Firewalls Don't Stop Dragons Podcast

Your privacy and 4th amendments rights were dealt another blow last week, while no one was really looking. Congress opened the door to more warrantless surveillance by tacking on a little-known, unvetted bill to the monster spending legislation passed last week. This bill, benignly titled the Clarifying Overseas Use of Data (“CLOUD”) Act, removes the need for foreign countries to obtain a search warrant before demanding data from US companies. This bill was never debated. It wasn’t reviewed or marked up by a single committee. There were no hearings. But it is now law. David Ruiz, from the Electronic Frontier Foundation, helps us to understand the stark implications of this new law and together we explore how it can be used to completely circumvent your 4th Amendment rights. David Ruiz is a writer covering NSA surveillance and federal surveillance policy for Electronic Frontier Foundation, a digital rights non-profit. As 2017 closes, he is deeply involved in covering the multiple bills before Congress that seek to reform or reauthorize Section 702 of the FISA Amendments Act, a law that is currently one of the U.S. government's most powerful surveillance tools. Previously, David worked as a journalist covering legal affairs for some of Silicon Valley's largest companies, including Google, Facebook, Twitter and Uber. He has also had his work featured in KQED, The East Bay Express, SFGate.com, The Sacramento Bee and KZSU Stanford 90.1 FM. Beyond writing, David also hosts a personal podcast called Death Knell, which explores the grieving process after death. For Further Insight: Website: davidalruiz.com Follow on Twitter: https://twitter.com/davidalruiz Little Brother by Cory Doctorow Donate to the Electronic Frontier Foundation Help me to help you! Visit: https://patreon.com/FirewallsDontStopDragons

Have you ever really stopped to consider the sheer amount of data Facebook has on you? How long have you had your Facebook account? How many pictures have you posted and tagged? How many relationships have you had? Facebook has all that data, and much more - all your posts, your messages, your status changes, your likes, your comments, your profile (every version), your photos and videos… Facebook knows all. Do you have the Facebook app on your smartphone? Then it probably also has all of your phone contacts, ever. What many people don’t know is that you can actually download your entire Facebook dossier, and it’ll blow your mind. I’ll tell you how. In other news, Intel has fixes coming soon for its chips while AMD chips have several newly discovered vulnerabilities. Alexa has been laughing at some of you, Apple has a nice web page to help you control what your kids can access, PayPal shares your data with over 600 companies, and the Geek Squad has been snooping around on your computers for the FBI. For Further Insight: Apple’s Families page: https://www.apple.com/families/ Download your Facebook data: https://www.facebook.com/help/302796099745838 Download your Google data: https://support.google.com/accounts/answer/3024190?hl=en Download your Twitter data: https://help.twitter.com/en/managing-your-account/how-to-download-your-twitter-archive Help me to help you! Visit: https://patreon.com/FirewallsDontStopDragons

If a vote falls in a ballot box, but there’s no one there to see it - does it count? Marian Schneider, President of Verified Voting, explains why so many of our national voting systems have absolutely no way of being audited. Digital technology has been a wonderful boon for this world, but when it comes to something as fundamental to democracy as casting a vote, you simply must have a physical record that you can verify by hand if necessary. It may already be too late for the 2018 midterm elections, but we simply must have this fixed for 2020. We’ll tell you how you can get involved and make a real difference. This is a non-partisan issue that affects us all. As the President of Verified Voting, Marian Schneider brings a strong grounding in the legal and constitutional elements governing voting rights and elections, as well as experience in election administration at the state level. Immediately before becoming President of Verified Voting, Marian served as Special Advisor and Deputy Secretary for Elections and Administration, to Pennsylvania Gov. Tom Wolf. Marian received her J.D. from The George Washington University, where she was a member of the Law Review, and earned her B.A. degree cum laude from the University of Pennsylvania. For Further Insight: Website: www.verifiedvoting.org Follow on Twitter: https://twitter.com/VerifiedVoting Facebook: https://www.facebook.com/VerifiedVoting/

Facebook has wants your face. Guess we should have seen that coming. While Facebook has been using face recognition for years now, it began notifying users in December of much broader use of this technology. Of course, they will tell you that you are the prime beneficiary, but by accepting this new feature you may be enabling Facebook to do much more. Tune in and I’ll tell you all about it, including how to turn it off! We’ll also discuss how Apple is taking heat for moving some of its iCloud customers’ encryption keys to China, some great new privacy features coming soon to both Firefox and Android, and how you can see all your snail mail online (and maybe others can, too). For Further Insight:  How to turn off FB facial recognition: https://mashable.com/2018/02/28/how-to-turn-off-facebook-face-recognition/ Help me to help you! Visit: https://patreon.com/FirewallsDontStopDragons

