Show notes: Take-aways from the episode: Crypto is not really anonymous Crypto is both regulated and taxed (at least here in the US) Legal uses of crypto outweigh illegal uses. This stuff is legitimate. There are dangers, but crypto is something you might legitimately possess There are scammers everywhere. Protecting the private key in your wallet is vital to keeping your money: don’t lose it, don’t let it be stolen, don’t give it away. Stealing your private key is much easier than stealing US dollars out of your bank account. Feedback from episodes: Champ at Key 9 Identity sent us a couple of links for blog posts on passkeys. https://blog.k9.io/p/passwords-must-die https://blog.k9.io/p/key9-the-2025-security-key-shootout Hosts: Jim McQuillan can be reached at jam@RuntimeArguments.fm Wolf can be reached at wolf@RuntimeArguments.fm Follow us on Mastodon: @RuntimeArguments@hachyderm.io If you have feedback for us, please send it to feedback@RuntimeArguments.fm Theme music: Dawn by nuer self, from the album Digital Sky…

Show notes: Have you thought about moving your computing into the Cloud? This episode takes a look at a real-world adventure that Jim went through when moving his computing infrastructure from purchased servers in a rented rack in a datacenter to a VM Running in a cloud service provider using Docker, Linux, managed PostgreSQL. He covers the steps he took to get there, how it's going, the good stuff and the challenges in making it work. Cloud service providers: https://portal.azure.com https://aws.amazon.com/ https://cloud.google.com/ Technologies used: https://www.postgresql.org/ https://www.docker.com/community/open-source/ https://www.haproxy.org/ https://github.com Hosts: Jim McQuillan can be reached at jam@RuntimeArguments.fm Wolf can be reached at wolf@RuntimeArguments.fm Follow us on Mastodon: @RuntimeArguments@hachyderm.io Theme music: Dawn by nuer self, from the album Digital Sky…

Show notes: There are many scams, some to get your password(s), some just for money. Here's a sample list: https://www.experian.com/blogs/ask-experian/the-latest-scams-you-need-to-aware-of/ Lists of login methods: https://testdriven.io/blog/web-authentication-methods/ https://www.logintc.com/types-of-authentication/ Who implements Passkeys? https://www.passkeys.com/websites-with-passkey-support-sites-director y https://fidoalliance.org/passkeys-directory/ https://www.keepersecurity.com/passkeys-directory/ The three things that come together to make passkeys: Using key pairs, like SSH: https://www.ssh.com/academy/ssh/public-key-authentication Biometric authentication, you're already used to it from your phone New User Interface " ceremonies " Which password managers support passkeys? 1Password (our personal favorite) Bitwarden Dashlane Google Password Manager Keeper NordPass RoboForm A little about password managers: Almost any password manager is better than no password manager at all so do your research. Find the best one for you. Make sure it answers these questions: Does it run on all the platforms you care about? Does it have a pricing model you like? Does it use a cloud service, or not, or of your choice, in a way that you like? Does the password service itself have access to your keys? What kind of secrets can it keep? Passkey descriptions and implementation documents The FIDO alliance: https://fidoalliance.org/passkeys/ Google (for developers): https://developers.google.com/identity/passkeys/developer-guides Apple (for developers): https://developer.apple.com/passkeys/ Wolf's top three personal digital security recommendations Use a password manager (it should support passkeys). See above. Once you create a passkey for a specific service; change your previous password. The new one should be generated by your password manager and you should never use it unless you absolutely must. Make sure your device is secure Use biometric authentication Have a strong password. Your password manager can generate one made from words. Easy to remember; hard to guess. Make sure you know how to force your device to require a password. You can be tricked or forced to authenticate biometrically. Law enforcement can't force you to reveal a password; and if you're careful, you can't be tricked out of it. Be aware of your surroundings. Bad actors can "shoulder surf" and get your password, or cameras. It's just like the old days at the ATM. You don't want a person right behind you to see your PIN. Hosts: Jim McQuillan can be reached at jam@RuntimeArguments.fm Wolf can be reached at wolf@RuntimeArguments.fm Follow us on Mastodon: @RuntimeArguments@hachyderm.io Theme music: Dawn by nuer self, from the album Digital Sky…