Speaker Key: PB Phil Brown, DW David Whelan
PB : It's Phil Brown and I'm here with David Whelan and welcome to part four of our Jargon 2015 podcasts. And I would suggest you go back and listen to the rest which would be from A to Q and now we're going embark on the letter R. David what do you have for the letter R?
DW : Alright Phil. We're going to get a little bit into the dark depths; we're going to talk about rooting. So you can root your phone or, in the case of Apple devices, you call it jail breaking. And what it allows you to do is to take control of the operating system. Currently, when you buy a device, an Android device or an iOS device, the operating system is actually administered by the operating system or the device. And so you can't make changes, you can't get down into the internal innards in the same way that in Windows you might open a command prompt and then be able to type commands. It limits some of the access that you have to your own device and so if you root your device or jailbreak it, you can apply additional rights, administrator rights that allow you to get access to these other things and in some cases to install additional software and that's why I do it on all of my Android devices. I will root my device and then I will apply a firewall and I'll use the firewall then to block all of the incoming and outgoing traffic that I don't want to have happen on my phone, so that I always know which apps are communicating. So, from that perspective, I like having that extra control. It will invalidate your warranty in almost every case, so I don't know that I'd recommend it for everybody, but, at least you know now that when people talk about rooting a device or jailbreak, really all they're doing is taking administrative control of their actual device.
PB : And you're also doing the letter T after and I'm wondering if that's going to turn out to be tinfoil hat. But let's talk about the letter S, which is mine. And for the letter S, I have SMTP, which everyone uses and no one really pays much attention to its operating in the background of all of our emails and it's simple mail transfer protocol. It is not the part that actually determines how you receive emails and how they're displayed and so on, but, it really sets up the coordinates to say you know this is the email you've constructed in your computer, now sent it out this particular port, send it over the internet and this is the destination that it's headed to.
DW : And the S really does mean simple. When I set up my first email server, it will send anything that it receives and so if you don't secure it, you can end up as a spamming source on your email server. So make sure even if it's simple it's not Simple Simon.
PB : Right, and I think we've talked about in the past in fact we have a podcast about how email works and we've talked about things like POP and IMAP before. So if you're interested in POP and IMAP you might want to listen to our podcast on how email works because we talk a little bit more about the delivery and how you actually receive and display the emails and what happens if you delete one kind and not the other kind.
DW : Alright so no tinfoil hats for T unfortunately. I'm going to talk a little bit about two-factor. Two-factor authentications are exploding in interests now in part because people are more fearful of people tampering with their accounts online. So we're starting to see that with our online accounts. It started with Google and with a number of the online professional services systems. Now we're seeing it on sites like Amazon. And what it allows you to do is to supplement your user name and your password on these online sites with an additional piece of information. That additional piece of information is usually a number that is texted to you or is generated in an offline app like Microsoft Azure Authenticator, or Google's Authenticator app and so if you've got your phone or your tablet with you, you just open up your device, you open up the app and it will show you the code that you then need to type in and that will assist you in logging into these sites and also slow down the ability of other people to change information about your account or to access your account merely by trying to guess your user name and password.
PB : And I know we both use two-factor authentications. One of the things I really like about it is if you sign in to your device, or your account rather from a different device or from a different location it notifies you as well by email to say: "Hey you have a new log in from this iPhone which is never been used before into your account. Did you do that?"
DW : Yeah, it's great to have them watching for you because again you will get surprises sometimes about which devices are accessing it and sometimes it's a kid or somebody else that you intended to get in there and sometimes it isn't. One thing to keep in mind with the apps if you use the Microsoft account app, the only way to get those account numbers is via text. One of the nice things about the Google and the Microsoft Azure Authenticator is that it's totally offline, so you don't need to be able to get a phone signal in order to be able to get your code to put it into your system.
PB : And since this is an alphabetical jargon podcast, how's the Microsoft app spelled?
DW : A-Z-U-R-E Authenticator.
PB : And that's a zed for the Canadians out there listening.
DW : Alright what do you have for U?
PB : For U, I have URL. Everybody talks about URL's or has heard the term URL, but might not know that it stands for one of two different things. They couldn't decide. One is the Universal Resource Locator and the other is the Uniform Resource Locator and it's basically the address of the webpage. So, when you type at the top
[www.lsuc.on.ca], it actually points at a particular four component series of numbers which is the internet protocol address that is out there somewhere that connects your URL to the actual computer that you're trying to connect with.
DW : Right, and it's uniform because if that number changes, if the Law Society got up and moved all of its servers to a different company. Say they left Bell, for example, and went to a different provider that URL would continue to work even though all those IP addresses had changed.
PB : It's uniform and it's unique as well, although there are often sub addresses and so on. And each device you're using has a unique address as well.
