coming from the world's largest cookware dynasty, Meyer... Today's podcast deep dive on the power of story-telling, and a master class on the practical, low-fi tactics that Anyday uses to engage customers, and indoctrinate them into the Anyday family... From plain text emails, to outrageously long welcome sequences that invite customers to cook salmon in the work microwave this podcast clears the air on an appliance that has been long limited to melting butter and popping popcorn. Nuke, Nuke - who's there? Subscribe to DTC Newsletter - https://dtcnews.link/signup Advertise on DTC - https://dtcnews.link/advertise Work with Pilothouse - https://dtcnews.link/pilothouse Follow us on Instagram & Twitter - @dtcnewsletter Watch this interview on YouTube - https://dtcnews.link/video
Jake and Michael discuss all the latest Laravel releases, tutorials, and happenings in the community. (08:34) - Laravel 10.32 Released (13:46) - Laravel 10.33 Released (16:28) - Introducing the Laravel Number Utility Class (16:52) - Laravel Cyber Deals (20:27) - Laravel Pulse is a health and performance monitoring tool for your Laravel applications (26:44) - Stress testing with Pest with the new Stressless plugin (32:32) - Tinkerwell v4 is now released (35:32) - JetBrains now maintains the Pest plugin for PhpStorm (36:43) - Artisan.Page now supports all first-party Laravel packages (37:52) - Laravel Nova gets a fresh new website (40:07) - Wirebox: Your Livewire Playground Awaits (41:54) - Tailwind CSS: It looks awful, and it works (42:26) - Nginx Configuration for old Forge servers (42:57) - Learn how to impersonate users in your Laravel app (43:43) - Make iTerm2 look fantastic (43:55) - Conditionally Assert Throwing An Exception in Pest (44:09) - How to Convert HTML to Plain Text in PHP (44:26) - 7 Tips for Adding a Second Server to your App
Let's try to create an image rich document using Napkin AI Tool Spotify Podcasts- Civil Engineering Exam Prep https://open.spotify.com/show/5alzJzCupgCUcQPL8aqsv5?si=d4VlGHc-Rz2k3KIfddi42w ________________________________________________________________ Telegram - "Simplified Learning" [for MCQs tests, Quizzes, Polls and Notes] link: http://t.me/simplifiedlearningcivil Second Channel - "Civil Engineering in Hindi - Simplified Learning" link: https://www.youtube.com/channel/UCBn6eRSreQ8lo4GmpXa_kDQ Instagram - "Simplified Learning" link: https://www.instagram.com/simplifiedlearningcivil Spotify Podcasts - StoryCrat (Stories of Engineering) https://open.spotify.com/show/7HbD4pbvTwpoqZksKZt8Tj?si=idejiDS_TQeztMLa1gie1A ________________________________________________________________ #civilengineering#simplifiedlearning#engineering ________________________________________________________________ Tags: civil engineering civil engineering videos civil engineering lectures civil engineering short notes civil engineering notes civil engineering tutorials civil engineering preparation civil engineering exams civil engineering exam preparation civil engineering competitive exams gate civil engineering gate civil gate civil engineering preparation ies civil engineering ies civil state civil engineering services exam state engineering exams
Today, Liz and Andrew tackle the two biggest stories: Matt Gaetz having ousted Kevin McCarthy as Speaker of the House, and Donald Trump's civil trial in New York. All that AND an Andrew Was Wrong featuring more on the 14th Amendment. In the Patreon bonus, the two tackle a Liz Was Not Wrong about why Trump doesn't have a jury trial in New York. Hint: yes you can still make fun of Alina Habba! Notes Justice Engoron Order https://iapps.courts.state.ny.us/nyscef/ViewDocument?docIndex=op8OyfqVHpc6eGTx9LOw3Q== OAG v. Trump appellate decision https://iapps.courts.state.ny.us/nyscef/ViewDocument?docIndex=ReQsiVyUL/PE7F5_PLUS_RuqoMw== CBS News story on Trump conceding to $27 million valuation for Mar-a-Lago https://www.cbsnews.com/amp/news/trump-mar-a-lago-1-8-billion-own-company-said-it-was-too-high/?espv=1 SCOTUS orders 10/2 https://www.supremecourt.gov/orders/courtorders/100223zor_5368.pdf Eastman petition for cert https://www.supremecourt.gov/DocketPDF/22/22-1138/267263/20230519131455424_230516%20PWC%20corrected.pdf Trump Fulton County docket https://www.fultonclerk.org/DocumentCenter/Index/142 FC indictment https://s3.documentcloud.org/documents/23909542/23sc188947-criminal-indictment.pdf Seth Barrett Tillman, ‘Governor Newsom, Laphonza Butler, and the Constitution's Plain Text,' New Reform Club (Oct. 2, 2023, 3:54 PM), ; Josh Blackman & Seth Barrett Tillman, ‘Sweeping and Forcing the President into Section 3: A Response to William Baude and Michael Stokes Paulsen,' 28(2) Tex. Rev. L. & Pol. (forth. circa Mar. 2024) (posted on: Sept. 12, 2023), . Is There A Constitutional Right to a Jury Trial of Equitable Defenses in New York?, 74 St. Johns L. Rev. 1 (2000) https://scholarship.law.stjohns.edu/cgi/viewcontent.cgi?article=1421&context=lawreview -Support us on Patreon: https://www.patreon.com/law -Follow us on Twitter: @Openargs -Facebook: https://www.facebook.com/openargs/ -For show-related questions, check out the Opening Arguments Wiki, which now has its own Twitter feed! @oawiki -And finally, remember that you can email us at openarguments@gmail.com
In cybersecurity, the teaching of Cloud security is often weak. So, here are my Top 100 things about encryption in the Cloud. I've focused on AWS, but Azure is likely to also be applicable. Keys are created in the AWS KMS (Key Management Store). In Azure, this is named KeyVault. The cost of using a key in KMS is around $1/month (prorated hourly). When a key is disabled, it is not charged. With AWS KMS, we use a shared customer HSM (Hardware Security Module), and with AWS CloudHSM it is dedidated to one customer. For data at rest, with file storage, we can integrate encryption with Amazon EBS (Elastic Block Storage) and Amazon S3. Amazon EBS drives are encrypted with AES-256 with XTS mode. For AWS-managed keys, a unique key is used for every object within S3 buckets. Amazon S3 uses server-side encryption to store encrypted data. The customer can use client-side encryption to encrypt data before it is stored in the AWS infrastructure. AWS uses 256-bit Advanced Encryption Standard Galois/Counter Mode (AES-GCM) for its symmetric key encryption. In AWS S3, by default, all the objects are encrypted. A customer can use client-side encryption to encrypt data before it goes into the AWS infrastructure. For data at rest, for databases, we can integrate encryption with Amazon RDS (AWS's relational database service) and Amazon Redshift (AWS's data warehousing). For data at rest, we can integrate encryption into ElastiCache (AWS's content caching service), AWS Lambda (AWS's serverless computing service), and Amazon SageMake (AWS's machine learning service). Keys are tokenized and have an ARN (Amazon Resource Names) and alias. An example ARN for a key is arn:aws:kms:us-east-1:103269750866:key/de30e8e6-c753–4a2c-881a-53c761242644, and an example alias is “Bill's Key”. Both of these should be unique in the user's account. To define a KMS key, we can either use its key ID, its key ARN, its alias name, or alias ARN. You can link keys to other AWS Accounts. For this, we specify in the form of “arn:aws:iam::[AWS ID]:root”, and where AWS ID is the ID of the other AWS account. To enhance security, we can use AWS CloudHSM (Hardware Security Module). For simpler and less costly solutions, we typically use AWS KMS (Key Management Solution). For CloudHSM, we pay per hour, but for KMS, we just pay for the usage of the keys. The application of the keys is restricted to defined services. Key identifiers and policies are defined with a JSON key-value pair for data objects. Each key should have a unique GUID, such as “de30e8e6-c753–4a2c-881a-53c761242644”. Users are identified and roles are identified with an ARN, such as : “arn:aws:iam::222222:root”. With the usage of keys we have Key Administrative Permission and a Key Usage policies. There is an explicit denial on a policy if there is not a specific allow defined in a policy. For key permissions, we have fields of “Sid” (the descriptive name of the policy), “Effect” (typically “Allow”), Principal (the ARN of the user/group), “Action” (such as Create, Disable and Delete) and “Resource”. A wildcard (“*”) allows or disallows all. To enable a user of “root” access to everything with a key would be : “Sid”: “Enable IAM User Permissions”, “Effect”: “Allow”,“Principal”: {“AWS”: “arn:aws:iam::22222222:root”},“Action”: “kms:*”, “Resource”: “*”}. The main operations within the KMS are to encrypt/decrpyt data, sign/verify signatures, export data keys, and generate/verify MACs (Message Authentication Codes). Key are either AWS managed (such as for the Lambda service), Customer managed keys (these are created and managed by the customer). Custom key stores are where the customer has complete control over the keys). The main use of keys are for EC2 (Compute), EBS (Elastic Block Storage) and S3 (Storage). AES symmetric keys or an RSA key pair are used to encrypt and decrypt. RSA uses 2K, 3K or 4K keys, and with either “RSA PCKS1 v1.5” or “RSA PSS” padding. RSA PCKS1 v1.5 padding is susceptible to Bleichenbacher's attack, so it should only be used for legacy applications, and for all others, we should use RSA PSS. For RSA, we can use a hashing method of SHA-256, SHA-384 or SHA-512. In RSA, we encrypt with the public key and decrypt with the private key. For signatures, we can use either RSA or ECC signing. For RSA, we have 2K, 3K, or 4K keys, whereas ECC signing uses NIST P256, NIST P384, NIST P521, and SECG P256k1 (as used in Bitcoin and Ethereum). For MACs (Message Authentication Codes), Bob and Alice have the same shared secret key and can authenticate the hash version of a message. In the KMS, we can have HMAC-224, HMAC-256, HMAC-384 and HMAC-512. KMS uses hardware security modules (HSMs) with FIPS 140–2 and which cannot be accessed by AWS employees (or any other customer). Keys will never appear in an AWS disk or backup, and only existing the memory of the HSM. They are only loaded when used. Encryption keys can be restricted to one region of the world (unless defined by the user). With symmetric keys, the key never appears outside the HSM, and for asymmetric keys (public key encryption), the private key stays inside the HSM, and only the public key is exported outside. AWS CloudWatch shows how and when the encryption keys are being used. The minimum time that can be set for a key to be deleted is seven days (and up to 30 days maximum). An organisation can also create its own HSM with the CloudHSM cluster. When a key is then created in KMS, it is then stored in the cluster. The usage of encryption keys should be limited to a minimal set of service requirements. If possible, separate key managers and key users. With a key management (KEY_ADMINISTRATOR) role, we typically have the rights to create, revoke, put, get, list and disable keys. The key management role will typically not be able to encrypt and decrypt. For a key user (KEY_WORKER) role, we cannot create or delete keys and typically focus on tasks such as encrypting and decrypting. Hae a rule of minimum access rights, and simplify user access by defining key administration and usage roles. Users are then added to these roles. Avoid manual updates to keys and use key rotation. The system keeps track of keys that are rotated and can use previously defined ones. The default time to rotate keys is once every year. Key rotation shows up in the CloudWatch and CloudTrail logs. KMS complies with PCI DSS Level 1, FIPS 140–2, FedRAMP, and HIPAA. AWS KMS is matched to FIPS 140–2 Level 2. AWS CloudHSM complies with FIPS 140–2 Level 3 validated HSMs. AWS CloudHSM costs around $1.45 per hour to run, and the costs end when it is disabled or deleted. The CloudHSM is backed-up every 24 hours, and where we can cluster the HSMs into a single logical HSM. CloudHSM can be replicated in AWS regions. AWS KSM is limited to the popular encryption methods, whereas the CloudHSM can implement a wider range of methods. The CloudHSM can support methods such as 3DES with AWS Payment Cryptography. This complies with payment card industry (PCI) standards, such as PCI PIN, PCI P2PE, and PCI DSS. In the CloudHSM for payments, we can generate CVV, CVV2 and ARQC values, and where sensitive details never exist outside the HSM in an unprotected form. With the CloudHSM, we have a command line interface where we can issue commands, and is named CloudHSM CLI. Within the CloudHSM CLI, we can use the genSymKey command to generate symmetric key within the HSM, such as where -t is a key type (31 is AES), -s is a key size (32 bytes) and -l is the label: genSymKey -t 31 -s 32 -l aes256 With genSymKey the key types are: 16 (Generic Secret), 18 (RC4), 21 (Triple DES), and 31 (AES). Within the CloudHSM CLI, we can use the genRSAKeyPair command to generate an RSA key pair, such as where -m is the modulus and -e is the public exponent: genRSAKeyPair -m 2048 -e 65537 -l mykey AWS CloudHSM is integrated with AWS CloudTrail, and where we can track user, role, or an AWS service within AWS CloudHSM. With AWS Payments Cryptography, the 2KEY TDES is Two-key Triple DES and has a 112-bit equivalent key size. The Pin Encryption Key (PEK) is used to encryption PIN values and uses a KEY TDES key. This can store PINs in a secure way, and then decrypt them when required. S3 buckets can be encrypted either with Amazon S3-managed keys (SSE-S3) or AWS Key Management Service (AWS KMS) keys. There is no cost to use SSE keys. For symmetric key encryption, AWS uses envelope encryption, and where a random key is used to encrypt data, and then the key is encrypted with the user's key. AWS should not be able to access the key used for the encryption. The default in creating an encryption key is for it only be to used in a single region, but this can be changed to multi-region, and where the key will be replicated across more than one region. In AWS, a region is a geographical area, and which is split into isolated locations. US-East-1 (N.Virginia) and US-East-2 (Ohio) are different regions, while us-east-1a, us-east-1b and us-east-1c are in the same region. A single region key the US-East-1 region would replicate across eu-east-1a, eu-east-1b and eu-east-1c, and not to eu-east-2a, eu-east-2b and eu-east-2c. When creating a key, you can either create in the KMS, import a key (BYOK — bring your own key), create in the AWS CloudHSM, or create in an external key store (HYOK — hold you own key). For keys stored on-premise we can use an external key store (XKS) — this can be defined as Hold Your Own Keys (HYOKs), and where and where no entity in AWS will able to read any of the encrypted data. [here]. You can BYOK (bring your own key) with KMS, and import keys. KMS will keep a copy of this key. With XKS, we need a proxy URI endpoint, with the proxy credentials of an access key ID, and secret access key. To export keys from AWS CloudHSM, we can encrypt them with an AES key. This is known as key wrapping, as defined in RFC 5648 (for padding with zeros) or RFC 3394 (without padding). A strong password should always be used for key wrapping. AWS encryption operations can either be conducted from the command line or within API, such as with Python, Node.js or Golang. With KMS, the maximum data size is 4,096 bytes for a symmetric key, 190 bytes for RSA 2048 OAEP SHA-256, 318 bytes for RSA 3072 OAEP SHA-256, ad 446 bytes for RSA 4096 OAEP SHA-256. An example command to encrypt a file for 1.txt with symmetric key encryption is: aws kms encryp --key-id alias/MySymKey --plaintext fileb://1.txt --query CiphertextBlob --output text > 1.out To decrypt a file with symmetric key encryption, an example with 1.enc is: aws kms decrypt --key-id alias/BillsNewKey --output text --query Plaintext --ciphertext-blob fileb://1.enc > 2.out In Python, to integrate with KMS, we use the Boto3 library. The standard output of encrypted content is in byte format. If we need to have a text version of ciphertext, we typically use Base64 format. The base64 command can be used to convert byte format in Base64, such as with: $ base64 -i 1.out — decode > 1.enc The xxd command in the command line allows the cipher text to be dumped to a hex output and can then be edited. We can then convert it back to a binary output with: An example piece of Python code for encrypting a plaintext message with the symmetric key in Python is: ciphertext = kms_client.encrypt(KeyId=alias,Plaintext=bytes(secret, encoding='utf8') An example piece of Python code to decrypt some cipher text (in Base64 format) is: plain_text = kms_client.decrypt(KeyId=alias,CiphertextBlob=bytes(base64.b64decode(ciphertext))) To generate an HMAC signature for a message in the command line, we have the form of: aws kms generate-mac --key-id alias/MyHMACKey --message fileb://1.txt --mac-algorithm HMAC_SHA_256 --query Mac > 4.out To verify an HMAC signature