Be honest: How many times this year have you skipped or scrolled past a much-needed update? Maybe you just wanted to log into Twitter, er, X without setting up multifactor authentication. Putting off these minor inconveniences adds up, and it could lead to an insecure tech setup just waiting to be exploited by an attacker.

So, now you're probably spending a few days sleeping in your childhood bed, and wondering when Uncle Dave will stop talking to you about buying gold stocks. There's never been a better time to take care of the less-than-riveting admin work of locking down your digital life. Here's a quick holiday checklist you and your loved ones (including Dave) can spend an hour doing during your holiday downtime to set up for a more secure year.

Update all your apps and devices

For the most current patches and options, you’ll need to start this security check up by updating all your devices and apps. The companies behind the tech have already done a lot of the work to keep you safe, but it’s your job to make sure that you’re taking full advantage of those updates. I’d recommend starting with operating system updates then apps second because there’s usually some new features reliant on the latest OS within other software. While you’re there, set up automatic updates so that you don’t have to worry about doing this manually in the future.

REUTERS / Reuters

Sign up for or update your password manager

Strong passwords are your first line of defense to keep your accounts safe, but they’re almost impossible to memorize and keep track of. Download a password manager to store this information for you, so that your passwords can be unguessable gibberish that you’ll actually use. Long term, it’s important to change these passwords every 90 days or so, and never to repeat across accounts. A password manager will help remind you of that, and even generate new password ideas for you. Unique and regularly-changing passwords help prevent attacks like credential stuffing, as we’ve seen make headlines in the recent 23andMe data breach.

Make sure you’re using MFA or, ideally, passkeys

Strong passwords are important, but it's well-known that they aren’t enough to keep unauthorized actors out of your account. Most people are familiar with using a text message code to grant access to an account. If you’re taking time out of your day to set this up, however, I would recommend using a third-party authenticator app or a hardware key for more secure options. Or, for companies that have switched to allowing passkeys at login, that’s usually your best bet.

This will be one of the more tedious parts of the checklist, so if you can’t sit down and knock out your major logins now, at least push yourself to make these changes each time you log into a website over the next couple of weeks. Being stuck with family for the holiday might not be your preferred opportunity to make this change, but there's sure to be an upcoming major snowstorm or bout seasonal depression just screaming to be harnessed for your technological well-being.

Consider a VPN, or at least a more secure browser

A strong VPN will keep your web browsing private. Whether it’s free or paid for, defaulting to using a VPN adds an extra layer of security to the work you’re doing online. Most have options to use it across different devices, or to run automatically on startup so that you can set it up once and forget about it. I would also recommend switching over to a secure browser like Tor that runs on a privacy-first platform for more sensitive online matters. Of course there’s a catch: VPNs and Tor can both slow down your browsing, or break certain website features. Updates to the services have helped over time, but even if you use it for just a portion of web browsing, some protection is better than none.

RapidEye via Getty Images

Get up to date on the latest hacks and attack vectors

Keeping up with security news will help you determine what accounts need special attention versus where you can go on autopilot. Once you know whether a breach may have occurred or a password has been leaked, you can quickly make changes to accommodate. Websites already exist to see if you’ve been in a data breach, and most companies have an obligation to tell you if they’ve been impacted. When you also stay up to date on the latest scams and attacks, you know what red flags to look out for in your own inbox to stay proactive.

Tell brokers to stop selling your data

It’s surprisingly easy to stop companies from trading your privacy for cash. On top of getting in the habit of not sharing your cookies or granting location data, you can opt out of working with the top three major data brokers. Axiom, Oracle and Epsilon all have slightly different variations of the same form to fill out so that information like your home address and relatives’ names aren’t being sold for profit. This is a good start to getting your online privacy back, however, it can be more of a headache than just one opt out form.

You have to do this frequently to make sure your information hasn’t been readded to any of the broker sites, and if your information has already been sold to marketing companies, it’s too late to undo it. There are subscription service sites that can help track and continuously delete whatever information pops up for you, but starting with just Axiom, Oracle and Epsilon will still be a free, worthwhile step toward more privacy.

Samsung

Back up everything

Get an external hard drive or connect to the cloud and keep all of your data backed up. Do this regularly, so that even if your device quits or gets ransomed by an attacker, you aren't completely screwed. I’d recommend opting for something that can be set up automatically, so that you don’t have to keep constant track of it. That could look like spending the 99 cents per month on extra iCloud storage (or Google Drive or another in-house cloud tool) so that your phone gets backed up each night while you’re asleep. Windows and Mac also both do auto updates to an external drive on desktop, so you can set it and forget it.

