Know How... 89 (Transcript)
NetCasts you love, from people you trust. This
is Twit!
Bandwidth for know-how is brought to
you by cachefly.com.
This episode of Know-How is brought to you by SquareSpace. The all-in-one platform that makes it fast and easy to create
your own professional website or online portfolio. For a free two-week
trial, and 10% off, go to squarespace.com and use the offer code KnowHow.
And by I fix it. You can fix it, and iFixit makes it easy. With free step-by-step repair
guides, high quality replacement parts, and all the tools you’d ever need. For
$10 off your purchase of $50 or more go to iFixit.com/twit and enter the code KnowHow at checkout.
This week on Know-How how to bandage
your heart bleed, check out a brand spanking new router and were going to tell
you how to speed up your Windows 7 or 8 computer, for free.
Father
Robert Ballecer: Welcome to know how, it is the twit show where we
bend, build, break and upgrade. I’m father Robert Ballecer.
Bryan
Burnett: And I’m
Bryan Burnett.
Fr.
Robert: For the
next 30 minutes or so we are going to take you through some of the projects
that we've been working on. Some of the quick tips that we
been coming up with and talk all about a nasty, nasty Web vulnerability. You ready for that?
Bryan: Yeah, I been hearing a lot about that. And I don’t understand it at all.
Fr.
Robert: Heart bleed. Okay so let's talk a little about heart bleed. When
we talk about heart bleed, what we are talking about is a
vulnerability with an open SSL which is a subset of SSL as we know it.
It is a secure sockets layer which actually translates into TLS. When we are
talking about TLS we are talking about what happens when my client makes a
secure connection to a server and…. I'm losing you huh?
Bryan: Yeah. it has a catchy name. But I have no idea what you’re talking about.
Fr.
Robert: Here is the
problem. I think the media has been over explaining it. They like to get into
technobabble. In fact we’ve been doing that too. I’ve been guilty of that, I
try to explain part bleed on Padres corner, and I said I was going to do it in
English and then people said…
Bryan: 30 minutes later and people still
don’t get it.
Fr.
Robert: So let me
break it down to you. As simple as I can make it. You
are a server. And that is your system memory. So that is what you’ve got -
you’ve got a nice little set of jelly beans which represent the memory you have
stored within your RAM. Correct?
Bryan: Quite a bit of memory in there.
Fr.
Robert: All right.
Now I’ve got a secure connection to you. Like Facebook. That means I get that
little lock in the upper corner of my browser right? It tells me that our
connection is encrypted. It is secure. But here is the problem. You cannot just
keep those connections on forever. You have to be able to drop them if they are
no longer in use. The problem is, the way that we make
sure that you keep the connection is that we send what is called a heartbeat. A
heartbeat is just a little symbol pack. It is a little bit of information that
goes from me to the server and it says hey am I still here, I am still alive,
don’t drop the connection. And this server is supposed to send me back the
exact same thing I sent to it. So I receive it and I know the server is going
to keep me alive.
Bryan: A little handshake.
Fr.
Robert: A little
handshake yes. All right so, this jellybean right here. This one is a
heartbeat. Now what I have to do is I have to actually include this in my
handshake to you, my heartbeat. But I also have to tell you in the signature
how big this is. That is how this heartbeat works. Alright so I say, I am sending you one jellybean. Send me one jellybean
back. So I take this and I give it to you, it goes on top of your pile of jelly
beans, and then you say okay I received one jellybean and then you send it
back. That is a heartbeat. That keeps this connection open so that you know I
want to stay open to you. Now, every other implementation at SSL, other than
open SSL, does a quick check because I have to tell you how many I’ve got and am passing, right? All other SSL will actually
look at what it is receiving, will look at what you told me I was receiving, and
make sure the two are the same. So if I say, here is one jellybean, it will
look and say yes that is one jellybean I will send it back to you. Open SSL missed
that step.
Bryan: It is too trusting.
Fr.
Robert: It is too
trusting. So what happens is, I can do this. I’m going
to say all right this is one jellybean, but I'm sending you 64,000 jelly beans.
Bryan: It kind of looks like one jelly
bean.
Fr.
Robert: Yes, but
you are open SSL so you don’t care.
Bryan: So I’m going to send you all the
jellybeans back.
Fr.
