BC TECH
Saved by @zmbnski

Just published 15,000+ words on security keys. 🔐📱💻

With SIM attacks at their highest, now is a great time to take a closer look at your online security.

Removing SMS from your two-factor auth is a start, but authenticator apps have downsides too...

https://t.co/Dk0MPJHL2V

 Just look at these headlines from recent SIM swap and port attacks.

It's all too established for attackers to find ways to socially engineer control of your phone number and start gaining control of your accounts.

I first talk about some general security tips.
Unfortunately not all websites let you remove your phone number from accounts.

You may consider migrating your phone carrier to @googlefi , which requires email account access to do anything (and can be locked down with security keys and even Advanced Protection)
Beyond SMS, I talk about issues that TOTP authenticator apps (the code generators) have as a form of two-factor auth. They're so, so much better than relying on SMS for your second factor but they still have issues like utilizing shared secrets and lacking phishing prevention.
Enter security keys!

Utilizing public key cryptography they don't have any shared secret between the client and the server. They prevent phishing by taking the website domain into account.

Even if you get tricked by a clone phishing website, your key won't.
Keys have been around for a while under various names and technologies. Recently it was FIDO U2F + CTAP1 but now we have FIDO2 WebAuthn with CTAP2..

It's all very confusing...
Security keys are great for two-factor auth but FIDO2 has a vision for more: support for platform authenticators (like fingerprint readers and other biometrics) as well as being able to use them for "passwordless" authentication. https://t.co/qHI8n8x8m6
But this area is still nascent. Plagued by years of sub-par security key support across browsers. Things have been getting better in recent years with recently updated NFC support on iOS 13 but it's still a waiting game until things are made easier.
Which brings the question.. Why must I carry around an extra device just to be safe online?

You shouldn't. WebAuthn aims to change that.

But for now, security keys—combined with strong online security best practices—are a great way to fortify your regular online activities.
This article was so long (like all of mine) that I took the time to build this little fly-out table of contents browser 🤣
I also went out of my way to design these little security key icons in figma while I was writing this 😍 cc @Yubico

More from Tech

Nicolas
Nicolas
@necolas
A brief analysis and comparison of the CSS for Twitter's PWA vs Twitter's legacy desktop website. The difference is dramatic and I'll touch on some reasons why.

Legacy site *downloads* ~630 KB CSS per theme and writing direction.

6,769 rules
9,252 selectors
16.7k declarations
3,370 unique declarations
44 media queries
36 unique colors
50 unique background colors
46 unique font sizes
39 unique z-indices

https://t.co/qyl4Bt1i5x


PWA *incrementally generates* ~30 KB CSS that handles all themes and writing directions.

735 rules
740 selectors
757 declarations
730 unique declarations
0 media queries
11 unique colors
32 unique background colors
15 unique font sizes
7 unique z-indices

https://t.co/w7oNG5KUkJ


The legacy site's CSS is what happens when hundreds of people directly write CSS over many years. Specificity wars, redundancy, a house of cards that can't be fixed. The result is extremely inefficient and error-prone styling that punishes users and developers.

The PWA's CSS is generated on-demand by a JS framework that manages styles and outputs "atomic CSS". The framework can enforce strict constraints and perform optimisations, which is why the CSS is so much smaller and safer. Style conflicts and unbounded CSS growth are avoided.
TECH
Mike Metzler
Mike Metzler
@MTZLER
I’ve been flooded with Snapchat Spotlight questions after posting I’ve qualified for a payout 4 times. Here are the answers to the most common questions I’ve gotten in my DMs. These answers are my own experience and may differ from others .

Q: How will I know if I am getting paid?
A: You will get a message from Team Snapchat that looks like the below message 2-3 weeks after the snap has gone live. At this point it important that you verify your email address.


Q: How long after I’ve been notified I qualify, will I know for how much?
A: my experience is that usually 7-10 days after you get the qualifying message, you get a message with the amount, it will look like this. This message will include a unique access code for HyperWallet.


Q: How do I set up my HyperWallet?
A: Around three weeks after you get the payment amount you will get an email to your verified email from Snapchat Pay. It will look like this and will require you to fill out some tax forms, takes like 10 min.


