Computers and the Internet – Whycal’s Blog

PASSKEYS UPDATE No 1 – A Shattered Dream

The podcast – Security Now No 972 – contains important information about Passkeys.

It is interesting to note that the host, Steve Gibson, does not use Passkeys. (At about One hour 57 minutes of the Podcast on YouTube – see following link).

This is the YouTube of the podcast – https://www.youtube.com/watch?v=fSNcUKphUtw&list=PLdPwyUeH0mS566Y0YZ7oAGghzMgRlWTBf

The part about Passkeys starts at about One hour 19 mins and continues until the end.

The latest William Brown Blog referred to can be found here https://fy.blackhats.net.au/blog/2024-04-26-passkeys-a-shattered-dream/

Although, it appears that you can store the Passkeys code on a Password Manager such as Bitwarden, there are other issues apart from the ones I was concerned about (see https://whysun.com/computers-and-the-internet/passkeys/ )

I am glad I decided to wait.

Windows 10 – End of Support

For some reason I was under the impression that support for Windows 10 ended in mid 2026. NOT SO – it actually ends in Oct 2025 – See Microsoft site https://learn.microsoft.com/en-us/lifecycle/products/windows-10-home-and-pro

Windows 10 Home and Pro

Windows 10 Home and Pro follows the Modern Lifecycle Policy.

This applies to the following editions: Home, Pro, Pro Education, Pro for Workstations

Important

Windows 10 will reach end of support on October 14, 2025. The current version, 22H2, will be the final version of Windows 10, and all editions will remain in support with monthly security update releases through that date. Existing LTSC releases will continue to receive updates beyond that date based on their specific lifecycles.

Support dates are shown in the Pacific Time Zone (PT) – Redmond, WA, USA.

If you have a computer that is capable of upgrading to Windows 11, it would be a good idea to do so now.

The quickest way to check is to go to All Settings / Update and Security / Check for Updates – See https://support.microsoft.com/en-au/windows/can-i-upgrade-to-windows-11-14c25efc-ecb7-4ce6-a3dd-7e2e24476997

There are links on this page to see if your computer will support Windows 11. Unless you want to go to Linux, a new computer will be required if your old computer will not support Win 11.

The good news is that Win 11 is little different from Win 10. I upgraded some time ago and it was easy – See https://whysun.com/computers-and-the-internet/i-now-have-windows-11/ As can be seen from this post, there are some minor superficial changes but, overall, Win 11 is very similar to Win 10.

Since then, I have written a series of eleven posts about the differences. BUT the biggest difference is described in No 1 ( At the bottom of the list or https://whysun.com/computers-the-internet/windows-11-update-1-right-click-menu/ ) – The right Click Menu. Otherwise they are only minor.

https://whysun.com/computers-the-internet/windows-11-update-11/

https://whysun.com/computers-and-the-internet/windows-11-update-10-local-backup-to-external-drive/

https://whysun.com/computers-and-the-internet/windows-11-update-9-synctoy-alternative-syncfolder/

https://whysun.com/computers-and-the-internet/windows-11-update-8-synctoy-backup/

https://whysun.com/computers-and-the-internet/windows-11-update-7-snap-layouts/

https://whysun.com/computers-and-the-internet/windows-11-update-6-settings-your-microsoft-account/

https://whysun.com/computers-and-the-internet/windows-11-update-5-microsoft-store-updates/

https://whysun.com/computers-and-the-internet/windows-11-update-4-notifications/

https://whysun.com/computers-and-the-internet/windows-11-update-3-lock-screen/

https://whysun.com/computers-the-internet/windows-11-update-2-control-panel-back-up/

https://whysun.com/computers-the-internet/windows-11-update-1-right-click-menu/

PASSKEYS

Albert Einstein – “If you can’t explain it to a 6-year-old, you don’t understand it yourself.”

I have been interested in Passkeys, but I haven’t yet used them as I don’t fully understand the system. Moreover, when I search online, the explanations are as clear as mud. This lack of clarity suggests a lack of complete understanding – as per Albert Einstein. YES – I admit that I am not as smart as a 6 year old!

By what I can understand, Passkeys seem as though they are confined to an individual device and, if you want to use the system on multiple devices, you have to set up a per device Passkey.

But I stress, I do not fully understand it.