for a message in the command line, we have the form of: aws kms verify-mac -key-id alias/MyHMACKey -message fileb://1.txt -mac-algorithm HMAC_SHA_256 -mac fileb://4.mac To create an ECDSA signature in the command line, we have the form of: aws kms sign -key-id alias/MyPublicKeyForSigning -message fileb://1.txt -signing-algorithm ECDSA_SHA_256 -query Signature > 1.out To verify an ECDSA signature in the command line, we have the form of: aws kms verify -key-id alias/MyPublicKeyForSigning -message fileb://1.txt -signature fileb://1.sig -signing-algorithm ECDSA_SHA_256 To encrypt data using RSA in the command line, we have the form of: aws kms encrypt -key-id alias/PublicKeyForDemo -plaintext fileb://1.txt -query CiphertextBlob -output text -encryption-algorithm RSAES_OAEP_SHA_1 > 1.out To decrypt data using RSA in the command line, we have the form of: aws kms decryptb -key-id alias/PublicKeyForDemo -output text -query Plaintext -ciphertext-blob fileb://1.enc -encryption-algorithm RSAES_OAEP_SHA_1 > 2.out To sign data using RSA in the command line, we have the form of: aws kms sign --key-id alias/MyRSAKey --message fileb://1.txt --signing-algorithm RSASSA_PSS_SHA_256 --query Signature --output text > 1.out To verify data using RSA in the command line, we have the form of: aws kms verify --key-id alias/MyRSAKey --message fileb://1.txt — signature fileb://1.sig --signing-algorithm RSASSA_PSS_SHA_256 You cannot encrypt data with Elliptic Curve keys. Only RSA and AES can do that. Elliptic Curve keys are used to sign data. If you delete an encryption key, you will not be able to decrypt any ciphertext that uses it. We can store our secrets, such as application passwords, in the secrets manager. An example of a secret name of “my-secret-passphrase” and a secret string of “Qwery123” we can have: aws secretsmanager create-secret --name my-secret-passphrase --secret-string Qwerty123 In China regions, along with RSA and ECDSA, you can use SM2 KMS signing keys. In China Regions, we can use SM2PKE to encrypt data with asymmetric key encryption. Find out more here: https://asecuritysite.com/aws
Elon Musk is back in the news again. (Really, does he ever leave the news?) Last week, Musk announced a new artificial intelligence venture called xAI. The timing of the launch is odd considering Musk still runs Tesla, SpaceX, Neuralink, Boring Company, and Twitter. Twitter in particular is causing him headaches, with both its sagging business and increased competition from rivals like Meta's Threads. All of these developments are happening in the shadow of what feels like a lazy subplot on a bad sitcom—a proposed mixed martial arts cage match between Musk and his rival, Meta CEO Mark Zuckerberg. This week, we talk with WIRED editor at large Steven Levy about the launch of xAI and its stated goal of “understanding the true nature of the universe.” We also discuss the places generative artificial intelligence has yet to venture, and the ways in which xAI could make an impact in the field of deep learning. And of course, we talk about that cage match. Yech. Show Notes: Read Steven's Plaintext newsletter, in which he urges Mark Zuckerberg not to take the bait. Will Knight outlines xAI's biggest challenges. Amanda Hoover writes about Threads' threat to Twitter's domain. Paresh Dave gives an update on AI regulation in Europe and the US. Read all of our generative AI coverage. Recommendations: Steven recommends Oppenheimer. So does Lauren. (We discuss it without spoiling it.) Mike recommends pretzel buns, because it's not summer without them. Steven Levy can be found on Twitter @StevenLevy. Lauren Goode is @LaurenGoode. Michael Calore is @snackfight. Bling the main hotline at @GadgetLab. The show is produced by Boone Ashworth (@booneashworth). Our theme music is by Solar Keys. Learn more about your ad choices. Visit podcastchoices.com/adchoices
In the security news: keystroke logs are stored in plain-text (and other atrocities in software used in schools), WPBT is the gift that keeps on giving and this time it's Gigabyte, PCI DSS 4.0 (drink!), immutable linux desktops, one packet exploits, neat linux malware, sock puppets, a must read new book about hacks, why SMB why?, boot girls, exposing customers....data, cracking GSM, you MUST use 2fa (not should, must), old wine in a new bottle, lab grown "meat", malicious bookmarks, and ChatGPT's secret reading list! All that and more on this episode of Paul's Security Weekly. Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw-787
In the security news: keystroke logs are stored in plain-text (and other atrocities in software used in schools), WPBT is the gift that keeps on giving and this time it's Gigabyte, PCI DSS 4.0 (drink!), immutable linux desktops, one packet exploits, neat linux malware, sock puppets, a must read new book about hacks, why SMB why?, boot girls, exposing customers....data, cracking GSM, you MUST use 2fa (not should, must), old wine in a new bottle, lab grown "meat", malicious bookmarks, and ChatGPT's secret reading list! All that and more on this episode of Paul's Security Weekly. Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw-787
In this episode, Dr. Paulson begins to outline what Luther means when he talks about the "plain text" of Scripture. Paulson shows how the plain text meaning works alongside doctrines like Sola Scriptura. He then talks about how Luther confronts Erasmus with the plain text. Show Notes Support the Show 1517 Podcasts The 1517 Podcast Network on Apple Podcasts 1517 on Youtube More from the hosts Caleb Keith Steven Pauslon
EMAIL MARKETING RESOURCES: Episode 1: https://bit.ly/41KjyMT Episode 2: https://bit.ly/3mlmnns Epsiode 177 (More Emails = More Sales): https://bit.ly/3MwjBH5 MY RESOURCES: Play Cafe Academy & Play Makers Socity: http://bit.ly/3HES7fD Current Owners Membership Application: http://bit.ly/3kQsNtQ Fund Your Indoor Play Business: http://bit.ly/38KbYbz Courses & Consulting: http://bit.ly/3N7bPAI Indoor Playground Business Courses: https://bit.ly/37yCxAC Michele's Instagram: https://bit.ly/3Ia4PTK Michele's Website: https://www.michelecaruana.com YouTube Channel: https://bit.ly/3JDkSe7 FREE 14-DAY Active Campaign Trial: https://bit.ly/3rjp5bP What's Working 2023 Guide: http://bit.ly/3GwXQAS ETSY Template Shop: https://bit.ly/40RF5D4 Recession Prep Playlist: https://www.michelecaruana.com/recessionprep FREE 2023 Membership Workshop: https://bit.ly/free2023workshop
In this episode, Christian Simovic joins Matt to show you how to create a frothing at the mouth email using nothing but plain-text emails. A lot of people think that you need fancy software or HTML coding skills to create an effective email campaign, but that's not true. You can get great results with simple text-based emails if you know what you're doing. ABOUT CHRISTIANChristian Simovic is a plain-text email marketing specialist. He prescribes daily emails for his clients, and sends out daily email marketing tips via his email list. His clients have ranged from small organic skincare brands to reality TV stars.Here's a summary of the great stuff that we cover in this show:Copywriting is applying the fundamentals of salesmanship and understanding the psychology of why we buy and then applying that to the written word. From a psychological point of view, a plain text email is a much better approach because it helps build a personal one on one connection. Also, from an email deliverability standpoint, if you have images and newsletter kind of themes, they are likely to end up in the promotions tab, or worse the spam tab. When writing daily emails, you can't just be pure sales. If you're writing fun, informational, and more importantly, entertaining content that segue into a product, you really can't go wrong with daily emailing. Just plain text emails, they could be various lengths - short question, 300 to 500, some 500 to1000 words depending on the kind of content you're sending out, that resonates with your audience and engages them. The PAS (Problem, Agitate, Solution) approach is great for writing plain text long form marketing emails. If you spend all of your time knowing everything about your market, the problems, their pains, what they want, their slang, their little jokes, then writing daily emails or just writing emails in general becomes very easy because you understand your audience and what they want to talk about.For complete show notes, transcript and links to our guest, check out our website: www.ecommerce-podcast.com.
