Why you should NEVER use Two-Factor Authentication (2FA)

Posted under Technology


Two-Factor authentication might seem like a good idea on face of it – who doesn’t like extra security?

In practice, however, it actually reduces security and adds hassle.

When signing up for secured online services, most users, me including, were not properly warned about potential pitfalls of using 2FA and scenarious in which this “security feature” might actually forever lock you out of whatever you’re trying to secure – may it be a Google or Microsoft account, or even a Bitcoin wallet with several BTC in it.

The issue with 2FA is simply the fact that computers fail and mobile devices are the most failure-prone of all computers.

And it’s not just high probablility of phone “bricking” itself or being “bricked” by your own mistake – it’s the even higher risk of losing the device.

When you lose phone with 2FA app like Google Authenticator (GA), you are out of options – there is no way of migrating your existing GA account to your know phone and you are in mercy of customer support for whatever 2FA-enabled service you used to use.

There is no guarantee that customer service will help you with re-setting 2FA, even if they provide specific form for such inquaries.

If you’re lucky and do get your 2FA reset, it will certinaly be days if not weeks after your request. That’s because removing or re-setting 2FA is manual action that requires human interaction and should not be completely automated, otherwise it would defeat the purpose of 2FA in first place and any hacker could just fill out the 2FA reset form and be done with it.

If you do use Two-Factor authentication and Google Authenticator in particular, you are at mercy of phone hardware and your own ability to not lose your phone. Manually backing up GA database is feasable, but only in theory – in practice it is far too much extra work.

Automatic cloud-based backups would work, but would also be against the whole philosphoy of 2FA and massive security liability for Google.

My strong recommendation is to never use 2FA but use multiple lengthy and unique passwords stored in a safe, encrypted password manager, such as KeePass.

And most importantly – pay attention to what programs from what vendors you instll and you will never “need” the Two-Factor Authentication.

DCS World 2.0 – “Free to Play” for just $49.99

Posted under Technology


Lock On series was my favorite combat flight simulator. Several years later I decided to have another go at flight simulation and when I found out that developers of original Lock On sims are developing a brand new simulation engine with DX11 support (damn, DX12 would be AWESOME for generic terrain object rendering), I was, obviously, very excited.

My excitement only grew when I saw that latest “alpha” release of their Digital Combat Simulator (DCS) World 2.0 is “free to play” and “free download”, and the only logical thing to do next was to hit that “download” button.

9 gigabytes later the simulator is installed launches on my Windows 10 desktop, but the only thing I can do is browse their DLC packages, all of which are very expensive (1 aircraft ~$50). There are 2 aircraft included for free, but there is no terrain and I can not fly even the free aircraft.

At the time of this writing there was only 1 terrain package available, and that was, again, hefty $50.

I can understand the steep prices – after all this is a niche product and developers have to price it higher to make any profit at all, but I can not forgive the misleading title “free to play”, when, clearly, you must spend $50 to play. This is a clear case of false advertising.

Update: DCS version 1.5 is the one to download if you want to actually be able to use it, because version 1.5 comes with free scenery.

I am flying free aircraft (SU-25 and P-51 trainer), as well as Su-27 which I bought on sale for less than $10, and I am very pleased and impressed with how the sim looks and flies. This is, no doubt, the number one combat flight simulator for PC or any consumer computer platform and I can’t wait to see the version 2.0 to enter into Beta and, eventually, final release, and receive more downloadable modules (preferably for less than $50 bucks a piece) in future.

Google Chrome hangs when editing large textareas

Posted under Uncategorized


Today I encountered annoying bug (or “deficiency”) in Google Chrome browser (version 48.0.2564.116 m).

When working with large amount of text inside a HTML textarea, Chrome browser tab became slow to respond and eventually stalled completely.

My first guess was that spellchecking was the culprit, even though it is supposed to work in background and never interfere with user input.

After adding HTML5 attribute “spellcheck = false” to the textarea, I noticed immediate speedup – textarea didn’t lock up upon gaining focus and everything seemed well, for about 5 seconds – when response time quickly increased, as I was trying to type, until eventually the whole tab became unresponsive.

Apparently, this behavior is not new for Chromium or Chrome – a bug report describing same symptoms has been dated as far back as 2013.

Windows 10 is great, except the start menu doesn’t work

Posted under Technology

Windows 10

I have nothing bad to say about Windows 10. The decision to move away from distinct, monolithic releases of Windows, towards one, constantly updated Windows platform was certainly the right one. Industry analysts and stock investors alike are all in agreement, and singing songs of praise for Microsoft.

Migration experience for Windows 8 users was excellent too – no hassles, one click upgrade process and voila – you’re a Windows 10 user, ready for the true 21st century Microsoft experience.

Except for one small thing – the start menu and start bar has a tenency to stop working at random. This has happened several times on my AMD Phenom II based Windows 10 system, and the worst part is that it doesn’t fix itself after restart. The only way to temporarily fix it is by rolling back latest installments of automatic Windows Update.

This “bug” is so blatant and debilitating, that it almost feels like some sort of cheeky, hidden anti piracy measure. Yes, I do use a “pirated” copy of Windows 10 (upgraded from pirated copy of Windows 8.1 to be more precise), and, no, I am not buying a license.

Disabling “non-genuine” Windows 10 installations, however, is strictly against Microsoft’s “Grand strategy of world domination”. Microsoft don’t really care if you use genuine or pirated copy of Windows 10, as long as you use Windows and you continue to be part of the Windows ecosystem. There are many other ways of squeezing money out of you, some are indirect and so subtle you may not even realize – your presence alone as a Windows user makes Microsoft money.

