NC #589 Live Show Sausage Making, Diagramming Live Show, Hangouts Moving, Screensharing, Fit and Healthy NosillaCastaways, Security Bits

In this week’s show we talk quite a bit about the tech behind the live show. I did a new diagram of how I broadcast my audio, Steve’s audio and my video to YouTube Live and to Alpha Geek Media and more. I created it with draw.io and you can see it at podfeet.com/blog/nosillacast-live/live-show-setup/. I made a 1 minute long video for Megan Moronne and Leo Laporte to talk about how the Smartbean from Antec can turn any headphones into Bluetooth, but my cat Ada sorta photo bombed it. I walk through the different methods of screensharing I use, including Skype, Messages and how adding QuickTime into the mix lets you include your iOS screens in the screen share. NosillaCastaways are becoming more fit and healthy because of our recent discussions and i read you a few anecdotes and tell you how even I upped my game because we’ve focussed on the tech. Bart Busschots is back with Security Bits too.


itunes
mp3 download

Hi this is Allison Sheridan of the NosillaCast Mac Podcast, hosted at Podfeet.com, a technology geek podcast with an EVER so slight Macintosh bias. Today is Sunday August 21, 2016 and this is show number 589.

How the Sausage Gets Made

The creation of the live show is a lot of work but it’s something that gives both Steve and me great pleasure. The audio podcasts are by far the most downloaded thing we do at Podfeet Productions, but the live show is still a lot of fun. We’ve seen friendships grow amongst the attendees that go far beyond the live audience discussions, we’ve made friends of course, and I think the audience really enjoys when things go horribly wrong. I think it’s like when you go to a car race you hope nothing goes wrong, but a spectacular crash where the driver walks away unharmed is pretty cool.

Last week on the show I had a weird audio problem where the live audience and I could hear Steve in the Hangout on Air, the live audience and Steve could hear live audio from playback in my audio recording software Amadeus Pro, and everyone could hear me. But the minute I turned on streaming to the live audience through the purely audio (not video) feed, I couldn’t hear anything at all. It would make it just a tad difficult for me to edit the audio show that way, right?

Before I tell you the next part, I want to give a shout out to Dan, aka DANVA3ETS in the live chat room for being the one who helped me actually solve my audio problem this week.

Sausage grinder from kevinAnyway, when something like this happens, and I have to spend time diagnosing it, I’ll often share my screen and noodle the problem out loud with the audience in the chat room. The audience has a term for this, they call it “watching the sausage get made”.

Probably one of the longest standing members of the live audience with the best overall attendance record, is Kevin Allder, aka Big_in_VA. He is also the self-avowed wingman to Steve. Well this week, he sent us a little present. He sent…a sausage maker. Technically it’s a meat grinder but it says right on the front that you can make sausage with it.

It’s just this kind of dedication to quality and seriousness that makes the NosillaCastaways the best audience in the world. I’m willing to bet some serious money that no other podcaster has been shipped a sausage grinder. If you came to the live show, you’ll know that of course I did a live unboxing.

Diagramming the Live Show

Last week I told you about a free diagramming tool called draw.io that I suggested you could use instead of Omnigraffle. After the débâcle with the live show audio, I went back to review my diagram of how the show works (podfeet.com/blog/nosillacast-live/live-show-setup/) and realized that I’d made some changes since the last time I updated it. I do the diagram for two reasons, one to remind myself of what I’ve done, but also when I have to draw it, it makes me review to see if what I’m trying to do makes sense.

I realized that to edit the diagram I would have to launch Omnigraffle. That got me thinking I should put my money where my mouth was and see if I could reproduce the diagram using draw.io. If I could remake that diagram and make it look good, and also not find myself swearing at the tool, that would really prove it out.

I enjoyed remaking the diagram so much that I stayed up super late working on it. I had easily and quickly replicated what had taken me far longer on Omnigraffle (and frankly it was slightly prettier on the free draw.io), but I became so inspired that I started to improve on the diagram. I added a page of explanation of what I was trying to accomplish (read that as “what problem are you trying to solve?”) because I thought anyone looking at it might need that to understand why each piece was there.

Then I realized that the single page model with all the hardware and software listed AND the flow of audio and video being all on one page was getting too cramped, so I spread it out onto separate pages.