My very limited understanding:

A passkey is a public/private key cryptographic system that is stored on your computer/device and is used instead of a username/password to sign into various web sites. In other words, code that identifies the device and, since you have signed into that device, you.

The passkey is said to be more secure than a password even when the password is combined with 2FA.

The thing that is putting me off using Passkeys is that the system seems to be confined to a single device/computer that contains the private key. If you want to use it on different devices, you need to set up a new Passkey for that device. You do this by usual sign in with a password and/or use your phone (using the camera to take an image of a QR code) and/or authorisation on the first device to confirm your identity. There are advances being made to address this issue e.g. Using a device like YubiKey or a Password Manager.

This YouTube video contains a far better explanation and details how Public Key Encryption works. He also confirms that the Passkey is linked to a specific device (10-minute mark) and that you need to set up device specific Passkeys:

https://www.youtube.com/watch?v=6lBixL_qpro

More and more sites are accepting Passkeys and the big Tech companies (Google/Apple/Microsoft etc) are supporting the system. Clearer explanations are starting to become available, but I still have gaps in my understanding.

My Password Manager is now said to support Passkeys. However I am not sure whether the Password Manager stores the private/public code or if it is still stored on the device.

I still have many questions. I don’t want to commit to Passkeys and then find out that I have issues using another computer.

My Password Manager has taken the pain out of long and unique passwords and I want to avoid it being like when I sign into iCloud on my Window’s computer and the sign in requires both a code sent to my iPhone and a tap to “allow” also on my iPhone.

If you have not cancelled password sign in (and without this, the advantages of Passkeys are largely negated), what is the point. The only way I can see is if you store the private key on say a YubiKey or a Password Manager.

I just don’t know. I did think of starting with Password Manager sign-in on one of my computers. BUT, if I do this, and someone borrows or even steals the computer and knows my PIN then the point of having a 30+ character Password Manager sign-in password is negated. My Surface Pro has Windows Hello face recognition but if that fails, the PIN will get you in.

There may also be potential issues when you upgrade a device. I have authenticator apps on my iPhone. In the past, when I upgraded my phone, I had to be sure to keep the old phone until I had transferred the log in 2FA to the same app on the new phone.

However, I note that when I last upgraded to the latest iPhone, I did not have to do this. I want any problems like these to be sorted out before I make the move. I don’t remember the aforementioned authenticator app issue being talked about when we were being encouraged to use authenticator apps instead of SMS for 2FA.

I will wait.

NBN UPGRADE FTTN to FTTP – Update 1

FTTP – Fibre to the Premises

FTTN – Fibre to the Node

It was in September last year that I posted about the NBN pits being worked on in our area. See https://whysun.com/computers-and-the-internet/nbn-upgrade-to-fttp/

I immediately altered my internet plan to qualify for a free upgrade and signed up for email updates from NBN.

In early October this year, a search of my address on the NBN site as well as an email from my provider (Telstra) confirmed that I could now proceed with the upgrade.

The Telstra email contained information to book a visit from a technician.

CORRECTION – THE CROSSED OUT PART IS NOT CORRECT – SEE UPDATE

~~My understanding of the procedure is:~~

~~· An initial visit from a technician to determine what work is required;~~

~~· Then, depending on the outcome of this visit, a further visit to install the equipment.~~

A Utility Box is installed outside the house where the existing NBN (Telstra) box is located then an internal NBN Connection Box is installed inside the house.

I hope the conduit from the pit on the footpath to the existing outside connector is in good order and they will just be able to pull the fibre through it.

The internal Connection Box requires a power point nearby and I have had an Electrician install it.

The only problem I envisage is the location inside the house where I want the NBN Connection Box. I want the new box to be located near the existing outlet for the internet. The NBN site says they will want to install it in a position that is convenient to them. See https://www.nbnco.com.au/residential/upgrades/more-fibre/step-by-step-guide

It’s important to remember our technicians have health and safety considerations to make when helping to choose a suitable location to install the nbn connection box.

It may not be possible to have the new connection box installed in the same location as your original technology connection points.
In the first instance, they will generally propose the connection box to be placed in an easily accessible location in the nearest appropriate room to the outside nbn utility box (provided it is not a wet area such as a bathroom or laundry room). Generally, we will only install devices in a bedroom if requested by you.
They may consider alternative locations that are easily accessible and within 40 metres of the nbn utility box, if all required specifications are met.
If you have a specific location that you would like the nbn connection box installed that does not meet the specifications above, you may need to separately engage a licenced cabler to provide a suitable cable path.