That presence will be difficult to hold on to, when the most basic UI tends to stop working and stay broken indefinitely, until you manually revert Windows updates, which are supposed to improve user experience, not completely ruin it.

Update: Finally, after months of not being able to use my start menu, Windows Update has fixed the issue and I am able to use my operating system normally.

Grand Theft Auto V Online is completely broken

Posted under Entertainment, Technology


Rockstar Games “Grand Theft Auto V for Windows” was released in April of 2015, and, at time of this writing in late December, more than 8 months have passed, with several patches, updates and free DLCs.

However, one of the main selling-points of the game – the online mode, is is still broken. And when I say “broken”, I mean fundamentally broken and rotten to the core.

In my lifetime of gaming I had seen less cheating and hacking than in one week of playing Grand Theft Auto V. There are well known exploits that allow you to instantly blow up all other players, strip them of weapons, teleport, spawn vehicles and static objects and even bind them to players (somebody once stuck a Christmas tree to my character and I had to restart the game to get rid of it). Cheaters can also do evil deeds with more lasting effect, such as spawn infinite amount of money for others to pick up and rob themselves of any motivation to earn money “the right way”.

With all of this going on for months, and at least one cheater per every session with more than 10 players, you would think Rockstar Games should notice and do their best to stop this abuse. But no – apparently they either don’t care or are utterly helpless in face of some fundamental technical flaw in the Online Mode code.

If it turns out to be the latter – fundamental design flaw in Online Mode service – I won’t be surprised. Rockstart Games is not exactly the first company that comes to mind when I hear the term “multiplayer”. In fact, GTA V is the first and only online game from Rockstar that I know about – maybe they just didn’t have the right expertise in their development team, to architect the multi-player mode properly.

Maybe because of the sheer amount of moving objects (AI cars, cops etc) that need to be synchronized for each of the 30+ players per session, Rockstar opted for less centralized multiplayer system, with certain server-like functions for each client (player). Such de-centralization can lead to disaster, because anything other than Rockstar’s own servers can and usually will be compromised by hackers.

Perhaps Rockstar team underestimated the will and dedication of those modder and hacker groups, and the extreme lengths they will go to, just to create silly exploits with no commercial gain for themselves.

But what if some of those hackers finding exploits are actually developers for competing games (Just Cause, for example) and want to discredit their main competitor, saw seeds of discontent in GTA 5 community and, perhaps, even drive down GTA V review ratings?

Speaking of reviews, I gave GTA V a big, fat “NOT RECOMMENNDED”. Here is my brief review:

The most broken AAA title I have ever played in my lifetime of gaming. And, even more shockingly, Rockstar Games don’t seem to care.

Certain bug fixes and DLCs are coming, but the fundamental problem which allows anyone to do anything (instantly blow up all other players, teleport, spawn vehicles and static objects, strip other players of weapons, spawn infinite money etc.) is not addressed, and may never be addressed, if it turs out to be a deep, fundamental flaw in the Online mode architecture.

Rockstar are, essentially, selling a broken product – damaged goods. And it is borderline fraudulent.

Trapped in PostgreSQL

Posted under Technology


Just wanted to share this screenshot, which, perhaps, shares a familiar story of many noobs logging into PostgreSQL database for the first time.

How do you get out of PostgreSQL? The usual methods don’t work – the “CTRL + C” interrupt just prints keystrokes “^C” and no MySQL-like verbal “exit” or “quit” command exists.

Turns out there are at least 3 simple ways to exit from PostgreSQL command line client:

  1. By entering a “quit” command “\q” and pressing “ENTER”.
  2. Via SIGQUIT signal by pressing “CTRL + D”
  3. Via SIGTSTP signal by pressing “CTRL + Z”

This may seem like a silly problem to have – not being able to exit from an application – but, after looking it up on StackOverflow (yes that same evil StackOverflow which sucks, by the way), it seems like many people have found themselves trapped in this situation, and many have resorted to search for help online.

Correct pronunciation of “Kristaps Porziņģis”

Posted under Entertainment, Sports

Kristaps Porziņģis had a sensational start of his rookie season in the NBA. From unknown foreigner, boo-ed at the NBA draft, to media and fan favorite, often compared to all time greats like Pau Gasol or Dirk Nowitzki.

American TV commentators and sports journalists have developed their own way of pronouncing Porziņģis name, and, like you would expect, their way is far from the correct, Latvian way.

There is no “zing” or “zingy” in Porziņģis. It is more complicated, and perhaps too much to ask for the average American tongue.

Perhaps this video will serve as reference for those who really wish to learn the correct pronunciation.

Mairis Briedis shuts down Kadyrovist party in Grozny, Chechnya.

Posted under Entertainment, Politics

Latvian cruiserweight Mairis Briedis knocked out Syrian/German heavyweight boxer Manuel Charr in front of his biggest fan – the “president” of Chechenya Ramzan Kadyrov.

It was a beautiful one punch knockout that left the arena in dead silence. The Kadyrovist party was over. The “evil, fascist, neo-nazi” Latvian had knocked out the “noble Syrian warrior” with a decisive, crisp right hand uppercut.

Lexicon Lambda quick teardown

Posted under Technology

Let’s look at what’s inside the Lexicon Lambda USB sound card and MIDI interface.

What’s inside a Wi-Fi router – Netgear WGR614 quick teardown

Posted under Technology

This cute little wireless router was said to be malfunctioning. 6 screws latter I found out a possible cause – blown capacitor.

I do not intend to replace the capacitor, I am more interested in the antenna, which I will attempt to couple with an old Wi-Fi PCI card, for use in a media PC.