I decided to develop this weekly solely on a topic I care about, security.

There is nothing more important than security, especially when we talk about online security. We are all connected now and most of our information is online. For this reason, it is important to protect data and all our memories.

Being in the Apple ecosystem, I have aggregated everything into one point, my iCloud ID.

We are talking about data such as:

• Photos and videos
• Notes
• Reminders
• Contacts
• Calendars
• Passwords
• Email
• Documents
• Music

and the list goes on.

All this data is protected by an email and a password. To these two pieces of information, Apple adds a possible two-step verification by sending a code to one of the already registered devices or, in case you do not have access to any registered device, via an SMS to one of the registered phone numbers.

And the use of SMS that brings down the entire security pyramid. SMS is an insecure means of communication, easily interceptable, subject to possible cloning but above all to ’theft’.

For example, losing your iPhone means losing your sim/eSim and therefore the inability to receive SMS for a certain period.

One of the most trivial situations is the one raised by The Wall Street Journal through a video on YouTube. Malicious individuals try to identify the device unlock code which in most cases is a six-digit code. Once the unlock code is identified, the device is stolen and within a few seconds, the iCloud account password is changed and all other devices are disconnected.

The use of SMS for verification is nothing more than another method of accessing your account that can easily end up in the wrong hands.

All this introductory speech to say that the use of SMS as two-step verification should be totally abandoned and replaced with other safer methods such as the use of security keys.

From iOS 16.3 (released on March 21, 2023), Apple has introduced support for security keys for two-factor authentication, eliminating authentication via SMS or other already authenticated devices.

Everything then revolves around only two pieces of information:

• Email and password of your Apple account.
• A security key.

Using a security key eliminates both the six-digit code sent to another registered device and the sending of the same code via SMS.

Through a security key, the possible scenarios of theft or loss of your device are partially eliminated.

The ‘partially’ is always subject to the problem of using a six-digit PIN and entering it in public.

Unfortunately, knowing the device unlock PIN, you can still change the password of your Apple account. This should be completely eliminated or managed differently by Apple.

But, anyway, with a security key, it certainly adds an additional level of greater security, eliminating others that are less reliable. So, since the update to iOS 16.3, I started to reflect on the use of a security key and today I placed the order. Since the only purpose is to associate it with my Apple account, I chose the most “economical” model compatible with iCloud, in this case, a Yubico – Security Key C NFC with USB-C (the price difference between USB and USB-C was only $5).

Apple on own page writes:

Security Keys for Apple ID is an optional advanced security feature designed for people who want extra protection from targeted attacks, such as phishing or social engineering scams.

I disagree, the use of security keys should be the norm for all users who, like me, have all their data connected to a single account.

Be aware that you must have at least two security keys to use them with your Apple account. This is to avoid being locked out in case of loss or theft of one of the two keys. Typically, the first key is kept in a safe place easily accessible while the second is in a remote location for emergencies. The advantage is that once configured with your Apple account, you no longer have to worry about having to “update” or “change” the security key settings.

In conclusion, among the tips I can give:

• Don’t use 4 or 6 digit pins to unlock your device and switch to an alphanumeric code.
• Enable advanced data protection. This option adds end to end encryption to other elements and doesn’t allow others to access your Apple account via the web interface. In this way the management of information is exclusively managed between physical devices.
• Avoid entering your unlock code in public. Use FaceID, TouchID, or proximity unlock with the Apple Watch.
• Check all devices registered to your Apple account and remove those no longer in use. It seems like a trivial tip but I know people who have devices registered to their Apple account that are no longer in their possession.
• Use security keys.
• Do not use your iCloud email to register for third-party services. Instead, use three of the emails that you can create and associate with your iCloud account.
• Always keep backup copies of your data, do not only rely on the cloud. What happened to Google Drive is proof.

AI-powered is the new join on our Discord server.

You realize you’re close to reaching madness when you buy smart lights for the Christmas tree, configure them via a Docker container on your NAS, and use Homebridge to link them to HomeKit so you can change their colors like an idiot from your watch.

Coldplay - feelslikeimfallinginlove 🎵

Move slow and fix things - Veronica Explains - Mastodon

I'm not the gaming type nor am I informed about the latest news, the last console I owned was a PlayStation 2.

Yet I'm sure that everyone occasionally wants to find themselves in a place of absolute calm and relaxation. Certainly, this can be achieved in our own homes, in the affections of the people around us, or from anything else like playing a piece of music.

It's strange but sometimes you want to be in a place where there are no people, where there are no noises, where there are no thoughts. A place where I can be at peace with myself. It's nothing philosophical or spiritual, it's just a moment in which you eliminate all worries and thoughts and focus on something completely different.I'm sure many people would consider this pure madness, yet for a couple of days, I've been finding well-being in something as simple and trivial as a video game, Minecraft. It's not a game that I particularly like, it's not a game that has ever fascinated me, it's not a game that has ever driven me crazy. Yet it's a game that has made me relax, has made me unwind, has made me forget everything else.

It's an idea similar to karesansui or a zen garden that people buy and keep at home. In its simplicity and with a set of musical tracks, Minecraft manages to give a sense of peace and tranquility.

My wife just said, you need to go outside with a camera, you couldn't make this light up. So I did, and I didn't - Steve Carter - Mastodon

First time trying a trackball mouse. Is it really better than a traditional mouse in terms of ergonomics?

