For laymen like me, watching such videos for the first time really puts off online activity. The only exception I perceive is if you are a real security freak or your activism is simply worth rewarding.
Hey Sun, I completely understand u. You think that using these clickbaits thumbnails, people who click on the video may get disappointed that the content is not what they are looking for. But when someone sees a thumbnail like this, they are just expecting that the content will be useful and up-to-date. And this is exactly what you are providing in the videos. To be perfect, I think that you just need to add some tech info into the titles 🚀
Also, all those security phrases don't use something anyone could relate to you. Or general public information. I accidentally hacked into someone else's email once, and I know nothing! I was trying to set up a school account. I really should have had a coffee or energy drink first! But they were using Yahoo mail. I went out and tried setting this up according to their insutructions. Somehow, I got to an e-mail by a person with a very similiar name to mine. My password wasn't working, so I thought I must have changed it right before I was distracted for a sec. So I click "forgot password" The security question "who won the us open last year". I googled it. Then I reset their password!! I realized as soon as I was in that there were all these emails about golf and it was somebody's account! So...make those security questions really far out there. And the password something no one would ever link to you. Just my advice.
I agree with you, click-baity titles might don't feel like a good a good fit for your content. HOWEVER, if the stats show more reach/interactivity then it's worth it.
Sun I really like the click bait titles. It just makes the content seem more exciting. Also I love your content and am so grateful for it. I litterally had the worst security possible b4 i started watching you and thanks to you it has been vastly improved
What’s a good alternative to a rasberry pi for doing air gapped sensitive operations like cryptocurrency private key stuff? (I realize a hardware wallet is ideal) How secure is orange pi?
Hey Sun! Thank you for your content, I recently stumbled upon your channel and started watching most of your videos! Quick question: why you suggest it is ok to use same password on laptop and password manager? Doesn’t this just open a few extra attack vector? Ty and keep up the good work!
Thank you so much for your content sun, I am addicted to learning more from your channel and admire your effort and enthusiasm. Do you know if there is a safe version of EverNote or OneNote with good note taking / organizing capability that you can share with friends over the internet where your information is encrypted and safe?
I, personally, am loving these thumbnails back but no worries Sun, You can and probably should use the thumbnails you want to be featured. Anyway, Exceptional Video!
Thanks for the support. Using less clickbaity thumbnails does feel right… it’s hard to find the right balance between “gaming the algorithm” vs staying authentic to one’s self knowing it results in less discoverability.
@@sunknudsen Go for it man, no shame. See the clickbait thingy as you helping *more people* get a more healthy approach to their digital life. It's either that or them just clicking another cat video. (:
Hello Sun, just coming to your content now and I can tell you that ironically I almost didn't start watching because of the click-bait headlines. My opinion... Skip that crap. I find your stuff very valuable. I hope that helps.
You mention Trezor but you missed the fact it can also be used as a FIDO2 device which can be recovered with the seed phrase. For that reason I prefer a Trezor or Ledger over a Yubikey
2 bad experiences: I used to use 2FA, but then I came across a post by someone who's phone stopped working and changed phones, and they lost access to everything. LastPass blocked me from my account after we had a power outage, so I used my phone's internet to make an access point for my laptop, went to log in as usual, and they blocked my account. I lost access to everything!
What are your thoughts on people search sites? With just a phone number for example, you can look up someone’s address, full name etc. Opting out of these sites seems useless as the information is public
As a rule, is it generally better to access your most secure info (eg bank account) via secured browser or the app of the company (eg app from bank with account)?
FYI re: credit cards. You don’t need a PIN to use a credit card. I like the new idea but you didn’t read my second question ;-) Thanks for reading the first.
I have this huge problem with windows, to enable disk encription i have to use a microsoft account and link it to my device, How do you Proceed? cuz i've heard windows is a privacy nightmare
It is safer to use both password manager and multi-factor authentication app on contemporary mobile operating systems vs on desktop. That said, when possible, I recommend air gapping both.
WHAT IF YOU FIND YOURSELF IN A DEAD SPOT/DEAD ZONE WHERE A SIGNAL IS FROM WEAK TO NO SIGNAL AND YOU DONT RECEIVE THE 2 STEP VERIFICATION CODE AND YOU TRY LIKE 3-4 TIMES AND STILL NOTHING. IS IT POSSIBLE THAT SOMEONE COULD INTERCEPT YOUR PHONE TO GRAB THE CODE? AND COULD THAT BE THE REASON FOR A WEAK SIGNAL?, LETS SAY YOU USE AN OLD BRICK PHONE (NOT SMARTPHONE), WOULD THAT BE POSSIBLE?