In the morning I had an epiphany of something else I forgot to include. But I was lounging in bed with my iPad Pro, a cat, and a cup of coffee. If I’d done the diagram in Omnigraffle I would have had to get out of bed and disturb the cat because I never paid the extra $50 for the iPad version. But since I used draw.io, I was able to easily edit the diagram without upsetting Grace. It wasn’t quite as easy as doing it on the Mac, but every bit of the functionality was available to me.

I had a blast doing it, and in fact in the middle of writing up these notes about it I got all crazy and changed a bunch of plain boxes into pretty icons representing the tools. You can lose hours playing with diagrams like these! I justify my obsession though that if I pay attention to making it look good, it tells the story better. You can see a mic an know it’s a mic instead of having to read it. If a line is slightly skewed, it will take your brain out of the moment. In any case, if you want to see the diagram of the sausage getting made, you can see it now over at the link in the shownotes.

Google Hangout on Air Moving

Steve and I use Google Hangout on Air to create the video component of the live show. As of September 12th, Google will move Hangout on Air out of Google Plus and into YouTube Live. It’s not any big catastrophe, but it will take some learning by Steve and me on how to do this. this afternoon we did a practice session from YouTube Live with Denise Crown as our “audience”. It was a bit meta as we started with a normal Hangout on Air the old way and I shared my screen so Steve and Denise could help me figure out what buttons to push in YouTube Live to make it go.

Denise finally cracked the code, so we dumped that Hangout on Air and started a new one and it worked perfectly. The only thing we’ll lose is that if you’re used to getting an invitation through Google Plus that won’t exist any more. On the other hand, maybe it irritated you that I invited you ever week! The good news is that the chances of me crashing and burning in creating the live show will go up dramatically for the next few weeks! If you haven’t been before, check it out at podfeet.com/live.

Smartbean + Ada

Like many others, Leo Laporte and Megan Moronne of iOS today, have been wringing their hands about the possibility that Apple will get rid of the beloved headphone jack. I’m not terribly worried about it because I use the Smartbean from Antec that I’ve told you guys about a bunch of times. You plug in any standard headphones into the Smartbean and it turns them into Bluetooth headphones.

Anyway, I decided to make them a little video (they love viewer-contributed videos) about the Smartbean. I did about 20 takes for this dumb little 1 minute video but finally I nailed it all the way through. If you’ve ever been to the live show, you will have noticed that from time to time my cat Ada (named after Ada Lovelace) has a bad habit of jumping up on the back of my chair when I’m recording. Well, she did it when I made the video for Megan and Leo on the ONE time I nailed it. So I published it with her in it! It’s short, and mildly humorous so I put a link in the shownotes to the video for your enjoyment. If you watch iOS Today they said it should air on Monday.

Blog Posts

Mac and iOS Screensharing with Skype, Messages and QuickTime

NosillaCastaways Are Getting More Fit and Healthy

Security Bits

Important Security Updates

  • Patch Tuesday has been and gone, with important security fixes for Windows, IE, Edge, Office, and Skype – krebsonsecurity.com/…

Important Security News

  • Quadrooter – four bugs in the Qualcomm firmware on about 900 million Android devices that give attackers full root access to devices. Three of the four bugs have been patched, and a patch for the fourth is on the way, but as usual, users are at the mercy of their vendors and carriers to get those patches – arstechnica.com/…
  • A bug has been found in the Linux kernel's implemention of a new feature in TCP that could allow attackers inject content into un-encrypted network traffic. Neither Windows nor OS X have added support for the troublesome new TCP feature (ironically intended to add more security to TCP), so this problem only affects Linux devices (including Android devices). A fix is being pushed out. Only one party in a communication has to be vulnerable for the attack to work, so Windows or Mac users browsing to Linux-hosted servers would be vulnerable. Encrypted connections, e.g. HTTPS can be interrupted by attacks, but malicious content cannot be injected into encrypted connections. This is another one for the sysadmins to fix – nothing you can do other than be extra-suspicious of non-HTTPS websites – arstechnica.com/…, nakedsecurity.sophos.com/… & arstechnica.com/…
  • A Microsoft whoopsie leaks enough information to allow attackers with physical access bypass secure boot on Windows devices where that should not be possible. Because of a poor choice of words by the security researchers who reverse-engineered code published by Microsoft to derive their attack, this is being widely, and wrongly, reported as a leaked master key. No key was leaked. You could argue the effect is similar, but anyone who mentions a 'golden key' being leaked is factually wrong – arstechnica.com/…
  • Google is adding more warnings to Gmail to help users spot dodgy emails – nakedsecurity.sophos.com/…
  • The US Social Security Agency have removed the requirement to use SMS-based 2FA they added just a few weeks ago – SMS-based 2FA remains available, but is no longer compulsory – krebsonsecurity.com/…
  • Security researchers demonstrate an attack that intercepts tokens sent by Samsung Pay phones to credit card terminals, and then uses those tokens to make fraudulent purchases. The scanning device is small enough to be mounted on an attackers arm and hidden under a coat. Physical proximity is required at the point in time that the victim tries to make a purchase. Samsung consider the vulnerability to be an "acceptable risk" – www.macobserver.com/…
  • NIST, the US's National Institute for Standards and Technology, is working on new password rules for the entire US public sector, and the process is being carried out in the open on GIT Hub – so far, the policy looks very sensible, and would form a good basis for policies in the private sector too – nakedsecurity.sophos.com/…