Robert: Right,
exactly. So in a jellybean case that is the heartbeat.
Bryan: And the exploit is the person can
do it over and over until…
Fr.
Robert: I can do it
over and over again, and I can just keep slowly advancing my pointer until
eventually I have all of your jellybeans. All of your system memory, everything.
Bryan: All of my jellybeans eventually
belong to you.
Fr.
Robert: Exactly I have
all your jellybeans. And that, in essence, is what heart bleed is. That is
really the simplified version of what is going on in heart bleed. There is a
lot of technical stuff, I actually really love it. You can actually see, they have isolated the piece of code that is responsible
for the heart bleed bug. It is a fascinating read but if all you want to know
is how heartbeat works, that’s it. The basics of it.
Bryan: The scary thing is that it has been
around for so long, and nobody caught onto it for a while.
Fr.
Robert: It has been
around for two years. So it has been in the wild, no one figured to check on
open SSL. Open SSL, I’m actually a big proponent of open source software. So we
do peer-reviewed. Everyone looks at everyone else’s code, so it is kind of
unthinkable that something like this went on for two years before anyone caught
on.
Bryan: It is kind of scary but I guess we
know now. And later on we will show some of the steps we can take, if you have
been compromised, to secure yourself.
Fr.
Robert: Because
this is cool. But the real problem here is once that server has been
compromised, once someone has emptied out the system memory, they could have
all the encryption keys, they could have your server certificate, they could
have anything that is in system memory. So if it was processing data, then they
have that data. If it was processing usernames and passwords
than they have your usernames and passwords. More importantly if they
have those encryption keys it means that someone could do what is called a man
in the middle attack where they pretend they are in your Facebook. All of
someone else’s traffic would route through me, go to you and back and I get
your jellybeans! And you can’t tell that I’m doing that.
Bryan: That is kind of scary.
Fr.
Robert: The biggest
problem is that people use the same username and passwords for multiple
websites.
Bryan: Not a good idea.
Fr.
Robert: Not a good
idea. And you’re going to help us with that.
Bryan: I have a solution for that later
on.
Fr.
Robert: But before
we get to the bandage for the heart bleed. I promised my fans on twitter that I
would show you a quick down and dirty, easy way to get back up to 10% of your
system performance if you are using windows 7, or Windows 8. Shall we take a
look?
Bryan: Yes let’s do that.
Fr.
Robert: Now we all
like speed. We long for it. We crave it. We want it in our PCs, our laptops,
our Macs, our devices. Pretty much anything that can go faster we want it to.
And so, we spend a lot of money, we spend a lot of time building and breaking
and upgrading and replacing all in the quest for speed. But what if I told you
Windows 7 and Windows 8 users that there was a way for you to get up to 10% of
your speed back? Without upgrading anything. Without replacing anything. Without really changing the way
you use Windows, or even opening up the case. I know it sounds like a pipe
dream, I know it sounds too good to be true, but folks this is something I have
been doing since Windows 7 dropped on the world. The tip centers around two
servers that are always running in the background of Windows 7 and Windows 8.
The first is called remote assistance. Now technically, the feature is very very cool. It sits in the background and it waits for
someone to connect to your computer and use their keyboard and mouse to show
you how it’ll fix something that is going wrong with your computer. Again, a
nice feature that I would be willing to bet that very few of us have ever
actually used. So if we are not using it, why let it sit in the background
using up your resources? This second service is called system restore. Now this
actually is a very useful service. It allows you to create safe points that you
can jump back to so if you warp your PC system you always have an easy way to
go back to an image that was clean. Here is the problem though. Very few of us
have safe system restore points. Very few of us have actually done the work to
make sure that we have gotten the safe point where we want them. And so we are
normally going to go back to the original factory image. So if we are going to
do that, and you've got the factory install disk, if we've got the factory
installed partition, we have some way to go back to how it was when we first
received the computer. If that is what we are going to do, and especially I
would suggest you do that if you have a virus, then why even have that running?
Let me show you how to turn them off. The first thing you need to do is get to
the system option and control panel. I usually just right-click the computer
icon on the desktop and choose properties. Once in the system menu you will see
all the stats on your computer, but to the left of the stats you will see
control panel home. Along with four shielded options. Click remote settings.
