Firewalls Don't Stop Dragons Podcast

Our mobile phones today are chock full of private information and are constantly tattling about our whereabouts and activities. Most phones today have GPS, WiFi, Bluetooth, motion detectors, magnetic field detectors, microphones, cameras, and of course cellular radios. Some even have facial recognition built right in. With all this personal data and telemetry information, is it even possible to prevent tracking and information leakage? Today we discuss these topics and more with Daniel Davis from DuckDuckGo – a company dedicated to protecting your privacy. He and I discuss DuckDuckGo’s new privacy-focused smartphone app, along with other tips and techniques to guard your privacy on your mobile devices. Daniel Davis is a Community Manager at DuckDuckGo, the Internet privacy company helping you take control of your personal information online. DuckDuckGo has its roots as the search engine that doesn’t track you, and has expanded to protect you no matter where the Internet takes you. For Further Insight: Website: https://duckduckgo.com Twitter URL: https://twitter.com/duckduckgo LinkedIn URL: https://www.linkedin.com/company/duck-duck-go DuckDuckGo Privacy Essentials: https://duckduckgo.com/app Help me to help you! Visit: https://patreon.com/FirewallsDontStopDragons

The gift-giving season is once again upon us! “Smart” devices make great presents, but you want to make sure that you’re not also giving a gift to the hackers out there! In this special, annual holiday episode, I’ll tell you about some of the best and the worst holiday gifts and accessories, from a security and privacy viewpoint. Thinking about giving someone a DNA analysis kit? You might want to think twice! Which computers and smart devices are the most secure? And are there products I can buy to help make them more secure? You bet! I have all the angles covered for you in this week’s show! See also my blog article: The Best & Worst Gifts for 2018

Just because the caller ID says it’s the IRS or the Social Security Administration, don’t believe it. It’s almost surely a scammer trying to get your money or information. Government agencies don’t call people to confirm information in their records about you or with threats if you don’t pay up. And the caller ID information you see often has no relation whatsoever to who is actually calling or where they’re calling from. In today’s episode, I’ll tell you how to handle these scammer calls. I’ll also tell you about a massive, nationwide database of biometrics that was just created, how Consumer Reports and Mozilla are helping you to make smart security and privacy decisions on new products, and how a PhD from MIT is on a mission to fix our horrendously insecure voting systems.

Your physical world is governed by many laws and regulations that protect your freedom and privacy. Why should the digital world be any different? Todd Weaver, CEO and Found of Purism, explains how Big Tech managed to write the rules for the digital world and why those rules are at odds with your freedom, security and privacy. But it doesn’t have to be this way. As citizens, we can force those representing us to protect our digital civil rights. As consumers, we have options for computers and smartphones you can buy right now that will assert your digital civil rights. Serial entrepreneur and successful businessman, Todd has been recognized for his visionary strategy, technical leadership, and relentless drive, with more than 20 years of entrepreneurial experience, using, installing, and promoting Free Software. Todd has consistently predicted market directions and executed disruptive technologies in a wide range of industries, including in-store entertainment, collaborative financial solutions, and starting the first online cable company. Todd has a deep understanding of the hardware manufacturing process, and an unwavering belief for users to retain their essential freedoms via free software, making Purism (the marriage of high quality hardware and free software), his most ambitious, disruptive, and exciting venture yet. For Further Insight: The Future of Computing and Why You Should Care: https://www.youtube.com/watch?v=nFwBh9QZTwg Purism products: https://puri.sm/products/ Website: https://puri.sm Twitter URL: https://twitter.com/Puri_sm

We all know how marketers are tracking our every move on the world wide web. But now they’re starting to track you in the real world, too. Security cameras exist everywhere, but companies have now decided to add facial recognition software to those systems in order to track where you go, what you look at, who you’re with and how effective their ads are. I’ll also tell you why the Firefox browser is taking bold new steps to protect your web browsing privacy and how Apple’s CEO Tim Cook believes tech companies must take steps to safeguard their customer’s data. For Further Insight: Tim Cook’s speech on privacy: https://www.youtube.com/watch?v=kVhOLkIs20A Help me to help you! Visit: https://patreon.com/FirewallsDontStopDragons

The reports of net neutrality’s death have been greatly exaggerated. We still have time for Congress to reinstate the federal rules that were struck down by the FCC. In the meantime, states like California are taking matters into their own hands, passing landmark state-level legislation to preserve a level playing field on the Internet. Ernesto Falcon from the Electronic Frontier Foundation (EFF) explains why Net Neutrality is not dead and how states are stepping in to try to fill the gap. Prior to joining EFF, Ernesto worked as a legislative staffer for two Members of Congress (2004-2010). He then became Vice President of Government Affairs at Public Knowledge where he advocated on behalf of consumers on copyright issues and broadband competition. During his tenure, Public Knowledge was successful in achieving one of the largest consumer victories in telecom policy by defeating AT&T’s merger with T-Mobile. The following year, PK and EFF scored a major victory for consumers by rallying the Internet community to defeat the Stop Online Piracy Act (SOPA). After eight years in Washington DC, he returned to his home state of California to go to law school at McGeorge School of Law in order to strengthen his digital rights advocacy. Now, as an attorney, he is excited to rejoin the fight for consumers and Internet freedom. For Further Insight: Website: https://eff.org/ Follow on Twitter: https://twitter.com/EFFFalcon LinkedIn: https://www.linkedin.com/in/ernestofalcon/ 