I would recommending avoiding SMS 2FA altogether because of SIM port attacks… using app such as OTP Auth on iOS is more convenient and secure. One level up from there is using a security key such as YubiKey (more on this shortly).
@@sunknudsen OK, GOOD TO KNOW, ITS OFTEN THE UNKNOWN FACTOR THAT HOLDS ME BACK FROM APPLYING THESE SECURITY STEPS. BUT THANKS FOR CLARIFYING THAT UP ;)
It depends on the exploit… theoretically, key material is safe given compartmentalization. That said, someone could exfiltrate password and TOTP token and quickly change credentials to takeover account.
YubiKey never allows to export outside of the secure element any private key material, unless you set it up for using the YubiKey for GPG in which case you provide private & public keys and add it to the YubiKey. Isn’t that?
A good descriptive/standing out thumbnail, with a catchphrase is awesome. But CLICKBAIT is killing RUclips for me. Turns everything into manufactured commercial content. The only reason I like watching your channel is because there is an honesty to the way you present yourself and the content. And isn't this channel all about trustworthiness and honest government vs populism and false advertisement?
Crap! None of the steps mentioned hide your IP address, which is most prominent in being safe online. So, work on encrypting your IP address first, rest everything later.
Could you upload your videos in 4K again? The bitrate of your uploads sadly seems pretty low and it is kind of offputting to be honest, since pretty much every channel uploads in 4K now. I am aware that your videos have their value in your knowledge and not in the visuals, and I am very grateful for your knowledge. But editing wise, your videos are not very complex so it shouldn't make that much of a difference to you I suppose :) Anyway, keep up the good work and I am looking forward to your M1 Mac videos!
On the second part. A super long super secure password that you can easily memorize, use your mothers maiden name+your bestfriend phone number+your first phone number, your second phone number For example, mitsubishi567263820009163574888876351738555 Good luck
For laymen like me, watching such videos for the first time really puts off online activity. The only exception I perceive is if you are a real security freak or your activism is simply worth rewarding.
Yes I appreciate the fact that you are answering questions from the community at the end of the video!
Hey Sun, I completely understand u. You think that using these clickbaits thumbnails, people who click on the video may get disappointed that the content is not what they are looking for. But when someone sees a thumbnail like this, they are just expecting that the content will be useful and up-to-date. And this is exactly what you are providing in the videos. To be perfect, I think that you just need to add some tech info into the titles 🚀
You are one of the bst RUclipsr
I watch you since 376 Followers
Make so on!
Also, all those security phrases don't use something anyone could relate to you. Or general public information. I accidentally hacked into someone else's email once, and I know nothing! I was trying to set up a school account. I really should have had a coffee or energy drink first! But they were using Yahoo mail. I went out and tried setting this up according to their insutructions. Somehow, I got to an e-mail by a person with a very similiar name to mine. My password wasn't working, so I thought I must have changed it right before I was distracted for a sec. So I click "forgot password" The security question "who won the us open last year". I googled it. Then I reset their password!! I realized as soon as I was in that there were all these emails about golf and it was somebody's account! So...make those security questions really far out there. And the password something no one would ever link to you. Just my advice.
I agree with you, click-baity titles might don't feel like a good a good fit for your content.
HOWEVER, if the stats show more reach/interactivity then it's worth it.
Totally, I was about to say this too. 🤟👍
Waiting on that YubiKey miniseries 🙏
Thanks for the info! I had to learn about computer security the hard way! Wish I had seen videos like this several years ago!
Sun I really like the click bait titles. It just makes the content seem more exciting. Also I love your content and am so grateful for it. I litterally had the worst security possible b4 i started watching you and thanks to you it has been vastly improved
Great video, looking forward to the clipboard episode. I've been curious about that topic for a while.
What’s a good alternative to a rasberry pi for doing air gapped sensitive operations like cryptocurrency private key stuff? (I realize a hardware wallet is ideal) How secure is orange pi?
love your content!! short videos with plenty information!!
Hey Sun! Thank you for your content, I recently stumbled upon your channel and started watching most of your videos!
