Firewalls Don't Stop Dragons Podcast

Just because you're not paranoid doesn't mean they're not following you. A new study finds that Android phones tattle on you up to 340 times a day.

It's that time of year again - time to make your New Years Resolutions! You know all those really important things I've been telling you to do, but you haven't done? Well, I'm listing out the top ones on today's show - and challenging each of you to check them off this year! There's also a lot of news to catch you up on: why the green padlock symbol doesn't mean what you think it does, an update on the SuperMicro computer spy chips, fitness apps stealing $120 from its users, scammers calling seniors pretending to be grandkids, US border agents not taking care of your private data, and a stunning NY Times study about all the apps that are tracking your location Further Reading NY Times article on location tracking: https://www.nytimes.com/interactive/2018/12/10/business/location-data-privacy-apps.htmlReview my podcast! https://itunes.apple.com/us/podcast/firewalls-dont-stop-dragons-podcast/id1213366517?mt=2# Worst passwords of 2018: https://www.teamsid.com/100-worst-passwords/

Several US states are trialing programs to replace the venerable plastic driver's license card with a new smartphone app. Unlike the "dumb" physical cards, the app would always be up to date. One study showed that 77% of all US adults have a smartphone. If you're an adult under the age of 30, that percentage jumps to 94%. But as our guest, Chad Marlow, explains this is a solution in search of a problem. It comes with significant risks for both privacy and democracy. Guest Info: Chad Marlow (ACLU) Chad Marlow is a senior advocacy and policy counsel at the ACLU. He principally focuses on privacy, surveillance, and technology issues. His work on issues ranging from net neutrality and police body cameras to government surveillance and consumer privacy has been a frequent subject of national and international media coverage. He is the author of fifteen ACLU model bills. He spearheaded the ACLU’s nationwide #TakeCTRL and Community Control Over Police Surveillance (CCOPS) campaigns. Twitter: @chadaaronmarlow, @ACLUWebsite: ACLU.org Further Reading Could Plastic Driver’s Licenses Become a Thing of the Past? : https://www.pewtrusts.org/en/research-and-analysis/blogs/stateline/2018/11/20/could-plastic-drivers-licenses-become-a-thing-of-the-pastWhy Privacy Matters (TED Talk): https://www.ted.com/talks/glenn_greenwald_why_privacy_matters

It's bad enough that online ads are watching us, but now billboards and other real world ads are watching us, too. Using video cameras and signals from our smart devices, marketers are tailoring their billboards and digital signage based on our appearance and even our identity. Sean O'Brien from Yale Privacy Lab explains how this is done and the significant privacy implications of this practice. He'll also tell you how you to protect our privacy. Sean O'Brien is a Lecturer in Law at Yale Law School with expertise in cybersecurity, privacy, and mobile device forensics. He is Director of Business Development at Purism SPC, a company dedicated to digital privacy and security and founder of Yale Privacy Lab. Twitter: @YalePrivacyLab Yale Privacy Lab: https://privacylab.yale.edu Citizen FOSS guide: https://github.com/YalePrivacyLab/citizen-foss Original article from Medium: https://medium.com/s/thenewnew/irl-ads-are-taking-scary-inspiration-from-social-media-7088e8241beb

Marriott reports this week that it has exposed up to 500 million Starwood guests’ data going back as far as 2014. Affected hotels include Sheraton, Westin, W Hotels, Starwood timeshares and more, While it’s still not clear how much data may have been stolen, what is clear is that corporations are still not guarding their data properly. In today’s show, I’ll tell you what sort of customer information was vulnerable and what you can do to protect yourself. In other news, Ford’s CEO voices plans to monetize their customers’ data, the USPS has a mail preview service that you’ll want to sign up for before the bad guys do it on your behalf, and if you’ve ever had the creepy feeling that customer support reps can see what you’re typing in chat support before you send it… it’s because they can! More Info: Starwood's breach info page: https://info.starwoodhotels.com How to freeze your credit: https://firewallsdontstopdragons.com/using-credit-freeze-for-self-defense/ Best & Worst gifts for 2018: https://firewallsdontstopdragons.com/best-worst-gifts-2018/