You will see a field for, allow remote assistant
connections to this computer. Go ahead and uncheck that box and then click
apply. You’ve just turned off the remote assistance server but now we need to
shut off system protection. In the control panel there is a tab for system
protection, go ahead and select that and you'll notice under protection setting
that it will tell you if one of your drives is protected. Usually it protects
the drive with the operating system but not the others. Select the drive that
is protected, then click configure. Now select the radial button to turn off
system protection and apply the change. That is it! You have just turned off
the two background services and you will recover all the horsepower that had
been going to feed those two services. Now I am sure that some of you are
skeptical that you can actually get up to 10% of your horsepower back, so I ran PCMark Vantage before and after the changes. With the
services on this PC scored 13394, after I ran the benchmark again making just
these two changes the PC scored 14578. If you do the math, that is a 9%
increase all without buying, upgrading, or installing anything. I’m Father
Robert Ballecer the Digital Jesuit and now that you
know how to take your horsepower back, go do it.
Fr.
Robert: Now Brian,
you can overdo it. In fact I know a lot of people who have overdone it. They
turn off all the services that they possibly can.
Bryan: Yeah, I’ve been a victim of that.
Fr.
Robert: Which is good. It is good to turn off things you don’t need.
But, you can go to far and
suddenly there is not a service there that you need.
Bryan: And then you reboot and you wonder
what the heck has happened to your system.
Fr.
Robert: Right. That
is why I chose these two services. These two services are actually pretty cool
features. But I would be willing to gather that 99% of us have never use remote
assistance. And at least 75% of us have never used system restore. So if that
is the case and you are not going to use those things you might as well take
them out.
Bryan: Very rarely. I was actually, this
weekend thinking about formatting my computer. And system restore, I never used
it and most of the stuff I backed up to external hard drive.
Fr.
Robert: In for me,
the only thing that really makes me think about reinstalling or going back to a
previous version is if I think some way my system has been compromised, or I
installed something that is messing it up. And in those instances I never want
to use system restore. Because it doesn’t quite clean
everything.
Bryan: And it doesn’t always fix it. Doesn’t get rid of everything.
Fr.
Robert: And so I
just go back to the factory fresh install. And also, I kind of like that. Maybe
because I’m a Windows user but every once in a while, like every 18 months or
so I like to reset everything. Not necessarily because the Windows is messed up
that because of all the junk I’ve added on. And I just want to clean house.
Bryan: It is nice to just start fresh and
then the way I do it, is I just add things as I need them. Like, I’m not going
to use Premiere this week I will install it next week when I’m going to be
editing something.
Fr.
Robert: Well you
know this is great. And I think I have way too many jellybeans. I ate too much
system memory! But I thought this might be a good time to talk about our first
sponsor. Now Brian, have you ever heard of SquareSpace?
Bryan: I have. I am a user of SquareSpace.
Fr.
Robert: What do you
use it for?
Bryan: I will not shamelessly plug myself,
but I have a website that I use for SquareSpace. I
like it because I can just focus on putting my content on the web and not worry
about anything else.
Fr.
Robert: What Iowans
liked about SquareSpace is that it is an all in one
platform. It really is a turnkey solution. Sometimes, and I will admit to this,
I have a service right now that I use that just provide service, and I use
someone else to provide the package that I put on top of it. I even use a
third-party to give me a rock solid back of database. What if I told you that
you could get all those things at one place for one price?
Bryan: I believe you, because I use it.
Fr.
Robert: Which is
why we are proud to say, SquareSpace is a sponsor of
Know How. Now what do you want to do? Do you want to publish a website? Do you
want to make it easy for your clients to see your portfolio? If so, you need to
use SquareSpace. It is a great way to share a weekend
project blog or provide the ability to jumpstart a site startup project. With a
professional looking site and the ability to quickly and easily take orders and
sell creations. Now some of the reasons that you will love SquareSpace would be that they are constantly improving their platform. They are not one of these companies that just sells you the service and
then leaves you alone. They are always adding new features, new designs, and
even better support. They also offer flexibility. This is important for DIY-ers, the core audience of Know How. There are sets of tools
to create your own website, without code. From design tools
like layout engine and the logo Creator. A platform
for customization and especially if you know enough code to get under the hood,
since the developer platform is super robust. SquareSpace also has beautiful designs, they have 25 templates for
you to start with. And recently added a logo Creator tool which is a basic tool
for individuals and small businesses with limited resources to create a simple
identity for themselves. Now SquareSpace is also easy to use. But if you want some help, SquareSpace has watched And email 24 hours a day seven days a
week, but I almost guarantee you you’re not going to need it. They have a
completely redesigned customer help site for easier access to health and to
give use self-help articles and video workshops but in my experience it is so
easy, and so intuitive that those things are good to have, but you’re not going
to have to break them out. SquareSpace makes your
projects that much easier. SquareSpace also gives you
e-commerce. Now available for all subscription plan levels,
including the ability to accept donations which is good for nonprofits. Cash, wedding, and school fundraisers. It starts at just
eight dollars a month and includes a free domain name if you sign every year.
