Change your defaults..

This is why you should change your default password.

During a meeting tonight our digital projector went into a screensaver mode and displayed the wireless network it was broadcasting (Shame on you Epson). It eventually went to another screen save that gave me the brand. With a little DuckDuckGo searching I was able to log in with the default password and username. I was able to log in and access the projector interface. As you can see, there is a lot of control. I didn’t even screenshot the config page! It was during the end of the meeting so I thought I’d try shutting it down. After I hit the button twice the projector shut down before the meeting. No one really seem to take notice. Bizarre. I wonder if someone did and if the password will change soon.

Sadly many places here where I live in SE Asia don’t bother to change the default passwords to wireless access points, or other network devices. If someone wanted to, the could shut down the legitimate wireless network, change the password and start broadcasting the SSID with a device that captures all the traffic and do a man in the middle attack. Or they could just be a pesk and continually reboot the device to frustrate others. Additionally could gather info on other devices and attempt to gain access or exploit them. Either way it’s a good reason to change your default passwords.

Protonmail and 1Password

I was an earlier adopter of Protonmail and have had my account maybe for a year or so now.  Protonmail is a swiss based email provider that offers true secure email through your web browser (and mobile app). This email service lets you send encrypted emails and attachments to others on other email systems like Gmail, yahoo, etc. They are a little slow in releasing new features but are methodical in their development and provide a solid product. They have started offering some great tools like custom domain names and iOS and Android Apps, and providing additional storage and a great user interface.

A good friend of mine always says security and convenience are always in tension – it is very difficult to have both. We must evaluate the level of security needed in relation to the ease of use which is often diminished.  Protonmail would likely be troublesome for some as they requires two (2) passwords. One for account login and one to decrypt your mailbox. This means you should use two unique passwords that you don’t use for any other website logins…right?

Read more