My existing outlet and router etc are within 40 metres. But, if necessary, I might have to engage a commercial cable installer. I will wait and see and post updates as they occur.

UPDATE – This Information is based on my visit from the NBN Technician 25th October.

NOTE! The usual procedure is for a Technician to do the installation in the first visit. Subsequent visits are only needed if problems are encountered.

CARE! The NBN only installs the fibre plus the two NBN boxes. The NBN does NOT connect up the router. This job is either done by the carrier or via self install.

In my case, the Technician arrived within the appointed time. He sent a text when he was on his way.

The procedure only took about 2 hours. The location of the inside connection box next to my modem was not a problem. He got up in the ceiling to run the cable and he put the connection box where I wanted it.

The only slight hitch was with the cable from the footpath pit to the outside utility box. He had a bit of a problem with the “pull through” but he inserted it from the other end and the issue was quickly resolved.

Overall it was straightforward and painless.

The usual procedure is to continue operating with your old connection pending “activation” by your carrier. The carrier provides a new router/modem (if needed) plus the ethernet cable to connect the NBN inside connection box to your router/modem. The carrier sends a text when the new service is activated and, with a self install, provides instructions, the ethernet cable and the modem/router (if needed). I phoned Telstra and was told that the usual period for activation is 5 to 7 working days.

The NBN Technician said that it is usually less time and could even be a couple of days. It was less that 2 days – see below ##, and to make it clear, the NBN Tech does not carry the ethernet cable to connect the NBN box to your router/modem.

I received a text message from Telstra (on the afternoon of the day after the NBN visit) saying that Telstra was aware that NBN had completed conversion to FTTP, and they would text again when it was up and running. This second text was received on the afternoon of 27th October – After I had it working – see below ##.

I had a spare ethernet cable and the NBN Tech plugged it in at my request.

After the ethernet cable was connected, I logged onto my router/modem and the program shows that the fibre is “up” with a speed of 1GB. I already have a speed of 100 MB down but I decided to pay for a higher speed of 250 MB down. Telstra has a special on at the moment so, initially, I won’t pay any more for the increased speed. I will probably keep that higher speed as the cost difference is not much.

Fingers Crossed – it should be all up and running by next Friday. See below ##.

## 27th October IT IS NOW WORKING (Less than 2 days after NBN Technician visit.) I am still on my old plan and the new higher speed will cut in on Monday.

CARE !! I don’t know when it actually started working – After reading some instructions, I decided to unplug the ethernet cable (NBN connection box to modem) from the port used by the Tech (UNI – D4) and instead plug it into the first port UNI-D1 (as per the instructions on line). I stress again that the NBN Tech only plugged it in on my request and I provided the ethernet cable.

NEW PLAN

I selected the 250 Mbps down 22 Mbps up plan as it was only $25 more than my existing 100 down plan. You can get a 700 Mbps down 40 Mbps up plan, but that is $60 pm more. I don’t think the 700 plan is worth it – the 250 plan is fast enough for me.

My new speeds

Upgrade to iPhone 15

I have upgraded my old iPhone to the iPhone 15 Pro.

Having recently upgraded my old Mac Book Pro to a new model, I was interested to see if Apple made upgrading an iPhone as easy as it was on the Mac Book.

It was BUT with two exceptions.

The first was with Authenticator Apps. I don’t know if it is me, but I had some minor issues . However, they were relatively easy to sort out.

The second one was down to me.

It involved Bluetooth. I could not work out why my Fitbit Versa would not sync to my new phone.

It took at least a couple of hours before the penny dropped.

The Fitbit ( as well as many other Bluetooth things) can only be connected/paired to one device at a time!

My Fitbit Versa was still paired to my old phone.

My excuse – I am old and do not understand these new fangled machines!

CONTROLLED FOLDER ACCESS

When I was running updates on my Windows machines, I wondered why I had not been required to fix a blocked folder access issue in a very long time.

I went into – Settings/Privacy & security/Windows Security/Open Windows Security/Virus @ threat protection/Ransomware protection/Manage ransomware protection/Controlled folder access – and discovered that it was turned off.