Now the new SquareSpace Metric app for iPhone and
iPad allows you to check site stats like page views, unique visitors and social
media followers. With a blog app you can make text updates, tap and drag images
to change layout, and moderator comments on the go. Even their code is
beautiful. We all know that SquareSpace looks
beautiful on the outside but what is also amazing is that the code inside is
beautiful too. I’ve actually taken a look at it. It is just so well done, their auto generation tools are spot on. SquareSpace takes as much pride in their back end code as
they do in their front end design. That just tells me that they pay attention
to what they are doing. Now, again, hosting is included. They take care of that
so that you don’t ever have to pay a separate subscription feed to keep your
blog. You pay one fee, each month and be done with it.
So here is what we want you to do. We want you to try SquareSpace.
With a free two-week trial, with no credit card required, start building your
website. Now when you decide to start up your SquareSpace make sure to use their offer code KnowHow to get 10%
off and to show your support for Know How. We thank SquareSpace for their support of Know How. A better website awaits.
Start with SquareSpace.
Fr.
Robert: Now Brian, we
talked a little bit about heart bleed. We talked a little bit about how to
speed up our Windows machines. Now, I want to know if there is a way to protect
myself from those nasty, nasty vulnerabilities I find on the Internet.
Bryan: Now fortunately there is. And it is
probably something you should have done even before heart bleed came out. And
that is to use different passwords for different websites, something that I am
ashamed to say that I have used the same password for multiple sites. I've used
throwaway passwords and usernames and things like that. It is not a good idea.
Fr.
Robert: It’s true,
it’s true. The sad part is we all, at a base level, understand why we should be
using different passwords. But it is so difficult. If you are using 20 or 30
different web services with everything from your social media to your credit
cards to your banking and vacation websites. Whatever it
might be. It can be a pain to remember the different password that you
chose. Even have, like me, each password is sort of an
information to the next one. It is still too easy to forget. So I will
admit, a couple of websites out there have the same
username and password.
Bryan: Well the problem with that, I’m gonna tell you about it. It is called LastPass.
It is something that a lot of people here at the studio use. I know Leo has.
And Steve Gibson on Security Now has personally vetted it. If he says it is
okay, I’ll go with what he says. But if you want a more in depth explanation
you can definitely check out twit.tv/SN for Security Now. They did a couple of
issues about heart bleed and LastPass. Which is what we are going to be showing here. This is just
their little advertisement for the product but basically it is the service that
you use one password to unlock your password vault. And then that is where you
keep all your encrypted passwords. This is all done locally and from the way
Steve was explaining it is that LastPass doesn’t even
know what your passwords are. It is all done locally on the machine. So the only
person that has access to your passwords should be you. Just don’t forget your
one main password that you use for it. So we will just run through a quick set
up of what to do. you can use it for free, but there
is a $12 fee if you want to use some of their other premium services that they
have. We’ll just go through it will quick. If you look at my laptop, this is
their website it’s pretty basic to use. When you download it, what it will do
is it will install itself as an extension on your browser. So I use chrome, I
use Safari, Firefox. As an extension for all of those
products. It also does mobile devices. So it runs just on basically
everything. Windows, OSX, Linux, and as far as mobile OS’s, it runs on iOS,
android, blackberry, Windows phone.
Fr.
Robert: Actually, I
installed LastPass not too long ago. It was before
heart bleed, I wanted to give it a go. It surprised me how easy it was to
install.