Our mobile phones today are chock full of private information and are constantly tattling about our whereabouts and activities. Most phones today have GPS, WiFi, Bluetooth, motion detectors, magnetic field detectors, microphones, cameras, and of course cellular radios. Some even have facial recognition built right in. With all this personal data and telemetry information, is it even possible to prevent tracking and information leakage? Today we discuss these topics and more with Daniel Davis from DuckDuckGo - a company dedicated to protecting your privacy. He and I discuss DuckDuckGo’s new privacy-focused smartphone app, along with other tips and techniques to guard your privacy on your mobile devices. Daniel Davis is a Community Manager at DuckDuckGo, the Internet privacy company helping you take control of your personal information online. DuckDuckGo has its roots as the search engine that doesn't track you, and has expanded to protect you no matter where the Internet takes you. For Further Insight: Website: https://duckduckgo.com Twitter URL: https://twitter.com/duckduckgo LinkedIn URL: https://www.linkedin.com/company/duck-duck-go DuckDuckGo Privacy Essentials: https://duckduckgo.com/app Help me to help you! Visit: https://patreon.com/FirewallsDontStopDragons

The gift-giving season is once again upon us! “Smart” devices make great presents, but you want to make sure that you’re not also giving a gift to the hackers out there! In this special, annual holiday episode, I’ll tell you about some of the best and the worst holiday gifts and accessories, from a security and privacy viewpoint. Thinking about giving someone a DNA analysis kit? You might want to think twice! Which computers and smart devices are the most secure? And are there products I can buy to help make them more secure? You bet! I have all the angles covered for you in this week’s show! See also my blog article: The Best & Worst Gifts for 2018

Just because the caller ID says it’s the IRS or the Social Security Administration, don’t believe it. It’s almost surely a scammer trying to get your money or information. Government agencies don’t call people to confirm information in their records about you or with threats if you don’t pay up. And the caller ID information you see often has no relation whatsoever to who is actually calling or where they’re calling from. In today’s episode, I’ll tell you how to handle these scammer calls. I’ll also tell you about a massive, nationwide database of biometrics that was just created, how Consumer Reports and Mozilla are helping you to make smart security and privacy decisions on new products, and how a PhD from MIT is on a mission to fix our horrendously insecure voting systems.

Your physical world is governed by many laws and regulations that protect your freedom and privacy. Why should the digital world be any different? Todd Weaver, CEO and Found of Purism, explains how Big Tech managed to write the rules for the digital world and why those rules are at odds with your freedom, security and privacy. But it doesn’t have to be this way. As citizens, we can force those representing us to protect our digital civil rights. As consumers, we have options for computers and smartphones you can buy right now that will assert your digital civil rights. Serial entrepreneur and successful businessman, Todd has been recognized for his visionary strategy, technical leadership, and relentless drive, with more than 20 years of entrepreneurial experience, using, installing, and promoting Free Software. Todd has consistently predicted market directions and executed disruptive technologies in a wide range of industries, including in-store entertainment, collaborative financial solutions, and starting the first online cable company. Todd has a deep understanding of the hardware manufacturing process, and an unwavering belief for users to retain their essential freedoms via free software, making Purism (the marriage of high quality hardware and free software), his most ambitious, disruptive, and exciting venture yet. For Further Insight: The Future of Computing and Why You Should Care: https://www.youtube.com/watch?v=nFwBh9QZTwg Purism products: https://puri.sm/products/ Website: https://puri.sm Twitter URL: https://twitter.com/Puri_sm

We all know how marketers are tracking our every move on the world wide web. But now they’re starting to track you in the real world, too. Security cameras exist everywhere, but companies have now decided to add facial recognition software to those systems in order to track where you go, what you look at, who you’re with and how effective their ads are. I’ll also tell you why the Firefox browser is taking bold new steps to protect your web browsing privacy and how Apple’s CEO Tim Cook believes tech companies must take steps to safeguard their customer’s data. For Further Insight: Tim Cook’s speech on privacy: https://www.youtube.com/watch?v=kVhOLkIs20A Help me to help you! Visit: https://patreon.com/FirewallsDontStopDragons