The Lockdown - Practical Privacy & Security

In this week’s FRIDAY FIELD NOTES, Ray Heffer discusses the Zero Trust security model, a framework that's revolutionizing how organizations protect their critical systems and data. Diving into the depths of cybersecurity, we clear up common myths and misinterpretations surrounding Zero Trust, illuminating its role as not just a defensive strategy but a comprehensive approach to modern threats.Zero Trust operates on the principle of "never trust, always verify," but what does this mean in practice? Zero Trust doesn't just look outward; it recognizes that threats also come from the inside. By assuming that a breach is not just possible, but has already happened, Zero Trust strategies are uniquely positioned to mitigate damage by insiders, whether malicious or accidental.Follow on Twitter (X): @privacypodSupport the show: https://www.patreon.com/TheLockdownThis episode was recorded on November 09, 2023This week's episode:Introduction and Brill is living in a Faraday cageHow we got to Zero Trust by understadning the Cyber Kill ChainThe Principals of Zero TrustRecommended Zero Trust FrameworksNIST Zero Trust Architecture (SP 800-207): https://csrc.nist.gov/pubs/sp/800/207/finalCISA Zero Trust Maturity Model: https://www.cisa.gov/zero-trust-maturity-modelCyber Kill Chain: https://www.lockheedmartin.com/en-us/capabilities/cyber/cyber-kill-chain.htmlIntro music: The Lockdown"Security is always seen as too much until the day it is not enough." — William H. Webster

Welcome to episode four of The Lockdown - The Practical Privacy and Security podcast.Follow on Twitter (X): @privacypodSupport the show: https://www.patreon.com/TheLockdownThis episode was recorded on November 06, 2023This week's episode:1. I'm back!2. Traveling to London and Los Angeles3. A major privacy invasion for Jennifer Lawrence4. The Psychology of social engineeringIntro music: The Lockdown"To be yourself in a world that is constantly trying to make you something else is the greatest accomplishment." - Ralph Waldo Emerson

Zachary McCoy, known for his involvement in a pivotal legal case on privacy rights, shares his insights on the ethics of geofence warrants and their impact on individual freedoms. He discusses his transition from the Apple ecosystem to GrapheneOS, highlighting its standout privacy features for families. The conversation dives into the challenges of digital surveillance, the importance of protecting personal data, and practical strategies for maintaining secure communication in today’s tech landscape.

Welcome to episode two of The Lockdown - Practical Privacy and Security podcast. In this episode I share the saga of the LastPass breach, and my thoughts on password managers and authenticator apps. Follow on Twitter (X): @privacypodSupport the show: https://www.patreon.com/TheLockdownThis episode was recorded on March 19, 2023This week's episode:1. The LastPass Breach2. Password Managers: Dashlane, 1Password, BitWarden, and KeePassXC3. Authenticator Apps: Google Authenticator, Aegis, and Authy.Recommended Password Managers:1. https://keepassxc.org (Desktop)2. https://www.keepassdx.com (Android only)3. https://strongboxsafe.com (iOS only)4. https://bitwarden.com (Top recommendation for cloud hosted)5. https://1password.com (Ease of use, and great option for cloud hosted)6. https://www.dashlane.com (Expensive, no desktop app)Recommended Authenticator Apps:1. https://authy.com2. https://getaegis.app (Android only)Get Yubikey: https://www.yubico.comIntro music: The Lockdown"In the long run, we will have to rebuild the universe of the online world to have security first and ease of use second." - Moxie Marlinspike

Follow on Twitter (X): @privacypodSupport the show: https://www.patreon.com/TheLockdownThis episode was recorded on March 10, 2023Show Links:Stalkerware: https://www.theregister.com/2023/02/07/stalkerware_developer_fined/IntelTechniques (List of People Search Sites): https://inteltechniques.com/workbook.htmlThis week's privacy tips:1. Privacy check-up / opt-out from people search sites2. Establish a Revocable Living Trust. Be sure to hire an estate planning attorney.3. Custom domains with Namecheap and add privacy.4. Setup a private mailbox with UPS.5. Use Privacy.com for virtual payment cards.6. MySudo virtual phone numbers. Stop being tracked, and avoid SIM swap attacks!7. Use SimpleMobile or Mint for a pre-paid cellphone option.Not Sponsors:https://www.privacy.com/https://mysudo.com/https://www.namecheap.com/Intro music: The Lockdown“Who controls the past controls the future. Who controls the present controls the past.” - 1984 by George Orwell