Bryan: I used it for about four years now
and I have about 180 sites that I use it for. So whenever I go on a new site, I
have my regular email that I use, and it has a great password generator. So
when you do install it, it'll just pop up as a little extension in the top
right corner of your screen, it looks like a little red asterisk. I’ve got my
vaults which I’m not going to open!
Fr.
Robert: Oh, come
on! Open it! What could possibly go wrong?
Bryan: Well you can actually see my
passwords. Even if you go into that where you’re going to
edit a password. I’ll go into my kick starter as an example. You see the
interface, this is if you went into a website to edit it click if I click that
then you will see my password. But I’m not going to do that right now. But
anyway, so you’ve got your vaults and in some of the settings it is pretty basic.
Fr.
Robert: And one of
the things I thought about LastPass is it is a really
good way to organize your sites. Even beyond the password stuff. I don’t think
most people realize how many places they've left credentials on. Especially if you are really just starting out. You throw
your username on this you through your username on that before you know where
it… I've come back like three years later and realized I asked have an account
somewhere! If I had had LastPass set up that way than
I would know.
Bryan: Is a very good way of keeping track
of the sites that you’ve made usernames for and then also when you come to a
site.
Fr.
Robert: LastPass gets rid of all that.
Bryan: If I go to the website, say kick
starter here you get to the website then LastPass fills out the username and password for you. But of course as I do this live
nothing loads up because of our great Wi-Fi.
Fr.
Robert: Okay here
is a question that I know a lot of people have. Which is,
wait a minute! I’ve always been told to never write my passwords down.
I’ve always been told that I don't want to have one file that has everything in
it. Because the people get that file they’ll have everything. So you are
consolidating everything into one place right?
Bryan: There is that danger that you are
putting all your eggs in one basket. But it is a lot better than trying to
write them down.
Fr.
Robert: And also I
will say this, we are at the point where we have so many usernames and so many
passwords and remember you should be using unique usernames and passwords for
everything that the security benefit of having them all different, having all
your usernames and passwords unique outweigh the disadvantages of having
everything contained in one space. It is encrypted, someone will need to know
the password for last pass and have access to your device. You do have to weigh
the pros and the cons, but I would say by far it is worth it to make sure that
even if one website gets compromised it is not going to affect everything else.
Bryan: Right. One thing that it does that
is really nice, is that it will audit your sites to
give you a security score. So read through your list of sites and your
passwords, find the duplicates. Last night I went through mine, because my
score was not great, my score was 51.2% and I was…
Fr.
Robert: Wait. How
does that score?
Bryan: How does that score?
Fr.
Robert: Yeah, what
does 51.2% mean?
Bryan: That’s how secure my list of
websites and passwords is. it goes through and if it
finds a duplicate password for a website, or a password that doesn’t have any
numbers or symbols, that gives you a really low score on that password. Or when you use a completely random generated password that Last
Pass gives you.
Fr.
Robert: Actually
that is something we should talk about in concert talking about LastPass keeping unique user names and IDs. If you are
going to use a service like LastPass, there are a few
other services that do in effect the same thing, if you are going to be using
that you no longer need to remember passwords. You remember the one password
from LastPass, and everything else can be absolutely
gibberish. I know I always use passwords that are a combination of something I
know or something I’ve randomly generated. Bout with something like LastPass you don’t have to memorize that you can make it
truly strange. Special characters galore, capitals, lower
cases, letters and numbers. It doesn’t really matter because I’m not
going to have to type it in. I can just use last pass to drop it in the site
when I need to access it.
Bryan: Right. So when you go to a site to
make a new password or change your password, it is really easy to generate new
passwords. If you look up here you can even change the number of characters
that you use in your password when you generate one. And these are just
completely random and it shows the strength of the password and stuff. A lot of
times when I use these passwords on a website it is like a really great
password, completely random. You can use special characters, make a
pronounceable, it gives you all kinds of options for that sort of thing. I
usually just use a random password to say that and if you are worried about
when you are making a new account make sure to copy it real quick. Then make
your account and double check after you have created your new profile for that
site. Sometimes I made a generated password for a site and I forgot to save it.
But fortunately LastPass does have a file where it
shows recently generated passwords. That is a quick tip that helps.
Fr.
Robert: Now, I will
say this. Maybe I know someone who has done black hatting in the past. Just someone. And there are some tools out there that are
really really good at taking a password list and
checking them against all major sites. It is a batch file, you dump a bunch of
data in it tries it out against everything. There are options, in some of the
better tools that will tell it to ignore obviously random generated passwords.