Dave has 30 years of industry experience. He has extensive experience in IT security operations and management. He is the founder of the security site Liquidmatrix Security Digest & podcast as well as the host of DuoTV and the Plaintext podcast. He is currently a member of the board of directors for BSides Las Vegas. Previously he served on the board of directors for (ISC)2 as well as being a founder of BSides Toronto conference. Dave has been a DEF CON speaker operations goon for over 10 years. Lewis also serves on the advisory board for the Black Hat Sector Security Conference and the CFP review board for 44CON. He is currently working towards his graduate degree at Harvard. Dave has previously written columns for Forbes, CSO Online, Huffington Post, The Daily Swig and others. For fun he is a curator of small mammals (his kids) plays bass guitar, grills, is part owner of a whisky distillery and a soccer team. In this interview, Dave Lewis shares his highlights from his keynote presentation at SINCON 2023, the first cybersecurity conference in Singapore for the year 2023. Globalisation and supply chain attacks - He shared his thoughts on how threat actors have exploited globalisation of supply chain: that as organisations move to a cloud-based iteration “for everything” and thereby extending targets of opportunities for the attackers. This means that we have extended from protecting the “four walls” to an “unfathomable number of walls”. In particular, as we digitalise, we have to “make sure we are not outpacing security”, and that we understand our fallback position if “there's a global catastrophe and we have to cut off from the rest of the world.” One example is critical infrastructure, where there is “accumulated security debt” (e.g. deprecated applications) and where “stakes are higher”. Zero trust - Dave stressed that “zero trust” is an “iterative process” and there is “no end state”. Rather, it is about reducing the risks and addressing the core fundamentals from 30 years ago – managing our core users, our network segmentation, critical applications in our environment. Cybersecurity skills and resources - Dave also shared how we need “more adults at the table”, that maturing our cybersecurity posture requires more senior level involvement. He also advised that we need to “get away from the “sensationalisation” of the hacker culture” – that cybersecurity is not strictly the hacker sub-culture. Cyber threat landscape - Using Wannacry as an example, Dave noted that the SMBv1 vulnerability had been known but remained unfixed for 10 years. This “security debt” was an example of how we as cybersecurity practitioners tend to “lose our focus collectively”. As we are at that “juncture where we have to figure out how we are going to mature as an industry and be able to handle these risks in a coherent fashion”, he predicted that “we will keep making the same mistakes for a while.” Further, referencing how the ransomware have evolved since the first version by Dr Joseph Popp in 1989, he said “financial motivation will not go away, it is just how they are going to get their money.” Recorded 5th January 2023, 11.30am, VOCO hotel, Singapore.
We hope all of the turkey comas have worn off! These holiday delays are almost over, and in the meantime here we are with the second part of how security verticals fit into the great sprawling world of DevSecOps! Mike and Ken discuss migration fro on prem to cloud and how this shift has had a tremendous effect on the perception of data security. It's become easier and easier to spin up data storage solutions in cloud and infrastructure as code, but it's lead to some common and repeated mistakes that rear their ugly heads. Now the responsibility of spinning up servers, managing credentials, encrypting data at rest and in transit falls on software engineering shoulders, and with that we're learning that some of those lessons DBAs learned ages ago are back with a vengeance.
As its new company name would imply, Meta's making a big deal about the metaverse. The company formerly known as Facebook just announced a new VR headset, the $1,500 Meta Quest Pro. It's an expensive hunk of face hardware meant to entice users into the metaverse—an ambitious virtual realm that Mark Zuckerberg so desperately wants to make A Thing. But the supposed VR revolution still feels like it's a long way off. This week on Gadget Lab, WIRED editor at large Steven Levy joins the show to talk about Meta's latest VR ambitions and whether Zuckerberg's metaverse gamble will pay off. Show Notes Read Lauren's story about the Meta Quest Pro. Follow Steven Levy's Plaintext newsletter. Recommendations Steven recommends the play Leopoldstadt by Tom Stoppard on Broadway. Lauren recommends Tap to Pay on the New York subway system and just having tap top pay everywhere, really. Steven Levy can be found on Twitter @StevenLevy. Lauren Goode is @LaurenGoode. Michael Calore is @snackfight. Bling the main hotline at @GadgetLab. The show is produced by Boone Ashworth (@booneashworth). Our theme music is by Solar Keys. Learn more about your ad choices. Visit podcastchoices.com/adchoices
First Friday of August, 2022 ------
The Way of Crypto - The best Crypto and Bitcoin news source in the universe.
The Way of Crypto now has a Patreon if you would like to support the show. https://www.patreon.com/thewayofcrypto You can support The Way of Crypto by using the affiliate links below: Ledger Hardware Wallet: Not your keys, not your coins - purchase a Ledger Hardware Wallet and secure your Crypto here. https://shop.ledger.com?r=164a57ca97c2 A new show every weekday. Please subscribe and leave us a review on your preferred podcasting platform. www.thewayofcrypto.com Please tune in and follow us on Twitter @wayofcryptocast and; TikTok @wayofcrypto #bitcoin #btc #crypto #ethereum #bitcoin #dogecoin #apecoin #luna #investing
Contact Jelke: jelke@Ludolphij.comQuestiary Patreon: https://www.patreon.com/questiaryMörk Borg on the web: https://morkborg.com/Plain Text, Free Version of Mörk Borg: https://jnohr.itch.io/mrk-borg-freePirate Borg, Limithron's rum-infested hack of Mörk Borg: http://pirateborg.com/Limithron and The Ship of the Dead Podcast Patreon: https://www.patreon.com/posts/limithrons-table-41712155Wayne June reads the Mörk Borg lore (better than Luke): https://www.youtube.com/watch?v=rlns2T5ZV8o
Alex Cox joins the crew for their first 4-way. Mental Health discussions ensue, plus some apps you'll love.
You need to consider plain text as a means to future-proof your written work. Why plain text? How hard is it to do? What are the advantages and disadvantages? My suggestions? Let's find out. The question of the week is: What steps have you taken to archive your manuscripts or other important work? Alternate question: What is your favorite text editor or notetaking app? Derek Sivers, https://sive.rs/plaintext ("Write plain text files.") https://www.writingpursuits.com/five-day-security-challenge (Shields Up: Take The Five-Day Security Challenge) -https://youtu.be/NmY28l-vQ4A (Shields Up video) Links:https://www.writingpursuits.com/captivate-podcast/1/WritingPursuits.com (WritingPursuits.com) Instagram: https://www.instagram.com/writingpursuitspodcast/ (@WritingPursuitsPodcast) https://theauthorlife.com/editing/ (Three Story Method Certified Editor) https://www.kathresemckee.com (KathreseMcKee.com) https://www.mailerlite.com/a/w0b4qwbvfg (Mailerlite (affiliate link)) https://www.yourfirstchapter.com (YourFirstChapter.com) Mentioned in this episode: Get Your First Chapter Rubric at FirstChapterRubric.com Is your first chapter ready? Be confident! What if you had a resource to help you figure out the strengths and weaknesses of your first chapter? An objective, informative rubric to go by? If your first chapter doesn't work, then you have probably lost a customer for life. Or a chance to sign an agent or get a publishing contract. Don't leave things to chance. This rubric will help you identify the problem areas in your first chapter and figure out how to fix them. Be ready for queries. Be ready for readers. Get the results you dream about. Go to FirstChapterRubric.com.
CEO of Evervault, Shane Curran, shares his thoughts on plaintext data and why it is the 'real enemy' when it comes to ransomware attacks.