Notable Breaches

  • The support portal for Oracle's MICROS point-of-sale terminals has been breached. Merchants who use the terminals have been asked to re-set their passwords, and there is a risk that attackers could have used the access they had to push malicious code down onto POS devices managed through the customer service portal – krebsonsecurity.com/… & krebsonsecurity.com/…
  • 20 HEI hotels suffer credit card breach affecting tens of thousands of cards between December 2015 and June 2016 – arstechnica.com/…

Suggested Reading

  • Naked security explain the pros and cons of SMS -v- authenticator app-style 2FA – nakedsecurity.sophos.com/…
  • Naked security remind us not to trust password strength meters – they are not accurate – nakedsecurity.sophos.com/…
  • What your hacked account is worth on the Dark Web – nakedsecurity.sophos.com/…
  • Brian Krebs warns road warriors to be careful what they plug their devices into – krebsonsecurity.com/…
  • Security researchers detail two new vulnerabilities that allow hackers to clone key fobs for over 100 million cars, including everyere?? VW sold since 1995 except for the most recent Golfs, and cars from other makers including Alfa Romeo, Citroën, Fiat, Ford, Mitsubishi, Nissan, Opel, and Peugeot – arstechnica.com/…
  • Researchers demonstrate another cool air-gap jumping technique – sending data with hard drive sounds – arstechnica.com/…
  • Project Sauron – the latest state-sponsored malware to be discovered. It appears to have gone un-noticed for five years of use – arstechnica.com/…
  • Copperhead OS – a hardened version of Android for Nexus devices – arstechnica.com/…
  • Faceless Recognition – facial recognition that works even when your face is obscured – nakedsecurity.sophos.com/…
  • Advanced hacking tools used by NSA-tied hacking group have been leaked by another hacking group – arstechnica.com/…
  • RELATED – Cisco confirms the hacking tools contained a zero-day exploit that has been in use against its firewalls for years – arstechnica.com/…
  • Two blackhat talks show that while Chip & Pin may be an improvement over mag strip cards, they are not perfect – arstechnica.com/…
  • A Canadian court rules that SMS messages are not private – nakedsecurity.sophos.com/…
  • Democratic and GOP leaders got a secret briefing on the DNC hack from intelligence officials last year – arstechnica.com/…

Pallet Cleansers

That’s going to wind this up for this week. Don’t forget to send in your Dumb Questions, comments and suggestions by emailing me at allison@podfeet.com, follow me on twitter @podfeet. Check out the NosillaCast Google Plus Community and our Facebook group at podfeet.com/facebook. If you want to join in the fun of the live show, head on over to podfeet.com/live on Sunday nights at 5pm Pacific Time and join the friendly and enthusiastic NosillaCastaways. Thanks for listening, and stay subscribed.

2 thoughts on “NC #589 Live Show Sausage Making, Diagramming Live Show, Hangouts Moving, Screensharing, Fit and Healthy NosillaCastaways, Security Bits

  1. Rob - August 26, 2016

    Great show, but UK listeners be warned live.atc app won’t work for UK airports. Very sad about this as I’d pulled the car over to download such was my excitement!

  2. RC Matrix - August 26, 2016

    Here’s the link fo the Stanford infographic that Bart mentioned, in case anyone is interested.

    https://uit.stanford.edu/service/accounts/passwords/quickguide

Leave a Reply

Your email address will not be published.

Scroll to top