Because if they see something that looks like a completely randomly generated
password, then the chances are they’ve used randomly generated passwords for
all their sites. So that is a low hit. So actually it will move those to the
back. The ones that this person always focused on were the ones that looked
like words. The winds that looked like some sort of pneumonic phrase at the
person was using because then I know they probably use that on multiple sites.
Bryan: And I would not use your master LastPass password for anything else.
Fr.
Robert: So! Pro
tip: do not use your LastPass password, the one
password you absolutely need to protect is your LastPass password. That doesn’t go anywhere. That one stays in your head.
Bryan: And the final nice thing about LastPass, there are alternatives out there but we are going
to focus on LastPass right now. And that is the
mobile app for LastPass. So a lot of my apps on my
phone I’ve made a password basic because one-on-one my phone I want to type it
in real quick. Now couple weeks ago LastPass updated
and you can use it to login to whatever app you want to use. So I logged out of
Instagram, for example, and I generated a new password last night for it which
I could not type again even if I really wanted to. And so now that I've gone
into the app LastPass pops up with this little pop up
here, so I don’t even have to go into the last pass to save it.
Fr.
Robert: So you give
it the master password and it automatically fills in the password for that
site?
Bryan: Right. So long as I can remember my
master password, which I'm going to type in right now.
Fr.
Robert: You know
what would be good though? If we had a program that saved your password for
your last spat!
Bryan: You think so? LastPass for your LastSpat?
Fr.
Robert: We get it.
We understand. So you type in your master password and it is going to
automatically fill in the password for whatever site you are currently on. And
actually, I have to say the mobile integration for LastPass is probably second to none.
Bryan: So now, I can fill the form with my
Instagram password. And now I can login. That makes it really easy for logging
into your mobile apps. So I use it for everything now.
Fr.
Robert: We are
probably going to have to revisit this subject because, and can there are other
services out there. How much does last pass costs? LastPass is $12. A dollar a month is what they say.
Fr.
Robert: We have to
satisfy everyone in there, I know there are people in the chat room who used One Pass. And One Pass is…
Bryan: $34.95 a year? And there is another
one… Key Pass?
Fr.
Robert: Key pass, Which works. I’m not going to knock open source. I kind of
like the interface on key pass. I know there are a lot of people who say no.
Bryan: I’ve been using LastPass for a while and it is not terribly expensive, for the convenience it allows me.
Fr.
Robert: You use
what you trust.
Bryan: Yeah. Steve Gibson gave it his
thumbs up and that was all I needed. It is a lot better than what my grandma
used to do which is type in my passwords to in a document and then save it to
my desktop with the title Passwords.
Fr.
Robert: That always
works!
Bryan: You can’t do that anymore grandma.
Fr.
Robert: Actually I
have a family member who used to put her passwords into an email draft and just
leave it in the draft so she would always know it was there.
Bryan: Oh yeah, so secure. Good idea.
Fr.