Do you believe that sometimes the most effortless and simplistic things in life have the best value? We are so attached and connected to programs and various productivity tools that we give ourselves excuses not to be productive and get sh*t done the moment we are offline. "Don't depend on any tool that needs an internet connection," said Derek Sivers. My Weekly Newsletter: Bit.ly./Tams3Tips Instagram : Instagram | @TamSincerely
Find out more on our website: https://bit.ly/3q2Vbck Public Key Infrastructure (PKI) was globally accepted in the mid 1990's. PKI can be thought of the Authentication, Encryption and Decryption of all digital devices and all data. Think modern day Enigma or Lorenz encryption machines as used in the Second World War that Alan Turing and William Tutte cracked the codes on and you're thinking on the right lines. PKI is made up of Digital Certificates and Encrypted Keys. It is used to identify and encrypt billions upon billions of messages daily in the totally reliant, digital world of communication. Digital certificates in essence take Plain Text data, just like this sentence, and encrypt it into Ciphertext. Once it is received, the recipients PKI, (if trusted) deciphers the text back into plaintext. This exchange of data is seamless. However, if either part is insecure, a Man in the Middle attack (MiTM) can easily be achieved and result in plain text exfiltration. Ransomware has become so popular because organisations have unfortunately a lack of PKI controls and their data can be accessed, at rest (on a server) or in flight (being sent to or from a server) and remain in plain text throughout. Criminals can capture or exfiltrate that data and then hold it to ransom. This situation then quickly, and unequivocally falls foul of all Privacy laws including UKDPA and GDPR. Certificate Authorities (CA's) issue digital certificates in their billions and certificates typically last for 12 months. Many CA's have become household names such as Digicert, GoDaddy and Let's Encrypt. Certificates, have access, and privileges and due to their sheer numerical scale, few, if any companies know what digital certificates make up their PKI or Network. It is why the world's first digital cyberattack (cyber warfare) used digital certificates and weaponised them to create Stuxnet by planting malicious code into them. These weaponised (Microsoft) digital certificates were readily accepted by the Iranian Nuclear power facility in Natanz and used. After 13 days they triggered the malicious code. This resulted in centrifuge disruption resulting in mass destruction through harmonic rupturing. Stuxnet, and more latterly, SolarWinds' cyberattack in December last year, the worlds largest ever cyberattack on thousands of consequential hacks including the US Government, both used the lack of PKI management to disguise and Trojanized their attacks. Speaker: Andy Jenkinson is a senior and seasoned innovative Executive with over 30 years' experience as a hands-on lateral thinking CEO, coach, and leader. A 'big deal' business accelerator, and inspirational, lateral thinker, Andy has crafted, created, and been responsible for delivering 100's £millions of projects within the Cyber, Technical, Risk and Compliance markets for some of the world's largest, leading organisations. Andy has a demonstrable track record of large-scale technical delivery and management within many sectors including, Professional, Managed, and Financial Services. More latterly Andy was one of the first, and very few people to discover the plethora of insecure SolarWinds domains post their massive cyberattack last year. It has since been proven that Andy's version of the attack (and many others) of an insecure subdomain being hijacked and a nefarious website being stood up, has now become common knowledge, and widely accepted as being the initial access and root cause of the initial infiltration (Sunburst). Andy's research and paper was presented to the United States Senate Intelligence Committee overseeing the SolarWinds breach earlier this year.
What information can be intercepted from a home's Smart Meter? How can security risks like these be avoided? Josh Norem joins our monthly episode dedicated to helping you better understand current news stories that involve Security. Here are some of the questions Josh helps answer: Why transmit unencrypted data? What were GPS and time-stamps used for? What is a Threat Model? Article on Smart Meter Hack: LINK
Spiegare ad altri : tecniche e vantaggi
Membership - https://www.podiatrypracticemastery.com/products/podiatry-practice-mastery-membership/categories/2147902815/posts/2149685573 Podiatry Practice Mastery Videos - https://podiatry.com/news//subcat/Podiatry+Practice+Mastery/Practice+Management Designerr - https://go.designrr.io/designrr-premium-upgrade-special3?affiliate=donpelto Home Delivered Diabetic Shoe - https://www.nocostshoes.com/ Download Long YouTube Transcripts as Plain Text & Remove Hard Returns or Line Breaks - https://www.youtube.com/watch?v=M_7cL-Vo6z4 --- Send in a voice message: https://anchor.fm/drpelto/message
This course will help learners increase their knowledge of how to create a simple webpage or make a complete website with HTML. Learn basic HTML and build your website from scratch.
In this episode we talk about why plain text files are better for efficiency in your workflows. --- Support this podcast: https://anchor.fm/hackerculture/support
The visual vs. text content debate is a tale as old as time. Okay, it’s at least 5 years old, and there is a general consensus, but it is a heavily discussed topic in the digital marketing world. With the emergence of social media and the overwhelming shift towards online platforms, it is more and more important to truly understand the content your audience is seeking so that you can ensure your content stands out in the crowd. Link to blog: https://bit.ly/3rzdvIu --- Send in a voice message: https://anchor.fm/webfeat-complete/message
As a nonfiction author, retaining what I read is my job. Through the process of writing three books, I’ve experimented with different ways of reading, remembering what I read, and using that knowledge to develop my own thoughts. I’ll share today my note-taking system. I hope it serves as a good example of a digital “Zettelkasten” or slip box. Listen to My Zettelkasten: An Author’s Digital Slip-Box What is a Zettelkasten? I talked about Zettelkasten in my How to Take Smart Notes book summary on episode 249, but here’s a quick review. Zettelkasten is German for “slip box.” In the analog form, a Zettelkasten is a box filled with slips of paper. On each slip is an idea, notes about which other slips that idea is related to, and keywords used for organizing the slips. Wikipedia: Kai Schreiber The Zettelkasten method originated in analog, but is being adapted to digital Much of the original Zettelkasten techniques were developed to adapt the limitations of physical paper to non-hierarchical organization, like today’s internet. Now, writers are adapting the Zettelkasten method to digital software. “Zettelkasten” is a “slip box” and “note-taking system.” A “slip” is a “note” A note about terminology for this article: I’ll be using the terms Zettelkasten, note-taking system, and slip box interchangeably. They all mean the same thing. The same goes for “slip” and “note.” They’re the same thing. What do I use a Zettelkasten for? The Zettelkasten method is most commonly used by academic writers. That use case has its own unique demands. I, however, am a blogger and nonfiction (self-help) author. Here’s what I aim to do with my Zettelkasten: Retain what I read: I want to be able to put interesting things I read into my own words. Access my knowledge: I want to be able to quickly access quotes, facts, figures, and story details, when I don’t remember them perfectly. Direct my curiosity: I want to have options for things I can read that will drive my knowledge more-or-less toward learning something useful. I call it strategic curiosity, which I talked about on episode 184. Develop my ideas: I want to guide ideas through the four stages of creativity, which I talked about on episode 218. Ship writing: I want to mix my knowledge and ideas into shipped tweets, weekly newsletters, articles, and books. Four misconceptions about note-taking Like many things I’ve come to love, I was resistant to the idea of note-taking at first. Some misconceptions I had: 1. Note-taking does not take the pleasure away from reading Note-taking doesn’t have to take more mental effort than reading. It can be broken into low-effort activities that build into something great. Additionally, you can still read “for pleasure.” Not all my reading goes through my note-taking process. 2. Note-taking is not mindlessly writing down everything you read Note-taking connects your consumption of knowledge with your creation of knowledge. If you mindlessly write down everything, there’s no room for creativity. Only take notes on the parts of your reading that interest you, or that you otherwise want to retain. 3. Note-taking is not boring Some parts of note-taking look boring. For example, looking at a highlight you’ve made, then writing it in your own words, looks boring. But it’s fun. It’s just enough of a challenge to keep you engaged. 