Bloomberg claims that Chinese manufacturers have implanted tiny spy chips into many of our computer systems. Apple, Amazon and others strenuously deny this. Who’s telling the truth? In today’s show, I’ll cover both sides of this story, discuss the various ways in which our global manufacturing and supply chain systems could be compromised, and delve into the several deeper considerations for these sorts of stories. In other news, Facebook has lowered its estimate of the number of users affected by the recent breach to a mere 29 million, Google has shuttered its flagging Google+ service after news of a breach leaked last week, I give you the highlights of my 320-page LexisNexis dossier, and finally I give you several tips for patching holes in your defenses in honor of National Cybersecurity Awareness Month. For Further Insight: Deleting your Google+ account: https://www.cnet.com/how-to/how-to-delete-your-google-account-data-breach/ Supply chain security 101: https://krebsonsecurity.com/2018/10/supply-chain-security-101-an-experts-view/ Make sure you’re registered to vote! https://votesaveamerica.com/verify Help me to help you! Visit: https://patreon.com/FirewallsDontStopDragons

Ransomware, the malware that locks up your data and hold it for ransom, has been growing by leaps and bounds in the past few years, WHY? Because it works. Hackers trick you into installing the malware which encrypts your most precious files and demands that you pay Bitcoin to get the key that unlocks them. It’s like a burglar broke into your house and put all your valuables in a safe in your living room, demanding payment for the combination. Allan Liska explains why ransomware has become a favorite tool of both hackers and nation states, how to protect your computers, and even what you can do if you are unfortunate enough to be infected. Allan Liska is an intelligence analyst at Recorded Future. Allan has more than 15 years’ experience in information security and has worked as both a blue teamer and a red teamer for the intelligence community and the private sector. Allan has helped countless organizations improve their security posture using more effective and integrated intelligence. Allan is also one of the organizers of BSides Bordeaux and has presented at security conferences around the world on a variety of topics. He is the author of The Practice of Network Security, Building an Intelligence-Led Security Program, and Securing NTP: A Quickstart Guide and the co-author of DNS Security: Defending the Domain Name System and Ransomware: Defending Against Digital Extortion. For Further Insight: Ransomwhere (Ransomware protection for Mac): https://objective-see.com/products/ransomwhere.html No More Ransom (if you get infected): https://www.nomoreransom.org/ Website: www.bsidesbdx.org Twitter: https://twitter.com/uuallan LinkedIn: https://www.linkedin.com/in/allan2/

Between 50 and 90 million Facebook users’ accounts were exposed, appearing to give hackers full access as if they were logged in as you. Facebook has fixed the bug, but it’s not yet clear whose accounts may have been compromised. In other news, researchers have determined that Facebook is using your security contact information and information shared by others you know to target you with ads. In other privacy news, Google’s Chrome browser version 69 will automatically log you into the browser if you log in to any of Google many services – without warning or consent. While Google claims that none of your history or data is uploaded, the quiet change appears to violate their own privacy policies and has rankled many privacy advocates (including yours truly). For Further Insight: Why I’m Done With Chrome: https://blog.cryptographyengineering.com/2018/09/23/why-im-leaving-chrome/ Help me to help you! Visit: https://patreon.com/FirewallsDontStopDragons

One of the best ways to avoid identity fraud is to freeze your credit reports. Thanks to a new law that just went into effect, freezing and unfreezing your credit is now completely free! Freezing your credit will prevent fraudsters from opening new loans and credit cards in your name, sticking you with the bill. When you actually need to open new credit, you can temporarily thaw your account (also free). I’ll tell you how. In other news, hackers have found flaws in two different government online payment systems, researchers have identified popular iPhone and Mac apps that are stealing your personal information, and Google has struct a secret deal with at least one major credit card company to get access to your real life purchase information. For Further Insight: Secret data sharing deal between Google and MasterCard: https://www.bloomberg.com/news/articles/2018-08-30/google-and-mastercard-cut-a-secret-ad-deal-to-track-retail-sales iPhone apps stealing location data: https://www.macrumors.com/2018/09/07/iphone-apps-location-data-monetization/ Freeze your credit: https://krebsonsecurity.com/2018/09/credit-freezes-are-free-let-the-ice-age-begin/ Help me to help you! Visit: https://patreon.com/FirewallsDontStopDragons