Robert: Again you
use what you trust. Speaking of who you trust, iFixit. Now we here on the show are big fans of iFixit. They have been with us from the beginning, big
guests. They understand what we are trying to do it know how. We are trying to be
able to hack. We are trying to upgrade. We are trying to be able to open things
up so that we know how they work, and iFixit gets it. IFixit is a free online repair manual and tool kit
for everything. They have more than 10,000 repair guides for everything from
electronics like your smartphone, tablet, and game console to your home
appliances, your clothing and even your bike. They also have foolproof instructions
to fix all your stuff. If you shattered your iPhone screen, need to repair the
red ring of death on your Xbox, or swap the battery on your galaxy S3, iFixit has got you covered. With their parts, tools and
their repair guides to make it easy. Now today we are introducing two new iFixit tools. The pro-text screwdriver set and the magnetic
project mat. Now you've seen the magnetic project map, it is this wonderful
device that lets you stick your screws on it and make a little sharpie or dry
erase marker next to it so you know where it’s going. But this is the thing
that is got me excited. This is their smaller version of the iFixit toolkit. It is all the tools you need, but with half
the space. Now the ProTech screwdriver set is a one
screwdriver set to rule them all. You get 15 screwdrivers specifically chosen
for the iFixit teardown. These drivers can handle
more than 90% of electronic repairs. Designed for heavy use and delicate
precision which means that you can get those really hard to reach small specialties
screws and also cranked down whenever you need to get onto a stuck bolt. Their
black oxide texts increased retro ability and corrosion resistance and a flex
blade swivel top design for added precision. Now their custom tool room makes
this a handy portable toolkit for amateurs and professional action also can
service alike. And, of course, like most iFixit stuff
it comes with a lifetime warranty. You break one of these babies in the line of
service and iFixit will replace it. Now this comes
for $59.95 which is actually a steel when you consider
everything that we've been able to do with these toolkits. If you've ever seen
a project on Know-How, 99% of the time it has been using these drivers, these
tools from an iFixit toolkit. That is why we like
them. They are not just a sponsor, they are our tools
of choice. Now here is what we want you to do. We want you to try iFixit. We want to see it may be they are the source for
all the tools, repair guides, and information you need to tear down the electronics
that you are trying to upgrade. Right now with iFixit you can fix it yourself. Visit iFixit.com/twit for more than 10,000 free
step-by-step guides. IFixit also sells every part and
tool that you’ll need. Enter the code Know-How at checkout and you will save
$10 on any purchase of $50 or more. That is iFixit.com/twit. We thank iFixit for their support of Know-How.
Fr.
Robert: You use IFixit all the time right?
Bryan: I just like to take things apart
sometimes. Not necessarily am I able to put them back together. But iFixit makes it super easy.
Fr.
Robert: One of the
things I really like in the larger kit are those
sponges. I will admit I am a barbarian when I take things apart. I normally
just put a flat screwdriver in there and kind of crank it until something
breaks. Or it opens up.
Bryan: You know when you come back with a
handful of those USBs from the conventions? I like to just pry those apart and
see how the memory is is it just on the board or do
they have little SD cards? So I have a little iFixit screwdriver that I use for that.
Fr.
Robert: It is
always nice to have a sponsor that gets you. And I get I fix it gets us. Now
you know who else gets us? Routers.
Bryan: Yeah. I see you got some links to
some of these.
Fr.
Robert: We’ve got a
little bit of the old hotness. This was the previous gold standard for
everybody running the DDWRT. And that was like an open source router. I think I
got this may be five or six years ago. It was a while back. This is one of the
original WRT 54G’s. one of the first versions. Now the
nice thing about this router is that it came with enough firepower to make it
run DDWRT. That is the open software source project that we've been running on
the show anytime we want to do something with IP cables or DNS mask. It runs on
lower end routers but gives you some of those high-end routing features. Very cool, and also very geeky. Now here is the problem.
Although I love the DDWRT on a big system, it is kind of limited. You are kind
of shoehorning full source router software…
Bryan: Into like a little body.
Fr.
Robert: It is so
tiny. This one was 2.4 GHz only, so that is 80211 BG. It also did only 10, 100
ports. You had a port for the lan.
And it also had 4 MB of flash storage, which was a lot for back then. And 16 MB
assisted memory, but then on later versions they dropped it down to eight.
Bryan: It might be time to retire the old
guy.
Fr.
Robert: It might be
time to retire. These are great, as a matter of fact
there is one running underneath the desk right now. But Linksys has the new
hotness. This is the new Linksys WRT 1900 AC. Not check this out. It is 2.4 and
5 GHz continuously. So there are two separate radios in there, but you can run
both at the same time. For a lot of routers out there that will let you run
under 2.45, this one will let you run them concurrently. It also has 80211 BG
and AC. It has a beam forming tech which means it can use its four different
antennas to do this creative interference so that you can steer a beam towards
a particular device. I love that. Now for gigabit LAN ports and 1 GB line port
so you are going to get line speed for most of your networks. It also has,
instead of 128 Hz processor in the original WRT this one has a dual core 1.2
GHz CPU, it also comes with 128 MB of flash versus
four. And it comes with 256 MB of DDR three system memory verses 16 and eight.
Bryan: Okay. So little bit of an upgrade!
Fr.
Robert: This is the
new hotness. It looks mean. It is angry! Bert was saying he liked it just
because at the mean profile, and it is a little on the pricier side.
Bryan: Yeah, that was what I was going to
ask next.
Fr.
Robert: You’re
looking at $250.