4. Google is not a substitute for notes Your notes are not simple records of facts and figures. You would not get the same results by Googling anything you’d like to reference. Inherent in the system is your own thoughts. My Zettelkasten notes are plain-text Markdown files I have a lot of notes in Evernote, but those notes are distinct from notes in my Zettelkasten. Evernote is mostly for project-related or operational things. After using Evernote for ten years, and watching it get slow and bloated, I didn’t want to get locked in to any software. A lot of Zettelkasten practitioners love Roam Research, which is very powerful. But I like the portability, simplicity, and offline-capability of plain text. My plain-text Zettelkasten notes are synced through Dropbox I love writing in Markdown, which is a simple, human-readable way of adding formatting and links to plain-text. My notes are text files (with the extension .md) sitting in folders on my hard drive, and are also synced to Dropbox. I edit my plain-text Zettelkasten notes through Obsidian, 1Writer, and Ulysses Since my notes are plain-text files, I can access them on a ton of different software. I mostly work through Obsidian on desktop, and 1Writer on iPad. I also sometimes use Ulysses, because I like how it allows me to preview the contents of many files at once. The structure of my digital Zettelkasten As I covered in my How to Take Smart Notes book summary, the general structure of a Zettelkasten is: Fleeting Notes Literature Notes Permanent Notes I have three additional categories: Inbox Someday/Maybe Raw My Zettelkasten folder structure, as viewed through Ulysses. A flow chart of my Zettelkasten process. Partly inspired by Getting Things Done. Fleeting Notes I take in my tiny Moleskine Volant, or on the Drafts app, or in any of my other paper notebooks. Literature Notes are any condensed notes I’ve made of an entire piece, such as an article or book – more on that process in a bit. Permanent Notes are single ideas, facts, or stories. This is the real “slip box” or Zettelkasten, where I connect ideas to one another to sprout new ideas or build them into larger works – I’ll give you an example later. The Inbox is where I put notes that need to be processed. This could be highlights from a book that I need to condense and summarize – as I’ll describe soon. This is where Fleeting Notes go next. This also might be a link to an article that I may want to summarize. I don’t always want to deal with everything in my Inbox, so if not, I put the note in my Someday/Maybe folder. I borrowed this from the GTD “Someday/Maybe” that I talked about in my Getting Things Done summary on episode 242. This folder is for things that seem interesting to me, but are either not interesting enough to motivate me to give them the attention I’d like to, and/or they’re not relevant enough to any topics I’m working on. Raw is where I store my exported highlights after I’ve condensed and summarized a book or article. This folder keeps me from cluttering the system, but I can still quickly search if there are details I want to retrieve that aren’t covered in my literature notes. I name my Zettelkasten files in plain English An ongoing debate amongst Zettelkasten users is how to name files. Niklas Luhmann, whose physical Zettelkatsten is being studied at the University of Bielefeld, used a branched numbering system. One could make a case for why his naming system is still relevant. Still other users insist every file should have a unique ID, so they use the date and time. I personally name my files with a plain-English description of what the note is about, such as “The Queen’s Gambit took 37 years to become a bestseller.md”. The main argument people have against this method is if you decide the note is about something else, you have to change the name of the note, and that breaks your links. But with modern technology you can easily do find/replace, and Obsidian handles name changes for you automatically. How you should name files in your slip box depends upon your workflow and preferences. Files are linked using “WikiLinks” I link my files within my system using a feature called WikiLinks, aka FreeLink. Basically, any filename I put in [[double brackets]] is automatically linked to, even if that file is in another folder in my database. WikiLinks isn’t native to Markdown, but Obsidian does support it, and makes it easy with auto-suggest. On 1Writer for iPad, these links only work for files that are within the same folder, which limits the tasks I can do on iPad. Arguably this is a form of lock-in to Obsidian, but other plain-text editors support WikiLinks. Evan Travers has a nice breakdown of Zettelkasten-supporting features in various Markdown plain-text editors. I manage my Zettelkasten through a series of comfortable habits/rituals You aren’t going to maintain your Zettelkasten if it feels like a slog. This is why I’ve carefully designed my system so I manage it through a series of comfortable and easy habits and rituals. Comfortable contexts for managing my Zettelkasten There are four main contexts around which I’ve designed the habits and rituals for managing my Zettelkasten. Active: I might be cooking, taking a shower, or having dinner conversation with friends. If an idea comes to me, or I hear something great on a podcast, I want to capture it. Lying down: I do most of my reading lying down, and I do the initial stages of book summaries lying down (more in a bit). Reclining: I do as much of my writing as possible slightly reclined, with my iPad and keyboard on an over-bed table, over my recliner. Upright: I have a standing/sitting desk where I work at my computer sparingly. https://twitter.com/kadavy/status/1288883415153094659 As you can see, I’ve designed my contexts to be as comfortable as possible, so maintaining my system doesn’t feel like a chore. Now what do I do in all these contexts? I’ll cover that as I talk about processes. My process for reading and summarizing a book One of the main sources of notes in my Zettelkasten is books. When I really want to absorb and document my learning from a book, here’s the process I follow: Read the book: I do this on my Kindle, lying down on my couch or in my hammock. I highlight as I read, and I will occasionally take a quick note – which is hard to do on a Kindle. Unlike some people, I do not take Fleeting Notes in a notebook while reading. That would make the context uncomfortable. Export the highlights to Markdown: Readwise makes this easy, though there are other ways, if you search around. Highlight my highlights: Like my reading ritual, I highlight highlights while lying on my couch. On 1Writer for iPad, I bold the most interesting parts of my highlights. I can also do this on my phone during “in-between” time, such as waiting for friends to arrive at a restaurant. Tiago Forte calls highlighting of highlights “progressive summarization.” Condense my highlights: I look at the highlights I’ve bolded and re-write the interesting ones in my own words. I’ll also pull out any interesting quotes. I may also brainstorm my own thoughts about the implications of what I’ve learned. This is all a “Literature Note.” I do this in my recliner, with iPad and keyboard. Break my condensed highlights into notes: I make individual “Permanent Notes” in my slip box – one idea per note. This is when I add relevant tags, link my note to any existing related notes, and add thoughts I have about how the individual note relates to my work. I do this on my desktop computer, using Obsidian. I follow this process for only the best books This may sound like a boring and arduous process for reading a single book. But it’s not. First, I don’t do this for every book. Whether or not I follow all these steps depends upon my interest in the book. I only do this for books I really want to absorb, such as when I wrote my summaries of Understanding Media or The Black Swan. Readwise helps me review books I don’t fully process If a book isn’t compelling enough for me to follow these steps, I still get a chance to review the highlights. Readwise sends me three random highlights each day – from my database of 20,000+. I review these highlights when I check my email. If I see a highlight I’d like to develop into a Permanent Note, I copy and paste it into Drafts, from where I will process it later. My process for academic articles and web articles I do most of my reading in books. I also read some academic articles. I do the least reading of all on the web. For both academic articles and web articles, my process is the same: I save the PDF in a “toread” folder on Dropbox (yes, I make PDFs of web articles!) I then read the PDF on LiquidText for iPad, where I highlight it. I export my highlights to plain text, and follow the same process as for books to make Literature Notes and Permanent Notes. My web-article process is inefficient Yes, my process for web articles is inefficient, but I rarely read web articles. If I read on the web more, I’d probably use Pocket and have Readwise manage those highlights. I have begun experimenting with using ePub.press to read web articles on my Kindle, but to get the highlights I have to connect my Kindle to my computer to dig them out. Capturing ideas Probably more so than an academic writer, my writing as a self-help author is driven by my own ideas. When I get an idea, I either capture it in my Moleskine Volant with collapsible Zebra mini-pen, or I capture it with Drafts. In my shower, I keep an Aqua Notes pad and pencil. I use Zapier to save my own tweets Also, many of my ideas I soon turn into tweets. If I want to put something I’ve tweeted into my Zettelkasten, I “like” my own tweet. This triggers a Zapier automation that collects the tweet and basic metadata, and saves it as a text file in my Inbox on Dropbox. An Automator script on my computer then changes the file extension to .md. I liked my own tweet, and Zapier imported it to Dropbox for me. (If I want to capture someone else’s tweet, I copy/paste it or share it to Drafts.) Clearing the Inbox As I describe in the final chapter of my book, Mind Management, Not Time Management, my ideas initially go into one of several inboxes. Currently, that’s mostly my pocket notebook and Drafts. I then have to clear those inboxes. I try to spend a few minutes each day looking through my inboxes, while at my computer. Not all notes that end up in Drafts are for my Zettelkasten, but for the ones that are, I have an “action” in Drafts that sends those notes to my Zettelkasten Inbox. I’m far from having “Inbox zero” in my Zettelkasten. It’s full of book or article highlights that need to be progressively summarized, or tweets that need to be tagged and turned into Permanent Notes. My Zettelkasten Inbox, with some examples of the types of notes in there. Idea-driven keywords for tags (and examples!) Choosing the right keywords or tags for your Zettelkasten allows it to