The first time I’m pre-ordering something. It’s time to replace my old Apple Watch Series 4. Welcome, Series 10! ⌚️

MacOS Sonoma 14.6.1 update asked me to sign in to my Apple ID again and even required to create a new FileVault disk encryption key.

WTF. 😕

New spacebar! 🐤

After a long time I concluded something I never expected. I'm really happy!

I have concluded a long journey that brought me many sacrifices but just as many satisfactions. I'm happy to start a new chapter tomorrow and do what I like most.

There is a beautiful phrase by Steve Jobs, 2005, Stanford:

“Your work is going to fill a large part of your life, and the only way to be truly satisfied is to do what you believe is great work. And the only way to do great work is to love what you do.

If you haven’t found it yet, keep looking. Don’t settle. As with all matters of the heart, you’ll know when you find it. And, like any great relationship, it just gets better and better as the years roll on”

If you're curious how much music I've accumulated over the years, well, I'd say a lot! 👀

I did a clean format of the Mac and now not even the Apple Time Capsule disk is recognized. Ouch, no more Time Machine.

Well, nothing, even the second disk is no longer accessible. Same story as a month ago. 😕

A small warning to those who use external disks encrypted with FileVault on macOS.

One of my disks was inadvertently disconnected several times and now it's no longer recognized, specifically I receive the error 'A problem was detected with the disk that prevents it from being unlocked.'

I tried various ways to restore it but all without success, in the end I formatted it with another device because the macOS Disk Utility was freezing. And this is just one part, before formatting it, I tried restarting the MacBook with the disk connected and I got a completely black screen with only the mouse cursor visible. As soon as I disconnected the disk, the macOS login screen immediately appeared.

Wtf?

I tried to view all disks from the terminal but even here the command remained indefinitely waiting, ctr+c to terminate everything.

The disk is new and DriveDx has never reported any issues, indeed the conditions are better than my internal disk soldered on the MacBook motherboard.

I've never experienced anything like this and all this made me reflect. The main problem is that I relied on FileVault, thus remaining dependent on macOS.

Having only one MacBook, I haven't had the opportunity to try connecting the disk to another device.

Moral of the story?

Fortunately, I have a backup copy of the entire disk, but I think I will completely eliminate the use of FileVault on all disks to switch back to the old VeraCrypt. This doesn't mean that all problems will be solved but at least I'll have the chance to try mounting the disks independently of the operating system.

Today is World Backup Day.

Another reminder of the importance of saving all your memories and what you care about.

Usually, I don't share all the music I listen to, but I'm curious to know if there's any other crazy person like me out there who listens to music of this genre.

Sometimes I fall asleep to this playlist.

It seems that the new macOS 14.4 update may lead to a change in the FileVault recovery key.

Quite strange, indeed.

Okay, maybe it's excessive, but is it normal "to get pumped" listening to old cartoon songs? 🎵

Gee, forget about the latest hits.

I've put aside local hosting completely for now and opted for iTunes Match. I've uploaded 2k songs and the synchronization went smoothly.

It seems like a really nice service, wish I had known about it earlier.

I wanted to try some self-hosted alternatives for music, and among the recommended ones is Navidrome.

Really not bad, it's working on a Raspberry Pi Zero W and can handle two simultaneous streams on different devices without difficulty.

The new version 0.16.4 of Restic addresses a bug in the compression library found in version 0.16.3.

Users employing maximum compression might experience damaged blobs. It seems that the recommended verification step is to perform a check with the '--read-data' option, which would download the entire repository.

I don't want to fall back into the rabbit hole of configuration as happened in the past, but I wanted to give Obsidian another try for managing long texts and small relationships between them.

Perhaps I've managed to find the right canvas for my thoughts.

For those interested, three extensions: Minimal Theme, Hider, and Style Setting.

Just finished the first run of Undertale Yellow, and it was truly a masterpiece!

I have a lot of CDs and music media that I have bought over the years, plus songs and tracks I’ve produced.

I’m starting to wonder if I really need to continue paying for my Apple Music subscription.

I think the Frugal subreddit is partly responsible for this thought.

Ouch, 26 billion records of data leaks. Interestingly, if all of this involved public keys generated by the use of passkeys, nothing would have happened.

Perhaps more interesting is that MySpace is still being used.

And now, even the offsite backup management is entrusted to an open-source project, Restic.

Crontab for scheduling and pmset for nightly backups.

Last, I've created a small script to quickly access all backups without having to remember commands and configurations.

Thanks Restic!

I think I've reached the height of madness when my friend said “it's like feeling at home” and I immediately thought of the Debian system.

In my opinion, the most useful invention in the world is noise-canceling headphones.

They manage to eliminate the Sunday screams of the neighbors, replacing them with relaxing music.

It's a pity not being able to use them in any situation without others realizing.

Restic features like dry runs and snapshot mounting blow my mind. I'm starting to love this software.

January 2024, and I finally managed to delete Telegram.

Unfortunately, WhatsApp here has the same weight as iMessage in the United States, but at least I have gone from two platforms with doubtful privacy to one. Signal would be the ideal solution for everything, but as always, privacy is the last of the average person's problems.

Am I the only one who feels "uncomfortable" when faced with dozens and dozens of messaging apps?