Alternatively, you could install backup software onto a device so that it’s taken care of by a third party, but that may be less intuitive to set up. Just don’t forget to clean up your data storage every once in a while, too, so that you’re not holding onto useless screenshots or pictures of your ex from years ago that are taking up valuable space.

Make a plan to check in on your security settings more frequently

It’s overwhelming to play catch up. Going through a list like this can seem intimidating if you haven’t worried about it before. If you set up automatic updates and backups, it’ll take some of those repeat tasks off your plate. But since you’ll already, hopefully, be setting new passwords once a quarter, you can do a quick check up on your other security measures too. See if you’ve been a victim of a breach or identity theft, keep telling data brokers to get their hands off your information and find out if new VPNs or other software has been released that could make your security setup more seamless. Making it a part of the routine is much easier than annual sprees, and can help you catch a cybersecurity problem before it becomes unmanageable.

Google’s NotebookLM, a note-taking app that’s infused with a large language model, is now available to everyone in the US. The company built NotebookLM to only pull information from a custom dataset. So you might use it, for instance, to help write a paper based on a specific set of PDFs and only rely on details from those documents.

The idea is that, by sticking to a custom dataset, the information NotebookLM handles will always be relevant to your specific needs as opposed to a more general chatbot that might draw from the entirety of the public internet. Google debuted NotebookLM as Project Tailwind at I/O this year before rebranding it and it says the tech is based on its Gemini Pro model. 

Google also notes that personal data isn't used to train NotebookLM, so any sensitive or private details in your sources will remain hidden. That is, unless you share the sources with collaborators.

Along with making NotebookLM more broadly available (Google has been granting access based on a waitlist over the last five months), Google has announced a string of new features for the software. It plans to roll these out over the next few weeks with the aim of easing the transition between reading, taking notes and writing.

Among other things, the chatbot can format your notes into a newsletter, script outline or a marketing plan draft and export everything to Google Docs with one click. You'll be able to pin notes to a Noteboard space above the chat box, save and pin responses from the chatbot as notes and hide the source material if you want to focus on jotting down your thoughts with fewer distractions. You'll soon be able to ask the AI to focus on certain sources (of which you'll be able to have up to 100 in total) or jump to a citation from a chat response or saved note.

NotebookLM will also suggest some actions based on selected text or notes. At the outset, you'll be able to combine notes, summarize several of them or create an outline or study guide.

The universal chat app Beeper just got a lot more, well, universal. The company just unveiled the Beeper Mini app, which makes the bold claim to bring true iMessage support to Android devices. Even bolder? It seems to actually work, according to users who have tried it. This isn’t done in a strange hacky way that could compromise privacy and security, like Nothing’s beleaguered attempt to play nice with iOS devices.

Instead, the code has been reverse-engineered from the ground up, so it’s basically the official iMessage protocol. The texts are even sent to Apple’s servers before moving on to their final destination, just like a real iMessage created by an iPhone. Even weirder? All of this high-tech wizardry was created by a 16-year-old high school student.

Once you open the app, it goes through all of your text message conversations and flags the ones from iMessage users. The system then switches them over to blue bubble conversations via Apple’s official platform. From then on, every time you talk to that person, the bubbles will be bluer than a clear spring day. You also don’t need an Apple ID to login, alleviating many of the security concerns that plagued rival offerings.

Beeper co-founder Eric Migicovsky was contacted by the talented high-schooler and was blown away by the tech. “No one on Earth had done that,” he told The Verge. “No one had put all the pieces together.”

It’s worth reiterating. This platform isn’t hacking the iMessage experience so it works on Android. It is the iMessage experience working on Android, as it's sending actual iMessages. The tech was created by jailbreaking iPhones to get a good look at how the operating system handles iMessages, before recreating the software.

Beeper is being really transparent here, and the company knows it's potentially skating on thin ice with regard to how Apple will respond. Apple has never been especially friendly to those it deems to be infringing on company secrets, but it did just announce forthcoming support for the RCS messaging standard. This will allow for greater interoperability between Android and iOS devices, so maybe it’ll let Beeper Mini slide for now. Being as how the app actually recreates Apple code, however, it likely wouldn’t be difficult to put the kibosh on Beeper from its end.