Q: How long does it take to actually get the money in my account?
A: it took me like 7 days from when I had my HyperWallet approved before I got the money into my HyperWallet account. I recommend you set up auto withdraw. You can send money to PayPal, Venmo or bank account.
TECH
Advertisement
Wilbert Liu \U0001f468\U0001f3fb\u200d\U0001f3a8
Wilbert Liu 👨🏻‍🎨...
@wilbertliu
These past few days I've been experimenting with something new that I want to use by myself.

Interestingly, this thread below has been written by that.

Let me show you how it looks like. 👇🏻


When you see localhost up there, you should know that it's truly an experiment! 😀


It's a dead-simple thread writer that will post a series of tweets a.k.a tweetstorm. ⚡️

I've been personally wanting it myself since few months ago, but neglected it intentionally to make sure it's something that I genuinely need.

So why is that important for me? 🙂

I've been a believer of a story. I tell stories all the time, whether it's in the real world or online like this. Our society has moved by that.

If you're interested by stories that move us, read Sapiens!

One of the stories that I've told was from the launch of Poster.

It's been launched multiple times this year, and Twitter has been my go-to place to tell the world about that.

Here comes my frustration.. 😤
TECH
Silver Kayondo
Silver Kayondo
@SilverKayondo
Last weekend, I made a threat on the ongoing #SocialMedia shutdown in Uganda and some implications on the future of #internet & Uganda's #digital agenda.

The thread attracted a lot of engagement and questions. Tonight, I will share some final thoughts on the subject. (1)

Conceptually, social media sites are the largest on-boarding platforms for internet users in Uganda. Notably, Facebook, WhatsApp, Twitter, Instagram & Snapchat attract the highest internet traffic- which drives demand for other platform services e.g Google and Zoom recently.


So- when we talk about an "open internet", we mean the FULL resources of the internet. Any encumberance on selected applications has ripple effects across the entire network thus jeorpadizing standardization of internet/data transmission which is essential for innovation & growth


Furthermore, shutdowns hinder network interoperability (technical ability to plug/link one digital product or service into another product or service). Interoperability is the heart of the "Internet of things" eg business, devices, networks, services, e-govt, integration etc #IoT


Because the internet is a global resource, shutdowns enhance a digital divide (the gap between demographics and regions that have access to modern ICTs, and those that don't or have restricted access). Ironic that 3rd world countries have the highest number of shutdowns globally.
TECH
Jen \u26a1
Jen ⚡
@leoniedelt
Been reading up a lot about these jabs, esp as I know they are going to be a condition of a return to normality

Was on a zoom call last evening with a testing company that had some fascinating evidence on protection etc.

I have more reading to do.

I do not want to be coerced into something I don't want, BUT i want normal back as soon as possible.

Basically i'm at the point in my isolation and thinking that I'll take whatever just so this bullshit can end.

That is a desperate mindset, but so is 12 months of being cut off from the world.

All i have is what goes round and round in my head.

There's no one else to help balance it.

So i'm in group 6, and my surgery are doing group 6 right now. And i am at the point i want to do it to get it DONE.

And also to study what happens. Because i have that kind of mind.

I remember Pandemrix.

But we live with risk every day.

I risk my life climbing walls with only a harness around my waist to catch me as i lean back and fall off

And rational risk assessment is at the heart of everything going wrong these last 12 months
TECH

You May Also Like

Emma Hilton
Emma Hilton
@FondOfBeetles
This is Kuinini ‘Nini’ Manumua, the woman who was ultimately displaced by inclusion of Laurel Hubbard.

She’s 21, and it would have been her first Olympics.
ALL
Fidato
Fidato
@tequieremos
A thread on the life and achievements of Muhiyudin Sayyid Abdul Qadir Jillani RadiAllah who served Islam infinitely as the Reviver (Mujadid) of the 11th Century!


Muhiyudin Sayyid Abdul Qadir Jilani (RA) was one of the greatest Islamic Saint, Scholar, and Jurist. The honorific Muhiyudin denotes his status with many Sufis as a "reviver of religion". Jilani refers to his place of birth. He also carried the epithet Baghdadi.