I checked my Surface Pro 7 as well as a NUC running Win 10 and discovered that it was also turned off on these computers.

A search on the internet revealed that it is now off by default. I am certain that it used to be turned on by default.

Many sites advise to leave it off – typical article like this in Computer World to “think twice” before turning it on – https://www.computerworld.com/article/3665694/windows-controlled-folder-access-think-twice-before-deploying.html

However, I have turned it back on. I “think” I know what I am doing but perhaps it is best to leave the default if you do not want to deal with the issues.

Had to laugh- The first “issue” that I had to deal with was to allow “Open Live Writer” to log on to post this.

INTEL NUC – DISCONTUED

I was listening to Widows Weekly podcast (Episode 837) and Paul Thurrott advised that the mini computer line by Intel – The NUC – was being discontinued.

The Verge has an article here https://www.theverge.com/2023/7/11/23790956/intel-nuc-compact-pc-discontinued

I have two NUCs and really like them. Not only are they fully functioning computers in a small size, but you can configure them yourself to some degree.

On the other hand, many prominent PC makers now produce small form factor computers and, with these, you are not confined to an Intel CPU.

I am attracted to the Asus PN 64. Like the NUC, you can get a “barebones” model and configure it with your own selection of DDR5 RAM (up to 32 GB) plus two hard drives – one M.2 and one SATA – just like the NUC.

The Asus PN64 supports high end graphics and has plenty of outlets including a handy “configurable” port that can be set up for VGA, Display Port etc plus HDMI 2.1. https://www.asus.com/au/displays-desktops/mini-pcs/pn-series/asus-expertcenter-pn64/

MacBook Pro Continued

Refer previous post https://whysun.com/computers-and-the-internet/new-macbook-pro/

I have been using my MacBook Pro for over 3 months now, and I have the following further comments.

TOUCH BAR

I do not know why people complain about this feature. In fact, people complained so much that Apple has removed it from many models.

I admit that I watched a number of on-line videos to learn how to use it properly.

But I like it. In fact, it is one of the features that I like the most, particularly the fingerprint reader.

OTHER COMMENTS

Battery life is very good and a Mac comes with most, if not all the Apps people usually need. These factors, along with build quality and an excellent operating system, make the Mac very attractive.

However, just like Windows, you probably have to consider buying extra on-line storage via iCloud to complement local backup via “Time Machine”.

I pay for Microsoft (Office) 365 that comes with a large amount of OneDrive storage. I have it installed on my Mac Book Pro.

Like One Drive, iCloud has only 5GB of free storage which is not enough for a second “off premises” backup. Dropbox has a smaller amount at 2GB. Google Drive has a much more generous 15GB free, but this includes Email and Photos and is still not enough for backup.

Microsoft 365 is probably the best value. The basic plan provides a full copy MS Office plus 1TB of OneDrive storage on 5 Devices (Windows, Mac and Android) for AUD $99 per year.

iCloud ranges from –

50GB AUD $17.88 per year – NOT ENOUGH;

200GB AUD $53.88 per year – Will do at a pinch;

2 TB AUD $179.88 About double the cost of OneDrive with 1TB plus Office.

The large iCloud jump from 200GB to 2TB with no options in between is a bone of contention.

I am happy with Office 365. This program works on my Windows machines plus my MacBook Pro as well as my iPhone and iPad – and at half the price of the 2TB iCloud package.

I would never use 2TB as I only use a fraction of the 1TB on Office 365. I could get away with 200GB by being careful but, even so, as a user of both operating systems, I see Office 365 as the best value for money. However, if you were Apple only and used to using Pages, Numbers etc, I would buy the 200gb iCloud package.

Google drive pricing is:

100GB AUD $24.99 per year

200GB AUD $43.99 per year

2TB AUD $124.99 per year.

NEGATIVE

The only negative for me is the lack of Facial Recognition combined with the need to type in the password when you boot the Mac. (You can’t use the fingerprint reader on first boot from full shutdown.)

Windows Hello with a compatible web cam is why I still favour my Surface Pro 7 (SP7). A touch screen along with a stylus to draw on the screen is a “nice to have” (on the SP7) but Windows Hello facial recognition is the reason I still favour the SP7. Apple fans hype the OS but, in my opinion, it is the OS that you are familiar with that counts. I have used both for years and I don’t think one is better than the other.