Quick question: why you suggest it is ok to use same password on laptop and password manager? Doesn’t this just open a few extra attack vector?
Ty and keep up the good work!
Thank you so much for your content sun, I am addicted to learning more from your channel and admire your effort and enthusiasm.
Do you know if there is a safe version of EverNote or OneNote with good note taking / organizing capability that you can share with friends over the internet where your information is encrypted and safe?
I, personally, am loving these thumbnails back but no worries Sun, You can and probably should use the thumbnails you want to be featured. Anyway,
Exceptional Video!
Thanks for the support. Using less clickbaity thumbnails does feel right… it’s hard to find the right balance between “gaming the algorithm” vs staying authentic to one’s self knowing it results in less discoverability.
@@sunknudsen Go for it man, no shame. See the clickbait thingy as you helping *more people* get a more healthy approach to their digital life. It's either that or them just clicking another cat video. (:
@@sunknudsen don't. Honesty makes you stand out. We need to learn people how to look for it.
Hi Sun what happened to the Big Sur setup video?
I'm very interested in knowing more about the passphraseme.
Hello Sun, just coming to your content now and I can tell you that ironically I almost didn't start watching because of the click-bait headlines. My opinion... Skip that crap. I find your stuff very valuable. I hope that helps.
You mention Trezor but you missed the fact it can also be used as a FIDO2 device which can be recovered with the seed phrase. For that reason I prefer a Trezor or Ledger over a Yubikey
Thank you, very instructive!
Pleasure!
thankyou so much sir ❤️❤️❤️....
Pleasure!
Hi, Sun. What are your thoughts on Apple Pay/Wallet? Do you consider it safe?
很有意義的一支影片,希望你能繼續做下去!
What do you think about Brave browser. Thanks for the vids
Wondering if you did a video on the safari - Advanced - experimental features settings? Should they be turned on or off?
IM JUST CURIOUS SUN, HAS YOUR COMPUTER EVER BEEN COMPROMISED? HOW DID YOU FEEL? AND WHAT IMMEDIATE ACTION DID YOU TAKE TO PREVENT IT FROM SPREADING?
Interesting question… Step 1: disconnect internet by unplugging modem. Other steps depend on exploit.
Do you have an opinion on Steve Gibson's SQRL technology?
Thx bro will keep u on updated on what i am creating $
Where did your video go about encrypted flash drives? The basic version?
2 bad experiences: I used to use 2FA, but then I came across a post by someone who's phone stopped working and changed phones, and they lost access to everything.
LastPass blocked me from my account after we had a power outage, so I used my phone's internet to make an access point for my laptop, went to log in as usual, and they blocked my account. I lost access to everything!
where you able to recover it all?
great info. thanks
Awesome!!
excellent
I really enjoy your content. I am looking forward to any Yubikey episodes!!!!
yes more q&a's please
What are your thoughts on people search sites? With just a phone number for example, you can look up someone’s address, full name etc. Opting out of these sites seems useless as the information is public
As a rule, is it generally better to access your most secure info (eg bank account) via secured browser or the app of the company (eg app from bank with account)?
Thoughts on M1 Macbooks never fully powering off?
Which Yubikey would you recommend using?
For most use cases, I would recommend the YubiKey 5 NFC or YubiKey 5C NFC.
Best!!
FYI re: credit cards. You don’t need a PIN to use a credit card. I like the new idea but you didn’t read my second question ;-) Thanks for reading the first.
Can we get an update on if you have upgrade to Big Sur? or still sticking with Catalina?
Would really appreciate it, thanks!
Yes! Will publish episode on this topic shortly.
Yes please create video showing installing through pip passphraseme. Thank you :)
Can you provide chapters?
Good idea… on it!
Done
@@sunknudsen great love this video!
I am currently using firefox lockwise to save my passwords and sync them to different devices. Is it safe? Or should I always save passwords locally?
It is always safer to save passwords locally… that said, I have not researched Firefox Lockwise so I cannot comment. That said, interesting topic!
I have this huge problem with windows, to enable disk encription i have to use a microsoft account and link it to my device, How do you Proceed? cuz i've heard windows is a privacy nightmare
Do you recommend using password managers on Mobile devices?
It is safer to use both password manager and multi-factor authentication app on contemporary mobile operating systems vs on desktop. That said, when possible, I recommend air gapping both.