[1]

Sheikh Abdul Qadir Jilani was born on the eve of the 2nd of Ramadan 470 AH. His birth was a great blessing for the Ummah. It was the arrival of the Sultan al-Awliya (King of the Awliya) of that era, which had been foretold for centuries before his birth.

[2]

When Hazrat Abdul Qadir Jillani was asked by someone what brought him to his high spiritual level, he said, The truthfulness which I promised to my mother. He related the following story:
"One day, on the eve of Eid al-Adhā, I went to my mother, who was then a widow and..

[3]

..and requested her, 'Send me to the path of Truth, give me permission to go to Baghdad to acquire knowledge, to be with the wise and those who are close to Allah. She cried, but she brought out 80 pieces of gold, which was all that my father had left as inheritance.

[4]
RELIGION
Advertisement
Vibhu Vashisth
Vibhu Vashisth
@VIBHU_Tweet
AGAMA SHASTRA:THE SCIENCE BEHIND THE MARVELS OF HINDU ARCHITECTURE

Agama Shastra is a Sanskrit word that means the manual for worship, temple building, rituals etc in Hindu Tradition.From Sanskrit,agama means handed down by tradition and Shastra means a commentary or treatise.


Therefore, Agama Shastra is a collection of ideas that drafts the rules for worship, temple construction, spirituality and rituals. It has been a guideline for many Hindus from ancient times. It's a collection of Sanskrit, Tamil and Grantha scriptures that mostly contains...


...methods of temple construction, idol creation, philosophical doctrines and meditative practices. It came into being after years of assimiliation and from a variety of sources. Some parts of it are pre-vedic while some are post-vedic.


Hindu Temples are not just temples, they are the pride and identity of Hindus. They are the symbols of Hindu unity and their religious aspirations. Temples are the places of spiritual healing and are our connection with the creator almighty.


Temples are the priceless treasure of our History, Heritage ,Art & Architecture. Architecture that mesmerises and spell bounds you. And Agama Shastra is that very text which is responsible for such a mesmerising and spell binding quality and beauty of our Hindu Temples.
ALL
Julien \U0001f332
Julien 🌲
@julien
1/ there is this sense when you are young that your accomplishments need to be a list of things that seem impressive to others. A list of several items you did.

This isn't actually right, so here is another suggestion.

2/ I remember being 26 and writing about reading 52 books a year. I wrote blog posts about it. They got copied. It became "a thing." Now it's in Twitter bios. It looks impressive but it's insanely useless and I shouldn't have done it.

3/ what I should have known at that time is that only young idiots like myself, with no accomplishments, find list of tiny achievements impressive. Anyone who has actually done anything of substance doesn't gaf

4/ what is actually difficult, and worthwhile, instead is to do ONE single thing for a very, very long time. It's much harder and much rarer and results in outlier outcomes much more often.

Of course you can find this out too late if you are chasing the dragon of Ted talks etc

5/ if I had only worked on a startup for a year, I would've gotten nowhere, the same way that if you lift for 3 months, it achieves nothing. Everything good in life comes from perseverance, but at the beginning, you're just like "I need to be somebody!!!"
LIFE
FT Trading\u2503Stock Trader
FT Trading┃Stock Trade...
@FT__Trading
Ever wonder how traders get in stocks before they explode? 🧐

Or find options that move 1,000% in a single day/week?🤯

I made a thread going over exactly how I find these stocks BEFORE they take off 🚀
👇👇👇

So, let's start with the software I use…

Finviz!! Finviz is a free website that I use to scan for stocks.

They have a lot of other cool features as well, but I only use their scanner.
👇

Head on over to finviz and go to the screener

Click on the “All” tab on the top and put in the criteria in the next tweet
👇

This is the first scan that I use for bullish swing setups
✅Quarter +10%
✅Week Down
✅Vol over 400k
✅Optionable
✅Price > $20
👇


The next scan I use is the opposite of the first one.

Simply change:
✅Quarter +10% to -10%
✅Week Down to Week up

This is my bearish scan for swing setups. 👇
TRADINGTHREAD , OPTIONS