Migicovsky says Beeper’s iMessage code will be open source to ensure there will be no security or privacy lapses. As for potential legal hurdles, the co-founder says his company is on the right side of the law, noting there’s no actual Apple code in Beeper Mini, just custom-made recreated code. Also, he cites legal precedence in copyright law that has sided with those who reverse engineer code. In any event, Beeper Mini is available, for now, and it's free to download, though it does feature in-app purchases.

The year’s coming to a close, but there’s still plenty of time for more AI news. Microsoft just announced its Copilot AI chatbot is integrating with OpenAI’s latest model, GPT-4 Turbo, and the image generator DALL-E 3, among other upgrades. This should drastically improve the overall functionality of the service, just in time for its one-year anniversary/birthday. Wait, do AI chatbots have birthdays?

First up, there’s OpenAI’s latest and greatest large language model. GPT-4 Turbo integration will allow Copilot users to tackle complex tasks that would cause previous iterations of the software to sputter into madness. The last generation allowed for just 50 pages of text as a data input, while GPT-4 Turbo accepts up to 300 pages. The end result? More meaningful responses to queries. The integration is currently being tested by select users, with wider availability in the next few weeks.

There’s also integration with the newest DALL-E 3 Model. This chatbot generates higher quality images than ever before and, more importantly, with a greater regard for accuracy. In other words, the image should match the prompt more often than not. This tool is already available for Copilot users, and you can check it out here.

There are more features coming to a Copilot near you. The Inline Compose tool now includes a rewrite menu that lets you select a block of text, whereupon the bot rewrites it for you. This should cause absolutely no problems at all in schools (that was sarcasm). This tool is coming to all Edge users in the near future.

Coders are also getting some love, with a new feature set called Code Interpreter. Microsoft is fairly mum on the details here, but say that it will enable users to perform complex tasks like “data analysis, visualization, math” and, of course, garden variety coding. Code Interpreter is currently in beta, with a wide release planned for the near future.

Finally, Bing search is getting an upgrade powered by GPT-4. This should allow for expanded search queries for complex topics, with optimized results. Microsoft wrote a blog post detailing how this upgrade works. In short, it searches for multiple variations of the query at once and automatically files away useless information.

Back in August, TikTok teamed up with Ticketmaster to allow artists to sell tickets to live events directly through the social media app. The service, however, was exclusive to the US, until now. TikTok just announced the partnership with Ticketmaster now extends to more than 20 countries throughout North America and Europe, in addition to Australia and the UK.

The tool only applies to artists officially certified by the platform, though TikTok says that amounts to more than 75,000 entertainers and event providers. The functionality is simple. The artist embeds a link to a relevant Ticketmaster event on a video. Users click a link on the bottom left of the screen and purchase a ticket, but we encourage would-be buyers to keep an eye on those hidden fees.

Music is the primary motivator here, but you can snag tickets for comedy shows and sporting events, among other types of entertainment. TikTok boasts that the program has already supported successful ticketing campaigns for artists like Shania Twain, Burna Boy, The Kooks and many more, going on to say that there has been more than 2.5 billion views of videos that utilize the in-app ticketing feature since launch.

The tool’s available now for those living in newly-eligible countries, like Sweden, Switzerland, Poland and around 17 more. TikTok hasn’t announced future availability for additional locations, but a spokesperson has stated that the company is “very excited to see how the partnership with Ticketmaster will develop over time.”

Snapchat made a similar move last year, partnering with Ticketmaster to match users with nearby live concerts. However, TikTok’s method is more streamlined and should allow for quicker access to tickets.

Microsoft's Seeing AI app is available on Android devices for the first time starting today. You can download it from the Google Play Store. The aim of the free app is to help blind and low-vision folks understand more of the world around them with the assistance of their smartphone's cameras and AI-powered narration. Microsoft says the Android app uses the company's latest advances in generative AI and it has the same features as the iOS version. Given that there are more than 3 billion Android users around the world, the app could help improve the quality of life of many people.

Seeing AI's latest features were built with the help of feedback from users. Microsoft says the app now offers more detailed descriptions of images. By default, Seeing AI will provide a brief summary of what a photo depicts. When a user taps the "more info" icon, the app will generate a far more in-depth description of the image. Move your finger over the screen and the app can tell you about the locations of various objects. Photos can be imported from other apps too.