WHAT IF YOU FIND YOURSELF IN A DEAD SPOT/DEAD ZONE WHERE A SIGNAL IS FROM WEAK TO NO SIGNAL AND YOU DONT RECEIVE THE 2 STEP VERIFICATION CODE AND YOU TRY LIKE 3-4 TIMES AND STILL NOTHING. IS IT POSSIBLE THAT SOMEONE COULD INTERCEPT YOUR PHONE TO GRAB THE CODE? AND COULD THAT BE THE REASON FOR A WEAK SIGNAL?, LETS SAY YOU USE AN OLD BRICK PHONE (NOT SMARTPHONE), WOULD THAT BE POSSIBLE?
I would recommending avoiding SMS 2FA altogether because of SIM port attacks… using app such as OTP Auth on iOS is more convenient and secure. One level up from there is using a security key such as YubiKey (more on this shortly).
Please create content for passphraseme. thanks
How to separate school and personal data on iPhone?
How and where do I save the randomly generated password?
Thanks.
Please come back
IF YOUR WIFI WAS COMPROMISED, WOULD USING YOUR "1PASSWORD" BE UNSAFE? WOULD IT MATTER IF YOU USE A VPN? OR CAN HACKERS STILL BREACH THE "1PASSWORD"?
I will try to answer this question (among others) at the end of next episode.
@@sunknudsen OK, NO PROBS ;)
Sun, I wish you'd start publishing on Odysee like Rob Braxman.
WHEN USING "LOCK SCREEN" IS THE WIFI STILL ACTIVE BEHIND THE SCENES? WOULD THE VPN STILL BE ACTIVE BEHIND THE SCENES?
Yes, both would still be active.
@@sunknudsen OK, GOOD TO KNOW, ITS OFTEN THE UNKNOWN FACTOR THAT HOLDS ME BACK FROM APPLYING THESE SECURITY STEPS. BUT THANKS FOR CLARIFYING THAT UP ;)
Is it safe to share your MAC address to someone?
IF YOU USE A WIFI THAT HAS BEEN COMPROMISED, AND YOU PLUG IN THE "UBIKEY" WOULD THAT COMPROMISED THE UBIKEY'S SECURITY?
It depends on the exploit… theoretically, key material is safe given compartmentalization. That said, someone could exfiltrate password and TOTP token and quickly change credentials to takeover account.
@@sunknudsen EEK!!... THINGS LIKE THIS FREAKS ME OUT, SENDS ME INTO PANIC MODE. =D
YubiKey never allows to export outside of the secure element any private key material, unless you set it up for using the YubiKey for GPG in which case you provide private & public keys and add it to the YubiKey. Isn’t that?
I have a question: does the bitwarden generate secure passphrases?
Yes if you use their password generator
i like your videos, but you should change you googles!
F**K yeah.
OK, WHATS GOING ON, YOU'VE DISAPPEARED OFF THE RADAR AGAIN, YOU DIDNT GET COVID DID YOU?
A good descriptive/standing out thumbnail, with a catchphrase is awesome. But CLICKBAIT is killing RUclips for me. Turns everything into manufactured commercial content. The only reason I like watching your channel is because there is an honesty to the way you present yourself and the content. And isn't this channel all about trustworthiness and honest government vs populism and false advertisement?
Crap! None of the steps mentioned hide your IP address, which is most prominent in being safe online. So, work on encrypting your IP address first, rest everything later.
If you're worried about a $5 wrench attack, get a gun.
Algorithm.
Domen uk Nov
😅😂🤣
Could you upload your videos in 4K again?
The bitrate of your uploads sadly seems pretty low and it is kind of offputting to be honest, since pretty much every channel uploads in 4K now.
I am aware that your videos have their value in your knowledge and not in the visuals, and I am very grateful for your knowledge. But editing wise, your videos are not very complex so it shouldn't make that much of a difference to you I suppose :)
Anyway, keep up the good work and I am looking forward to your M1 Mac videos!
water boarding
Clickbait is only a problem when the content is shit. Yours sir, is not. Bait away!
passkeys
What's your view on Package managers, like homebrew. from a privacy perspective?
is KeePassXC secure enough?
On the second part. A super long super secure password that you can easily memorize, use your mothers maiden name+your bestfriend phone number+your first phone number, your second phone number
For example, mitsubishi567263820009163574888876351738555
Good luck