10px^2 spacer

rantings & ravings (october 2022)

these are opinions, the only ones that matter (to me, mine), on both various stuffs and various things.


brickcon_2022

brickcon 2022

saturday, october 1st (international day of coffee; international day of older persons)

typically, i don't write about brickcon... 'cause... i just don't? this was my fifth one, fourth in-person. [shakes a fist at 2020.]  i've been to the last five.  anyway, this one was really cool for two things....

i missed stuart harris' presentation about the lego house.  i think i was in a parts draft, i just recall there was a conflict and a parts draft would win out over anything else (at least they have so far).  i'm fairly certain stuart has given this presentation at a prior brickcon, and that i saw it at least in part, but i don't think he was in-person giving it.

a co-worker that i hang out with at the con mentioned how he got stuart's business card and shows me this minifigure.  so, i had to have one too... obvi.  i forget what day of the con this was too.

stuart harris business card

click an image to enlarge new window internal link.

stuart harris business card stuart harris business card

anyway, just a chance thing on the last day of the con, as everything is over and done with save for tearing down and packing up and leaving, i see stuart who seems poised to be leaving the convention hall.  i ask him if i could have his business card and huzzah! he gives me one!

wash your hands

left: stuart harris' original; right: my rendition

i asked him about the "wash your hands" image i saw being passed around earlier during this pandemic.  i knew the first image i saw used his business card minifig, but i didn't know it was truly him who took and posted the photo to instagram.  i had made my own to mock the copycats that were making the rounds at the time.

he also spied the book i had with me, building a dream (more on that later).  he tells me it's a good read or something to that effect.  he also mentions how page 92 is the best.  i keep this in mind.

building a dream

click an image to view uncropped new window internal link.

building a dream kjeld kirk kristiansen autograph

prior to talking to stuart, during the con's closing ceremonies, i won something... finally! no, not a lego set, which i would have wanted.  but no, no door prize for me.  however, i did get selected for a "chance to win" prize thing, for making a charity donation, which happened to be a book, building a dream.  you may have heard about it before.  you could have gotten a copy from the lego house in denmark (and maybe still can, it's a limited printing it has been reported)... or still can get one from ebay probably.  oh... but mine is also signed by kjeld kirk kristiansen, the grandson of ole kirk kristiansen, founder of lego.  so... there's that.  i didn't know i wanted this book until i won it.

also, page 92... it's a picture of stuart.  well played stuart, well played.


mfa_2fa_what_are_they

mfa, 2fa, what are they?

saturday, october 1st (international day of coffee; international day of older persons)

since it's cybersecurity month and all... i've adapted this from something i wrote for work, stripping out references to my employer:

When you attempt to access a secured system, whether that be a digital system, like a computer, or a physical system, like a facility, you need to provide a factor.  A factor can be thought of as a password, like for a computer, or a keycard, like for a facility.  However, passwords can be surreptitiously obtained or even stolen, and keys can be lost or stolen as well.  To combat against this, an additional factor can be combined with the first.  This is known as MFA, more specifically, 2FA.  MFA is multi-factor authentication and 2FA is two-factor authentication.  In the same way that all squares are rectangles, but not all rectangles are squares, 2FA is MFA, but not all MFA is 2FA.  While one term is a subset of the other, many people use these terms interchangeably.

Typically, a factor is going to be at least one of three categories, knowledge, possession, or inherence.  Or more simply, something you know, something you have, or something you are, respectively.  Knowledge could be considered something like a password or a PIN.  Possession could be considered something like a YubiKey, a HID Prox Smart Card badge, a code from an RSA SecurID fob (a type of hard token), or a code from Google Authenticator (a type of soft token).  Inherence could be considered something like your fingerprint or your face.  Most commonly, you'll find MFA to use knowledge with either possession or inherence.  For example, ideally, to access work resources on a computer from your home, you might provide two factors, often your password (knowledge) and a code from a hard or soft token (possession).

MFA provides additional security while also providing some peace of mind.  For example, if you've enabled it, should you accidentally be tricked into providing a bad actor your Google username and password, that bad actor cannot log into your account without also having authentication from Google Authenticator.  Since Google Authenticator is tied to your phone, the bad actor would also need to have access to your phone.  Another example could be if you misplaced your hard token outside work.  If required, anyone else who happens to find it can't simply login at a terminal as you, they would also need to know your password.  These are both examples of 2FA, since they're using only two factors.

You likely already use MFA outside of work if you bank online or are involved in cryptocurrency.  MFA is often a requirement to use these things.  MFA may also be optional elsewhere like for Amazon or Twitter.  It's a best practice to enable, wherever you can, at least SMS (text) based MFA, especially for e-mail accounts that are contact points for other services.  E-mail accounts are targeted by bad actors as access lets them see what services you use and can likely allow them to reset your access for those services.  This can lead to things like reputational damage and/or loss of financial assets.  If you can, use U2F, universal second factor.  U2F can let you provide a second factor for MFA where, in certain instances, you literally touch a USB device plugged into a computer.  For example, a YubiKey can be used for U2F.

Services that support MFA will have guides to help you setup MFA for that service.  Depending on how the service implements MFA, you may be able to use the same soft token app you use for work for these services or vice versa.
©mmxxii ickis, ickis@nerpter77.com mail link.  all rights reserved.  updates rss linkblog updates rss linkprivacy policy.