Another feature Microsoft recently rolled out following feedback from users is the ability to ask questions about a document. After scanning a document, you can ask Seeing AI questions about things such as menu items or the price of an item on a bill. You can also ask it to summarize an article you have scanned. The app provides the user with audio guidance on how to scan a printed page.

Seeing AI offers users many other ways to find out about the world around them by pointing their camera at or taking a photo of something. For instance, the app will read out a short piece of text as soon as the camera picks it up. Seeing AI can scan barcodes and provide product information such as the name and details from packaging when available, which could be particularly useful when it comes to dealing with medication.

In addition, the app can help identify people (and their facial expressions), currency, colors and brightness. It's also able to read handwritten text in some languages.

Seeing AI is landing on Android on the International Day of People with Disabilities. The app is now available in 18 languages: Czech, Danish, Dutch, English, Finnish, French, German, Greek, Hungarian, Italian, Japanese, Korean, Norwegian Bokmal, Polish, Portuguese, Russian, Spanish, Swedish and Turkish. Microsoft plans to expand that number to 36 languages in 2024.

Telegram has released a major update for its iOS and Android apps that includes an array of new and upgraded features. Since last year, Telegram Premium users have been able to get transcriptions of voice and video messages and now the platform is opening up that feature to everyone, albeit on a more limited basis. Free users will be able to convert two messages per week into text. Just hit the →A icon on a voice message and you'll get a text version of the memo. Telegram notes that it's rolling out this feature gradually, so you may not have access to it right away.

Elsewhere, Telegram is looking to improve channel discovery. Whenever you join a channel, you'll see a selection of similar public channels. Telegram is basing these recommendations on similarities in subscriber bases. You'll be able to view these recommendations at any time by going to a channel's profile.

Telegram

You can now include a video comment or reaction with a story. You'll have the ability to resize this video message and move it around the screen. You can add a video message, a feature that takes a page out of the TikTok playbook, by holding down the camera icon in the story editor to capture a selfie clip. You can adjust the volume by holding a finger on the video track at the bottom of the screen.

Reposting someone else's story is now a cinch too. Just tap the share button on a story, then you'll have the option to repost it. Only stories that have their visibility set to public can be reposted. You can add a video comment to reposted stories too.

Elsewhere, Premium users can set up their profiles with unique color combos, everyone can apply custom wallpapers to each individual chat (Premium users can set the same wallpaper for both participants) and channel admins can customize the emoji that appear as reactions. In addition, any Telegram app can now detect a coding language in messages and highlight the syntax with proper formatting.

Content platform Substack just released a spate of new video capabilities, placing it in direct competition with YouTube and Patreon, among others. The video tools include a direct upload option, which is handy, and customizable paywalls for content creators. Before this, users were forced to upload videos to YouTube and embed a link. The upload tool is now readily accessible via the dashboard. It’ll even automatically split the audio and video for podcasters who want to court both audiences. 

As for the paywall options, you now get the same level of flexibility available to non-video users. Content creators can select a slice of the video to give away for free, locking the rest behind a paywall. The free preview segment should transition smoothly into a prompt to become a paying subscriber.

There’s also a new AI tool that generates transcripts from videos, for those who like to, gasp, read. The transcript is automatically created alongside the video upload and users can post it to the main feed. Additionally, viewers can click anywhere on the transcript to jump to that section of the video.

Video sharing has gotten a much-needed upgrade. Viewers can create their own custom clips sourced from any video. This creates a shareable link that includes branded visuals at the end featuring the creator’s logo and URL, so there will be no obvious thievery. Obviously, viewers can quickly share links to the entire clip if they want. Users can even directly download videos for publication on services like TikTok and Instagram. Again, that bumper will be there to give credit to the original creator.

The company wrote in a blog post that these new tools, taken together, make it so “the friction in starting a media business based on video has been reduced to almost zero.” To commemorate the launch, Substack is rolling out a number of exclusive video shows. There’s a food culture program with chef Nancy Silverton, a talk show starring actress Amber Tamblyn and a news program anchored by Chris Cuomo, among many others.

Substack has certainly been busy adding new features. The platform recently unveiled a Twitter-esque feature called Notes and last year launched a chat feature to make it more of a social space.

The Breville Smart Oven Air Fryer Pro has dropped to a record low of $320 as part of a Cyber Monday sale that includes significant discounts on many of the company's appliances. The air fryer is typically available for $400. Breville's products tend to be on the pricier side and they don’t go on sale often. So, if you’re a Breville aficionado or haven’t been able to find an entry point into its wares until now, this looks like a good opportunity to snap up a device or two.