work as a non-hierarchical database of your knowledge and ideas. This is an important piece many Zettelkasten practitioners miss. This quote from How to Take Smart Notes captures how to choose keywords: The way people choose their keywords shows clearly if they think like an archivist or a writer. Do they wonder where to store a note or how to retrieve it? The archivist asks: Which keyword is the most fitting? A writer asks: In which circumstances will I want to stumble upon this note, even if I forget about it? It is a crucial difference. I avoid generic keywords such as “Psychology.” Instead I create keywords based upon patterns I see, which inform theories I’m working on. Not #writing, but #IcebergPrinciple For example, one note I have is based upon the advice of screenwriting instructor Robert McKee. In Story, McKee says: A finished screenplay represents, obviously, 100 percent of its author’s creative labor. The vast majority of this work, 75 percent or more of our struggles, goes into...creating the climax of the last act. For my Permanent Note, I of course re-wrote McKee’s advice in my own words, but what tags did I use? The generic approach would be to tag it “#writing” or “#screenwriting.” But how would that help me? Instead, I think about how this advice supports (or refutes) an idea I’m working on. It reminds me of other writing advice, this time from Ernest Hemingway: I’ve seen the marlin mate and know about that. So I leave that out. I’ve seen a school (or pod) of more than fifty sperm whales in that same stretch of water and once harpooned one nearly sixty feet in length and lost him. So I left that out. All the stories I know from the fishing village I leave out. But the knowledge is what makes the underwater part of the iceberg. An iceberg? In another passage, Hemingway explains: The dignity of movement of an ice-berg is due to only one-eighth of it being above water. This Hemingway advice is so beautiful, I’ve made it the basis of one of my keywords. I call it the #IcebergPrinciple. Basically, any creative work you see is the tip of the iceberg. There’s much more work and knowledge going on behind the scenes. McKee’s advice is about how 75 percent of the work on a screenplay goes into the climax. This advice is connected to Hemingway’s advice about most of an iceberg being underwater. So, my Permanent Note for the McKee quote is not tagged #writing, nor #screenwriting, but #IcebergPrinciple. Should related notes share the same tag AND be linked? The two notes from Hemingway or McKee could be not just tagged with the same thing, but also linked to one another. Should they share the same tag, and also be linked? There’s no right answer. On one hand, it’s redundant to link them to one another and also have them share the same tag. On the other hand, does it really hurt to do both? This is the kind of internal debate I honestly haven’t resolved yet. I do whatever seems right in the moment, and if I run into problems, I’ll formalize my approach. Linking helps spawn ideas (with example!) The act of linking two notes serves a different purpose from the act of choosing the right tags for a note. As I’m making a Permanent Note, I take a moment to think of whether there’s a connection between this and any of my other notes. This is when ideas you never would have thought of otherwise come to mind. For example, I’ve been collecting some notes on survivorship bias for an upcoming article. I tag these notes with #SurvivorshipBias. (Admittedly this is a generic-sounding tag, but I have my own personal ideas about it.) But while I was creating my note about The Queen’s Gambit, and the fact that it took 37 years for it to become a best-seller, I wasn’t thinking about survivorship bias at all. I tagged it #LongNights, my personal tag for stories about “overnight successes” many years in the making. As I thought about what to link this note to, I realized this note was related to a note about survivorship bias. It’s a counter to the popular understanding of survivorship bias. For 36 years, The Queen’s Gambit was one of the stories that “didn’t survive,” but in its 37th year, suddenly it was a survivor. That may not make sense in that short example. A further explanation will have to wait for the article. But this is how linking notes makes you think about the meanings of those notes differently. Tag Indexes build completed work Once I have many notes collected related to a particular tag, I develop a Tag Index. This is a note, stored in my Slip Box or Permanent Note folder, with an overview of my thoughts on that topic. I link to the various notes I have under that tag – as well as any other related notes – then arrange them as a list in an order that makes sense to me. I write short phrases next to each link to add any thoughts that give structure to this logical progression. For example, a #SurvivorshipBias Index may start off with a link to a note called “Abraham Wald overcame survivorship bias to armor planes.” Next to that, I could write a brief phrase, “Wald realized he only saw bullet holes on planes that returned. Survivorship bias is useful for interpreting misleading data.” After that, I could link to the note about The Queen’s Gambit. I could write next to that link, “Not all who haven’t ‘survived’ are dead.” After collecting notes together in this way, I now have an outline, with source material, I can use to build into a completed article, or even a book. And if you’d like to hear how that article turns out, make sure you’re subscribed for the next article. There’s your example of an author’s digital Zettelkasten I hope you found helpful this example of using the Zettelkasten or slip box method with digital, plain-text software. I know writing it improved my own note-taking system. If you’d like to know more about the principles behind this system, do check out my How to Take Smart Notes book summary on episode 249. Mind Management, Not Time Management now available! After nearly a decade of work, Mind Management, Not Time Management is now available! This book will show you how to manage your mental energy to be productive when creativity matters. Buy it now! My Weekly Newsletter: Love Mondays Start off each week with a dose of inspiration to help you make it as a creative. Sign up at: kadavy.net/mondays. About Your Host, David Kadavy David Kadavy is author of Mind Management, Not Time Management, The Heart to Start and Design for Hackers. Through the Love Your Work podcast, his Love Mondays newsletter, and self-publishing coaching David helps you make it as a creative. Follow David on: Twitter Instagram Facebook YouTube Subscribe to Love Your Work Apple Podcasts Overcast Spotify Stitcher YouTube RSS Email Support the show on Patreon Put your money where your mind is. Patreon lets you support independent creators like me. Support now on Patreon » Show notes: http://kadavy.net/blog/posts/zettelkasten-method-slip-box-digital-example
2021's first Patch Tuesday, Titan Security Key side-channel attack, WhatsApp. When is Chrome not Chromium? A major DuckDuckGo milestone. Project Zero in the wild. First Patch Tuesday of 2021. ZeroLogon Drop Dead. NSA warns against outsourcing DoH services. A Side-Channel in Titan. The "PayPal Football" WhatsApp's decision to bring its data into Facebook. We invite you to read our show notes at https://www.grc.com/sn/SN-802-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to this show at https://twit.tv/shows/security-now. You can submit a question to Security Now! at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: business.eset.com/twit expressvpn.com/securitynow canary.tools/twit - use code: TWIT
2021's first Patch Tuesday, Titan Security Key side-channel attack, WhatsApp. When is Chrome not Chromium? A major DuckDuckGo milestone. Project Zero in the wild. First Patch Tuesday of 2021. ZeroLogon Drop Dead. NSA warns against outsourcing DoH services. A Side-Channel in Titan. The "PayPal Football" WhatsApp's decision to bring its data into Facebook. We invite you to read our show notes at https://www.grc.com/sn/SN-802-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to this show at https://twit.tv/shows/security-now. You can submit a question to Security Now! at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: business.eset.com/twit expressvpn.com/securitynow canary.tools/twit - use code: TWIT
2021's first Patch Tuesday, Titan Security Key side-channel attack, WhatsApp. When is Chrome not Chromium? A major DuckDuckGo milestone. Project Zero in the wild. First Patch Tuesday of 2021. ZeroLogon Drop Dead. NSA warns against outsourcing DoH services. A Side-Channel in Titan. The "PayPal Football" WhatsApp's decision to bring its data into Facebook. We invite you to read our show notes at https://www.grc.com/sn/SN-802-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to this show at https://twit.tv/shows/security-now. You can submit a question to Security Now! at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: business.eset.com/twit expressvpn.com/securitynow canary.tools/twit - use code: TWIT
Investment and stock trading app Robinhood stored some user credentials, including passwords, in plaintext on internal systems, the company revealed today. This particularly dangerous security misstep could have seriously exposed its users, though it says that it has no evidence the data was accessed improperly. Better change your password now. Sensitive data like passwords and personal information are generally kept encrypted at all times.
Head Cold, Tea Tree Oil Update, Delayed Medical Thingy, Rage Delete, The Handmaid's Tale, Chernobyl, Swamp Thing, I Cleaned! Dead Mouse, Plain Text isn't Plain Text, WWDC, E3, Amazon, Sega Mega Drive Mini
It happened again. Google announced today that it's the latest tech giant to have accidentally stored user passwords unprotected in plaintext. GSuite users, pay attention. Google says that the bug affected "a small percentage of GSuite users," meaning it does not impact individual consumer accounts, but does affect some business and corporate accounts, which have their own risks and sensitivities.