Bryan: Actually that’s not as much as I
thought it would be. $250 and how long do you think this router will last you
for?
Fr.
Robert: Well you
know, when you think of the fact that we are still using this, six or seven
years later?
Bryan: If you can use this for even half
that time is worth it.
Fr.
Robert: It’s a
deal. But here is the big thing. All those specs are great. there is a lot of routers with those specs. But this is what is different about the
new hotness from Linksys. They were recently acquired by Belkin. They have
designed this to run open source. So, we hacked these devices, these old
routers. They weren’t meant to be, they were meant to run the proprietary
software. This has been designed from the ground up to give you the worst
power, then memory, the processing, and all those external inputs. This one has
USB 3.0, has you set up to give you all the things you need so that you can
really go to town with DD WRT or any other open-source routing software.
Bryan: Even looking through the little
vents on this it looks like a little PC in there. It’s got fans and everything.
Fr.
Robert: Well that
is essentially what it is, right? This is a Linux PC inside of a router
chassis. The inclusion of you sat at an USB three actually makes me think I
really want to test this. I want to run it through its paces. And see what kind
of transfer speeds I’m going to get over this thing. Because there are a lot of
routers that allow you to plug in external storage devices, but the speed isn't
all that great. I think with these ports I can actually pull off some serious
transfers.
Bryan: We should probably do some gaming
with it too. Just to test out the wireless right?
Fr.
Robert: No, there
will be no gaming on this router.
Bryan: No gaming?
Fr.
Robert: No. Just kidding. There’s going to be a lot of gaming. We are
going to run this through its paces. As we are want to
do on Know-How, we are not satisfied with the PR paper. What I just described
to you are all the specs, the specs are great, the promises great. But for the
next couple of months we are actually going to run this in a real network. And
if it passes muster I think it is going to be the new hotness that is going to
power the Know-How desk.
Bryan: And if it doesn’t pass that iFixit kit is coming out to see what it looks like on the
inside!
Fr.
Robert: Actually
I’m probably going to do that anyway.
Bryan: You would!
Fr.
Robert: Brian, we
have had an action-packed show. We gave a lot of description of heart bleed
that I think people can actually understand.
Bryan: And how to patch up your heart
bleed.
Fr.
Robert: And also
because it’s got jellybeans.
Bryan: Anytime we can involve candy on the
show… now every time someone eats a jelly bean they’re going to get it.
Fr.
Robert: We've also
told people how they can get some free performance back from their Windows PC.
And we’ve shown them probably the next standard hotness open-source routing.
Bryan: Yeah, because you’re drooling a
little bit.
Fr.
Robert: I haven’t
been excited by a router in a long time. But this is kind of cool. So that is a
lot. Where can the folks find out the information about these products and
those things that we showed them?
Bryan: Well, Padre they can find that on
twit.tv/KH where we keep all of our episodes and our show notes. We will have
links to the episodes I mentioned, and where to download software and all of
our notes you will find on the show page.
Fr.
Robert: You can
also email us but we don’t answer emails. So instead of doing that why don’t
you go ahead and follow us on twitter right? If you follow us on Twitter you’ll
be able to ask us for things that you want featured on the show and send us
snarky comments, we normally respond. You can find me on twitter.com\padreSJ.
Bryan: And I’m @cranky_hippo.
Fr.
Robert: Our prized
possession is not our show notes, our prize possession
is our Google plus community. 6000+ active users, I am always blown away by the
kind of discussion that goes on in there. Just this morning someone posted this
question. He wants to build an immersion ring. So he wants to take a computer
and put it in mineral oil or some other nonconductive liquid. I remember doing
those back in the day. This is why I love this community. They just always
tinker and I like tinkerers.
Bryan: I’ve been going to the community.
There are some awesome projects. Their versions are a lot better than some of
the things that we had made. There is some cool stuff on there.
Fr.
Robert: Speaking of
those projects, next week is a feedback episode. So we are going to be going
through the Google plus page, we're going to be pulling out the best questions,
the best projects and we are going to show them right here. So be sure to get
your comments into our Google plus page, make sure you get your questions in
there so we can answer them next week. Well, until next time, I’m Father Robert Ballecer.
Bryan: And I’m Bryan Burnett.
Fr.
Robert: And now that
you know it, go do it!