This model is our pick for the best multi-purpose air fryer. Sure, it's a capable air fryer, but it's so much more than that. In a pinch, it can act as a second oven, which could be very useful if family and/or friends are coming to your place for the holidays. The appliance has a number of other functions, such as toasting, broiling, baking, pizza baking, dehydration, slow cooking and proofing.

The Breville Smart Oven Air Fryer Pro is large enough to accommodate a 14-pound turkey or a five-quart Dutch oven. There's enough space for a 9 x 13-inch pan too.

On the downside, the "Smart" part of the product's name is a slight misnomer. You can't control or monitor it it using an app. Instead, Breville says the device employs algorithms to distribute power as needed between six independent quartz elements to foster an ideal cooking environment. It uses sensors and temperature control to detect and eliminate cold spots, with the aim of delivering a precise, even cook.

If you'd prefer a model with app integration and voice assistant compatibility, you can opt for Breville's Joule Oven Air Fryer Pro, which is also on sale. It has dropped to $440. With that model, you can opt to receive push notifications when your food is finished cooking. There's a companion app with guided recipes too.

Your Cyber Monday Shopping Guide: See all of Yahoo’s Cyber Monday coverage, here. Follow Engadget for Cyber Monday tech deals. Learn about Cyber Monday trends on In The Know. Hear from Autoblog’s experts on the best Cyber Monday deals for your car, garage, and home, and find Cyber Monday sales to shop on AOL, handpicked just for you.

Teenage Engineering is a company that follows its own path. It’ll release a $250 toy car one day and a full-featured groovebox/sampler for $300 on the very next day. That’s what happened this week. Teenage Engineering just surprise-launched the EP-133 K.O. II, a portable sampler/groovebox that's feature-rich, looks absolutely stunning and costs just $300. You read that cost right. 

The only musical instruments in TE’s lineup that approach this price point is its catalog of Pocket Operator portable synthesizers, so it’s no surprise that this is a direct followup to the best one, the PO-33 KO sampler. The original Pocket Operators were marketed as something of a toy, despite being surprisingly robust, but the EP-133 K.O. II is being advertised as a workstation. This is a fairly large, but still portable, device that more closely resembles an Akai standalone machine. It won’t fit in your pocket, but will fit in your bag.

Let’s go over some specs. The K.O. II boasts 64MB of memory, which isn’t a lot, but TE products typically come with some tradeoff. It’ll be enough for a bunch of samples and a few projects, though, which the company says was intentional. Teenage Engineering co-founder and hardware lead David Eriksson told The Verge that if the sampler had too much storage it would “give the user the option to finish later” instead of completing a song in one-go. Will nobody think of the poor musicians out there who love starting things and hate finishing things? Asking for a friend.

Teenage Engineering

There are 999 slots for samples, as a matter of fact, and an internal microphone for making your own. Though this is, first and foremost, a sampler, it ships pre-filled with drum hits, synths and other sounds so you can get straight to work. It connects via USB-C for loading samples from a computer or MIDI devices. The K.O. II is also portable, running off of four AAA batteries. In other words, there’s no internal rechargeable battery, but that $300 price tag had to come about somehow.

The unit features a traditional 3.5mm headphone jack and the most important buttons and knobs are orange, to help musicians find them during live sets in dark, smoky clubs. That’s a nice touch. The device itself is gorgeous, with a handsome panel of buttons, knobs and connectors. The keys are clicky and, more importantly, velocity sensitive. There’s a rectangular LED screen up top that boasts similar design language to the OP-1 and OP-1 Field portable synthesizers.

Teenage Engineering hopes this product will attract newbies to the world of music-making, so the workflow is designed for simplicity, a trait shared with its forebear. Despite that caveat, this is a powerful instrument that should lure in professionals and amateurs alike. It features 12 mono and 6 stereo voice polyphony, stereo/mono sampling at 46.875 kHz/16-bit, 12 pressure-sensitive pads, 6 built-in FX sends with a punch-in mode, a master compressor and both manual and automatic sample slicing tools. It also looks really cool, like an accounting calculator from the future.

The EP-133 K.O. II is available today and, again, costs $300. The day before Thanksgiving is an odd time to release a new piece of hardware, but Teenage Engineering is based in Sweden, so what does it care? It’s worth noting that this is the first dedicated music-making machine the company has released since last year's OP-1 Field.