I do not know why Apple cannot do face recognition on a MacBook Pro. After all, it works well on my iPhone. My iPad is old and does not have it, but later models do.

CONCLUSION

If you want a Mac, I recommend the model I have as it is not all that expensive and does the job well for normal use – (13 Inch MacBook Pro with M2 CPU, 512 GB Hard Drive and 8 GB RAM).

It only has 2 USB C (Thunderbolt) ports but that has not been a problem. The inexpensive dock (I bought) expands connectivity to all that the majority of people want.

PASSWORDS

Please refer to previous post https://whysun.com/uncategorized/password-manager/

I have finished changing my passwords. I admit that I slowed down towards the end when I got to the less important sites – but it is now finished.

I want to document some rules that will now apply to any future accounts that I open:

· I will NEVER give credit card details. If they don’t have PayPal then I won’t open. Luckily, I had been doing this;

· I will also NEVER open an account that does not have easy to see provisions to close it and change password etc.;

· Overall I will give careful consideration to opening any on line account.

I was surprised at the number of sites that did not provide email notice of a change of passwords. There were not that many BUT ONE is TOO MANY!

NEW MACBOOK PRO

After having problems with my old (2014) MacBook Pro, I have replaced it with a new 13 Inch MacBook Pro with M2 CPU, 512 GB Hard Drive and 8 GB RAM.

The old one was starting to have issues. Not only was I prevented from upgrading to the latest OS, but the screen had a big dull patch. Previously, I had the keyboard replaced and problems with the touch pad had re-developed. Also, I dropped my Apple mouse and broke it.

So, I took advantage of the Boxing Day sales and got a new one.

I could still boot the old one (using another USB Mouse) and Apple has made the set up and transfer to the new machine easy. It is just like upgrading to a new iPhone. After you connect to the same Wi-Fi network, the transfer is done over Wi-Fi.

I did not have any problems, but after being stuck on an old version of OS X, there were some new features that had me scratching my head – but nothing too serious.

One thing to be aware of – The 13 inch model only has 2 X USB C ports (and a headphone jack) – nothing else including no power plug on the 13inch model – you have to use one of the USB C ports. Both are “Thunderbolt”, so a dock works well.

The 14- and 16-inch models have the headphone jack, a card reader, a HDMI and 3 X Type C Thunderbolt ports plus a Mag Safe power plug. These versions also have better specs BUT are much dearer. They don’t have any USB Type A, so you would still have to buy a dock or adaptor.

The shop where I bought it (The Good Guys) was sold out of USB C portable external drives (for Time Machine). As a result, I thought about this and decided to get a dock to connect to one of the USB C ports. I got one from Office Works that has 4 X USB 3 Type A ports, a HDMI 4 K port plus one USB C port that can be used for power. The price was about half of a USB C hard drive, and I could keep using my existing USB 3 Type A Time Machine hard drive.

As it has about 20 hours of battery life, the lack of a separate power port on the 13inch model is not a great problem, but it is good to have the dock so that I do not tie up a USB C port for power and can also use this USB C port for multiple purposes.

Immediately, I was attracted by two features that were not on the old MacBook. The first is, it has a fingerprint reader. I set this up immediately and use it all the time. The second is also good. Even if you shut it down, as soon as you open the lid, it re-boots automatically.

AND I must mention that Siri is alive and well. When I say “Hey Siri Open Excel” she obeys promptly. Unlike the disappeared Cortana on Windows.

Everyone raves about the M2 CPU, but the way I use it, I can’t see any difference – but that is just me. However, this is my new toy. My Surface Pro 7 (SP7) is now officially neglected- although the facial recognition and touch screen, that my SP7 has but not on my new MacBook, are hard to neglect.

I did try to do a wipe and reset of the old one to give it to someone. However, I had no luck. It just would not work. I took the old one apart (#) to remove the battery and hard drive. I transported the battery (along with another spent rechargeable battery) to the council dump. The local council has free battery disposal at their Waste and Recycling Depots. You often hear of garbage trucks catching fire from people putting these types of batteries in the rubbish bin.

(#) I have a full set of different screw bits so I can undo most screws.

FURTHER COMMENTS See – https://whysun.com/computers-and-the-internet/macbook-pro-continued/