Should you cover your webcam? Is anti-virus software worth the money? How do you know if you’ve been hacked? How do you know what software you can trust? We’ll cover all of these topics and more with Patrick Wardle, a computer security expert and ex-NSA hacker. While Patrick’s focus is Mac security, we also discuss PCs and mobile devices, and much more! Patrick Wardle is the Chief Research Officer at Digita Security and founder of Objective-See. Having worked at NASA and the NSA, and as well as presented at countless security conferences, he is intimately familiar with aliens, spies, and talking nerdy. Patrick is passionate about all things related to macOS security and thus spends his days finding Apple 0days, analyzing macOS malware and writing free open-source security tools to protect Mac users. For Further Insight: Website: https://objective-see.com/ Twitter URL: https://twitter.com/patrickwardle Optional guest headshot: https://2016.zeronights.org/wp-content/uploads/2016/09/Patrick_Wardle.jpeg Support Patrick! https://www.patreon.com/objective_see Help me to help you! Visit: https://patreon.com/FirewallsDontStopDragons

You know the best way to limit what malware can do on your system? Limit what YOU can do! Software on computers generally inherits the privileges of the current user. The problem is that the default account that comes with all computers has full administrator privileges - you can do anything. And whatever you can do, malware can also do. The solution is to always have a non-admin account that you use for day-to-day activities, reserving your admin account for very special tasks. According to experts, using a non-admin account could have mitigated 80% of critical Microsoft bugs in 2017. I’ll also talk about Chrome’s new “ad filter” that falls well short, a bug on Apple devices that will allow a single character to crash your messaging apps, a new “turducken” Microsoft vulnerability, a nasty Skype bug that Microsoft claims takes “too much effort to fix”, and a new Facebook app feature called “protect” that should really be called “spy”. For Further Insight: How to set up non-admin accounts: http://firewallsdontstopdragons.com/use-non-admin-account/ Help me to help you! Visit: https://patreon.com/FirewallsDontStopDragons

Do you know where your software’s been? If you’re downloading your apps and driver software from third parties, you may be getting more than you bargained for. Software download sites may be attaching unwanted extras to your installers in order to make money. And bad guys are also hacking these sites to trick you into downloading malware. I’ll tell you how to ensure your software is pristine. In other news, Equifax admits that it lost even more sensitive information in the massive hack that affected over 145 million customers last year. Some key Apple source code in revealed that may help hackers attack your iPhone. And Lenovo announces critical bugs in the WiFi software on many of its ThinkPad laptops.

Our mobile phones today are chock full of private information and are constantly tattling about our whereabouts and activities. Most phones today have GPS, WiFi, Bluetooth, motion detectors, magnetic field detectors, microphones, cameras, and of course cellular radios. Some even have facial recognition built right in. With all this personal data and telemetry information, is it even possible to prevent tracking and information leakage? CLICK FOR FULL TRANSCRIPT OF INTERVIEW Today we discuss these topics and more with Daniel Davis from DuckDuckGo - a company dedicated to protecting your privacy. He and I discuss DuckDuckGo’s new privacy-focused smartphone app, along with other tips and techniques to guard your privacy on your mobile devices. Daniel Davis is a Community Manager at DuckDuckGo, the Internet privacy company helping you take control of your personal information online. DuckDuckGo has its roots as the search engine that doesn't track you, and has expanded to protect you no matter where the Internet takes you. CLICK FOR FULL TRANSCRIPT OF INTERVIEW For Further Insight: Website: https://duckduckgo.com Twitter URL: https://twitter.com/duckduckgo LinkedIn URL: https://www.linkedin.com/company/duck-duck-go New DuckDuckGo mobile app: https://duckduckgo.com/app DuckDuckGo privacy guides: https://spreadprivacy.com/tag/device-privacy-tips/ Help me to help you! Visit: https://patreon.com/FirewallsDontStopDragons

It's that time of year again: tax time. And that means it's also high season for identity thieves and scammers. Millions of people are affected by fake tax return filings every year. Phone and email scams lure unsuspecting victims to give away their money or identity. In today’s episode, I’ll tell you how to protect yourself. In this week’s news, we’ll talk about why California won’t let you cover your license plate while parked, discuss yet another Adobe Flash bug, and explain how fitness trackers may be revealing covert military sites around the world. For Further Insight:  Full blog article on tax return fraud: https://firewallsdontstopdragons.com/preventing-tax-return-fraud/ Think someone filed a fraudulent tax return in your name? Check this article: https://krebsonsecurity.com/2018/01/file-your-taxes-before-scammers-do-it-for-you/ Set up your MySSA account, even if you’re years away from retirement: https://www.ssa.gov/myaccount/ Help me to help you! Visit: https://patreon.com/FirewallsDontStopDragons

Data Privacy Day is upon us, and today is the day you take back your online privacy. And I’m going to help you do it. There’s no more standing on the sidelines and hoping someone else will fix this for you. You need to get off your butt and do something - and today is the day to do it. Corporations have sold loads of compelling and powerful “free” tools and services. But if the product is free, then you are the product. Making us watch ads was all well and good, until those ads started watching us back. They’ve gone too far and now we are duty-bound to push back. Privacy is a human right and our privacy has never been more in jeopardy that right now. Now is the time to assert your rights and make your voices heard. For Further Insight: http://firewallsdontstopdragons.com/data-privacy-day-checklist/ Help me to help you! Visit: https://patreon.com/FirewallsDontStopDragons