SANS Internet Stormcenter Daily Network/Cyber Security and Information Security Stormcast
Malware Delivered As a UDF .img file https://isc.sans.edu/forums/diary/Malware+Sample+Delivered+Through+UDF+Image/24854/ Facebook Stored Passwords in Plain Text https://newsroom.fb.com/news/2019/03/keeping-passwords-secure/ Iranian Statesponsored Malware and Data Leaked https://misterch0c.blogspot.com/2019/04/apt34-oilrig-leak.html Windows 8 Live Tiles Domain Takeover https://www.golem.de/news/subdomain-takeover-microsoft-verliert-kontrolle-ueber-windows-kacheln-1904-140709.html
Join your favorite technology consumer advocates Bob & Kevin as they discuss Facebook giving us a real-time, Black Mirror prequel. Bob & Kevin also take a deep look at the "new monopoly" in tech, which is basically coming up with the most ubiquitous platform imaginable... hardware, software, original content... you know, what Apple is trying to become with the release of their fill in the blank plus original content platform. Oh, wow, guess what, this is also straight out of a potential Black Mirror prequel... have you seen 'Nosedive'? or watched our YouTube episode - https://youtu.be/wX-_GNGZXG8 ? Like what you are hearing? Have a topic you want us to cover in an upcoming episode? Drop us a line at https://twitter.com/bobandkevinshow Until next week! Bob & Kevin
Facebook's huge plaintext password fail is the focus of this week's show, as we consider how long this litany of irresponsible security fails can continue. We also take a look at Google Stadia, Myspace loses several years of data, and how to use an app to control your TV. Plus, there's an update on the state of affairs with the potentially devastating Spectre and Meltdown bugs.Christian Cawley and Gavin Philips are your hosts.Here's the shownotes: Facebook storing passwords as plaintext Will Google's Stadia revolutionise gaming? Forgotten social network Myspace loses years of data Using an app to remote control your TV Latest Meltdown and Spectre vulnerability news
Recorded 24th March 2019 This week I am joined by fellow Slacker resident Ivor “the Airship” Pope to see what we thought of this week's hardware releases, Apple's interesting way of breaking the news and Uncle Tim's trip to China. Also Google previewed their coming cloud gaming platform “Stadia” (which appears to work everywhere but iOS), while Microsoft talked up their xCloud gaming push. Of course the news feeds were full of everyone trying to tell us/guess what Apple will unveil on the 25th - but we would rather wait and see what Apple actually have to say (and hope it isn't US only). GIVEAWAYS & OFFERS Listeners of this show can claim $10 off purchases of Luminar and/or Aurora HD 2019 use the coupon code EssentialApple at checkout for your extra discount! Get Photolemur 2 free by helping this YouTube video to 100,000 views. Why not come and join the Slack community? You can now just click on this Slackroom Link to sign up and join in the chatter! We can now also be found on Spotify, Soundcloud and even YouTube. On this week's show: IVOR “THE AIRSHIP” POPE Works on the development of Airlander 10 APPLE Apple made 15 surprise announcements this week — here's everything it unveiled — Business Insider Apple's new AirPods have Siri built-in - BBC News Apple Gets Creative With its Spring Hardware Releases – iPad Insight iOS 12.2 Beta 6 Enables Logitech Crayon Support For iPad Pro – Redmond Pie Apple announces support for NLP's news literacy education programs – News Literacy Project Apple acquires Italian startup that specializes in backend automation – Cult of Mac TECHNOLOGY Google's Stadia game-streaming service lets you play games anywhere, if your Internet can handle it – PC World Google Stadia is a Net Neutrality Nightmare – Variety Project xCloud: Gaming with you at the center – The Official Microsoft Blog How three simple words could be the difference between life and death – Digital Trends Microsoft ships antivirus for macOS as Windows Defender becomes Microsoft Defender – Ars Technica SECURITY & PRIVACY Facebook Stored Hundreds of Millions of User Passwords in Plain Text for Years – Krebs on Security Free, Worldwide, Encrypted Phone Calls for iPhone – Signal Blog WORTH A CHIRP / ESSENTIAL TIPS Nvida GauGAN This Person Does Not Exist Nemo's Hardware Store (33:12) Time Traveler: iPhone & Apple Watch Battery Bank – $80 Premium Leather iPhone Case - Hitcase Ferra – $60 Essential Apple Recommended Services: Ghostery - protect yourself from trackers, scripts and ads while browsing. 33mail.com – Never give out your real email address online again. Sudo – Get up to 9 “avatars” with email addresses, phone numbers and more to mask your online identity. Free for the first year and priced from $0.99 US / £2.50 UK per month thereafter... ProtonMail – End to end encrypted, open source, based in Switzerland. Prices start from FREE... what more can you ask? ProtonVPN – a VPN to go with it perhaps? Prices also starting from nothing! Fake Name Generator – So much more than names! Create whole identities (for free) with all the information you could ever need. Wire – Free for personal use, open source and end to end encryted messenger and VoIP. Pinecast – a fabulous podcast hosting service with costs that start from nothing. Essential Apple is not affiliated with or paid to promote any of these services... We recommend services that we use ourselves and feel are either unique or outstanding in their field, or in some cases are just the best value for money in our opinion. Social Media and Slack You can follow us on: Twitter / Slack / EssentialApple.com / Spotify / Soundcloud / YouTube / Facebook / Pinecast Also a big SHOUT OUT to the members of the Slack room without whom we wouldn't have half the stories we actually do – we thank you all for your contributions and engagement. You can always help us out with a few pennies by using our Amazon Affiliate Link so we get a tiny kickback on anything you buy after using it. If you really like the show that much and would like to make a regular donation then please consider joining our Patreon or using the Pinecast Tips Jar (which accepts one off or regular donations) And a HUGE thank you to the patrons who already do. This podcast is powered by Pinecast.
Phil White, sculptor and carver, on the preservation of Canada's architectural heritage and the creation of new, original works of art documenting the evolution of our country.Stream or download in MP3 format.Also available on Google Play Music, Apple Podcasts (iTunes) and Stitcher. Or, subscribe with your favourite podcast app.Transcript:PDFPlain Text
We're a country of immigrants, but many of us don't give much thought to what that means. On this episode, a discussion with someone deeply aware of a life they escaped, and the gift they try to repay in their daily work.Stream or download in MP3 format.Also available on Google Play Music, Apple Podcasts (iTunes) and Stitcher. Or, subscribe with your favourite podcast app.Transcript:PDFPlain Text
Javier Moreno nos animó a entrevistar a Juan Julián Merelo, profesor de informática de la Universidad de Granada que tiene 15 libros autopublicados en Amazon. En esta entrevista hablamos de cómo usar GIT para escribir, del proceso mismo de escribir y de temas de autopublicar en Amazon. Que lo disfrutéis. [Libro] Aprende Git: ... y, de camino, GitHub de Pablo Hinojosa y Juan Julián Merelo. [Twitter] Juan Julián Merelo: @jjmerelo [Web] GIT Hub. Curso GIT en Github [Wikipedia] MarkDown [Web] PanDoc - A universal document converter. "Issues" del Curso GIT que crearon "Pull requests" del Curso GIT GNU Emacs - An extensible, customizable, free/libre text editor — and more. Org mode for Emacs - Your Life in Plain Text. Atom - A hackable text editor for the 21st Century. [Libro] Manuel, the Magnificent Mechanical Man de Juan Julián Merelo Guervós. [Libro] Historia Lógico Natural de Juan Julián Merelo Guervós. Travis - Test and Deploy with Confidence. Jenkins - Build great things at any scale. [Libro] Er Niño Laí de Juan Julián Merelo Guervós. [Libro] La cuarta taifa de Juan Julián Merelo Guervós. [Web] Lulu - Create, publish and sell your book for free. [Web] Bubok - Distribución nacional e internacional de libros de autores noveles. [Blog] Presentástico [Libro] Confessions of a Public Speaker de Scott Berkun [Web] scottberkun.com/ [Web] CreateSpace - Self Publishing and Free Distributions for Books [Web] Draft2Digital - We put authors first. [Web] SmashWords - Ebooks from independent authors and publishers. [Web] BabelCube - Sell books in new languages. [Libro] Pan Sin Gluten: Principios, técnicas y trucos para hacer pan, pizza, bizcochos, cupcakes y otras recetas sin gluten [Episodio] EB 14 Una conversación sobre educar a contracorriente, programación y videojuegos con Fran Gallego (extra ball) Canción de salida del episodio: Scoreboard by Apollos Hester - Songify This!
Has the War on Drugs become a war on phones? The Apple v. FBI saga made encryption a household issue, but while that case focused on counter-terrorism, the vast majority of law enforcement confrontations with the tech sector deal with drug investigations. Is the “going dark” problem really an issue of national security? Or is law enforcement just trying to solve more drug crimes by getting into locked phones? Evan and Eli Dourado, director of the Mercatus Center's Technology Policy Program, discuss how the War on Drugs fuels efforts to undermine encryption and cybersecurity. For more, see Eli's post in Plain Text.