DW : Alright for V I've got VPN. The virtual private network. VPN's are great, lawyers should use them whenever they leave their offices and they are using devices that have client confidential information on them. It allows you to have a protected connection over the Internet. It's like a little encrypted pipe that only you can access and between you and wherever the VPN terminates, you can get to other places without having to worry about people eavesdropping on you. Some people will use it to get past geo blocks so that they can watch Hulu or Netflix in the US, but it's really good for making sure that when you're doing online transactions and you are in a public place, that you've got a secure connection. You might also use it, you can set up a VPN endpoint in your office so that when you're on the road, you can actually connect back to your office and have a secure connection from wherever you are back to your office and so you don't have to worry about anybody in between.
PB : And we've talked before about clean devices and things like that and this is the perfect opportunity to use a VPN because if you are on the road quite likely you don't have anything other than a public network to use whether it's a hotel Wi-Fi connection or even a hotel wired connection, it still would be considered to be somewhat public and using that VPN within the public network will protect your data or your clients data, more accurately.
DW : That's the most important part. Alright what about W?
PB : And you can see a lot of that coding if you go up to the in your browser and check out the source which no one ever does, but, you can see a lot of that XML coding that's built into that webpage to see what's kind of hidden there if I can put it that way.
DW : But why would you? What do we have for Y Phil?
PB : Y; Yottabyte. Y-O-T-T-A-B-Y-T-E. It's unlikely you will ever run across the term Yottabyte other than it being the largest measurement possible for an amount of data which is two to the eightieth power. You may see it someday in terms of the amount of memory available, but, you know laptops have gone up more and more and more and a megabyte used to be a lot. Now it's pretty common to see five and ten terabyte drives available. And I think eventually you'll see a drive that big, one of the things to remember of course is the bigger the drive, the more information you have on it and if it fails you've lost a lot more information than you intended and I don't know if we'll ever see a Yottabyte drive. It won't be much bigger than the terabyte drives in terms of size, but, the thing to remember is the amount of data you have on there. Especially without any partitions, if you have a drive failure, you're going to lose all of your information which could be more than you expected.
DW : It's funny to think about too because if we think about a new call this year coming out of law school or a new paralegal coming to the profession, their entire career will be something that is stored on a hard drive where a lot of us have a good amount stored on hard drives, but not everything. So they might actually need a single yottabyte drive to last them their entire career.
PB : And it's funny to see even if, I'm dating myself here, but, to see how much computers have changed. I know you know at one point the Macintosh classic was considered to be a portable computer. And I think they weighed about sixteen pounds, but, they did fit under an airline seat. If you zipped them in their little bag, but, just barely. And they had a floppy drive and that was pretty much it and then you know we've lost our five and a quarter inch floppies, but, even now if you look at some of the newer machines, they're getting rid of optical drives, they're getting rid of even USB ports. Apple's gone to a new proprietary port that they have on their machines that's meant to replace the USB.
DW : It's all portable, everything.
PB : And now you have the letter ZEE or the letter ZED; take your pick. And what does Z stand for?
DW : Z stands for Zero-day and Zero-day is getting a lot of press in part because I think everybody's much more aware about how computers are attacked on a regular basis or under threat on a regular basis. A zero-day is short for zero-day exploit and what it means is that someone has identified a problem within a software application. Something that they can use to exploit, to attack, and nobody knows about it. And so, they will save that up. It's been documented that governments saved this up for their attacks and, of course, the criminals do it as well and then when the first attack happens, that's the zero-day, that's the announcement that oh we've got this problem and often a zero-day, the problem with a zero-day is that there isn't any patch for it, there's not fix for it. So if you like many people will use Adobe Flash which was patched on this last Tuesday, it's December 2015 and it had seventy eight patches, a lot of those were in response to exploits that they had found on their own. But, the zero-days happen outside of that world and are things that really are of a concern for all of us because it often means that even though we've patched and done everything we can to make sure our law-firm computers are up to date, that these zero-days suddenly put everything at risk.
PB : And there's a bunch of websites that you or your tech people should be looking at all the time to figure out you know what's going on out there in the world. It's not just enough to do a virus check every day or a malware check every day. You really need to be looking at sites like Symantec, and Krebs and things like that to figure out what's going on out there.
DW : Right. It really is, it's making using technology practice a lot more complicated.
PB : And if you're using a computer and you're on a network, you should be doing a tech audit every year to see you know, make sure your licences are up to date; make sure your software's up to date. That you have all the patches for your browsers, your routers and you mentioned recently having your routers up to date because they do eventually become obsolete.
DW : Yes. And if you don't want to update them then just throw them away and buy a new one, but, definitely don't hold onto the old hardware.
PB : So that is the end of our look at our Jargon podcast for 2015 and we hope you've enjoyed them as much as we have and thanks very much, David.
DW : Thanks, Phil.