Firewalls Don't Stop Dragons Podcast

On May 25th, the European Union will begin enforcing the GDPR - a sweeping set of regulations designed to return control of user data back to the users. These rules apply to EU people, not EU companies - so if you have a business or website that deal with folks from the EU, then you need to comply with these rules. Note that even if it’s just a newsletter, you could be on the hook for damages if you didn’t obtain proper consent from your subscribers. Ruth Carter is an Arizona attorney and an authority on intellectual property, business startups, contracts, and internet law. She is an American Bar Association Legal Rebel, a Phoenix Business Journal 40 Under 40, and a Super Lawyers Southwest Rising Star. Ruth also wrote three best-selling books on guerrilla marketing and social media law including The Legal Side of Blogging: How Not to get Sued, Fired, Arrested, or Killed. Ruth is also a professional speaker and has spoken at South by Southwest, Content Marketing World, Intelligent Content Conference, Women in Travel Summit, BlogHer, Dad 2.0 Summit, Ungagged, Phoenix Comicon (now Phoenix Comic Fest), and BlogPaws. She's also been featured in the Wall Street Journal, Entrepreneur, CEO Blog Nation, U.S. News, and on NPR. For Further Insight: Website: GeekLawFirm.com Twitter: https://twitter.com/rbcarter LinkedIn: https://www.linkedin.com/in/ruthcarter Facebook: https://www.facebook.com/carterlawfirmpllc Book: https://www.amazon.com/The-Legal-Side-Blogging-ebook/dp/B009K4U5RU/  Terms of Service; Didn’t Read: https://tosdr.org/  Ruth’s blogs on complying with GDPR: http://carterlawaz.com/category/gdpr/  Help me to help you! Visit: https://patreon.com/FirewallsDontStopDragons

Ever since WhatsApp was acquired by Facebook in 2014 for a staggering $19B, the extremely popular global messaging app has been losing its focus on privacy. WhatsApp co-founder Jan Koum (who grew up in the Soviet Union) has now left Facebook, and with him WhatsApp may have lost its last hope for retaining the user protections Koum carefully put in place. If you even considered leaving Facebook, you should consider leaving WhatsApp. In the news, we’ll talk about a software bug that may leave 350,000 internal defibrillators to hacking, the looming hail-Mary chance to save net neutrality, a new credit bureau you might want to freeze, more computer CPU chip bugs coming, a Twitter password change requirement, new iOS and Firefox privacy features, and getting into your next concert using just your face. For Further Insight:  Everything you need to know about credit freezes: https://krebsonsecurity.com/2018/05/another-credit-freeze-target-nctue-com/  Freezing your credit at NCTUE: 866-349-5355 Save Net Neutrality! https://battleforthenet.com  Try Signal! Get your friends to try it, too!! https://www.signal.org/  Blog article with more info: https://firewallsdontstopdragons.com/ditch-whatsapp-use-signal/  Help me to help you! Visit: https://patreon.com/FirewallsDontStopDragons

Phil Zimmermann fought a multi-year court battle and risked years in jail in order to defend your right to privacy. Phil created an email encryption system called Pretty Good Privacy (PGP) in 1991 that is still the gold standard for private email today. I sat down with Phil to discuss his legacy and why we are truly in the Golden Age of Surveillance, despite claims by law enforcement that all communications are “going dark”. Philip R. Zimmermann is the creator of Pretty Good Privacy, an email encryption software package. Originally designed as a human rights tool, PGP was published for free on the Internet in 1991. This made Zimmermann the target of a three-year criminal investigation, because the government held that US export restrictions for cryptographic software were violated when PGP spread worldwide. Despite the lack of funding, the lack of any paid staff, the lack of a company to stand behind it, and despite government persecution, PGP nonetheless became the most widely used email encryption software in the world. After the government dropped its case in early 1996, Zimmermann founded PGP Inc. That company was acquired by Network Associates Inc (NAI) in 1997. In 2002 PGP was acquired from NAI by a new company called PGP Corporation, where Zimmermann served as special advisor and consultant until its acquisition by Symantec in 2010. Since 2004, his focus has been on secure telephony for the Internet, developing the ZRTP protocol and creating products that use it, including Silent Phone and Zfone. Zimmermann is Co-founder of Silent Circle, a provider of secure communications services. For Further Insight: Website: https://www.philzimmermann.com/

Our electronics and appliance manufacturers are desperately trying to turn all of their “dumb” products into “smart” ones by connecting them to the Internet - the new Internet of Things (IoT). And while dialing down your thermostat from the office and asking your portable speaker for today’s forecast is great, how can you trust that these devices aren’t spying on you or going rogue? In most cases, you can’t - which is why you need to wall them off from your computers Today I’ll tell you how everyone can segregate these insecure devices using the WiFi router you already own. I’ll also tell you about a promising new project from Microsoft that may make future IoT devices much more secure, how Facebook is moving 1.5B users out from under GDPR protections, how services like 23andMe and Ancestry.com can be used to catch serial killers, and why the FBI may be lying about information “going dark”. For Further Insight: How to put your IoT devices on the guest network: http://firewallsdontstopdragons.com/the-s-in-iot-is-for-security/ Help me to help you! Visit: https://patreon.com/FirewallsDontStopDragons

Google truly does know everything. Law enforcement is now turning to the search company to locate potential crime suspects. Google owns Android and Waze, along with several other smartphone apps - many of which have full access to your whereabouts. Police are now asking Google for lists of users who were near crimes when they occurred in hopes of finding suspects.  How does this jibe with our Fourth Amendment rights and what can we do to protect our privacy in the Golden Age of Surveillance? I have an eye-opening conversation with Nathan Freed Wessler of the ACLU on how courts and lawmakers are struggling to deal with demands for data from Google and other sources by law enforcement agencies anxious to make use of the treasure trove of personal information they’re amassing. Nathan Freed Wessler is a staff attorney with the ACLU Speech, Privacy, and Technology Project, where he focuses on litigation and advocacy around surveillance and privacy issues, including government searches of electronic devices, requests for sensitive data held by third parties, and use of surveillance technologies. In 2017, he argued Carpenter v. United States in the U.S. Supreme Court, seeking to establish that the Fourth Amendment requires law enforcement to get a search warrant before requesting cell phone location data from a person’s cellular service provider. For Further Insight: Website: www.aclu.org Follow on Twitter: https://twitter.com/NateWessler Help me to help you! Visit: https://patreon.com/FirewallsDontStopDragons

Chairman Ajit Pai and the FCC voted to gut net neutrality late last year - but the fight is not over. The United States Senate can overturn these rule changes with a simple majority of 51 votes. Right now, we have 50. We need just one more vote. This process has a 60-day deadline, which is April 23rd. We have one week left to reverse these changes and preserve Net Neutrality. If you have a Republican Senator, now is the time to call them and express your support! I’ll discuss the new “multi-breach” of Sears, Kmart, Delta and MyFitnessPal, including what you need to do if you were affected. I’ll talk about Facebook CEO’s Mark Zuckerberg’s testimony in front of Congress and why most of the Congress folks completely missed the point. And while all of that was going on, Facebook was working in the background to severely weaken data collection regulations. For Further Insight: Delta.com breach info: https://www.delta.com/response  Sears/Kmart breach info: https://searsholdings.com/update  Save Net Neutrality - act by April 23! https://www.battleforthenet.com/ Help me to help you! Visit: https://patreon.com/FirewallsDontStopDragons

Would you take your computer in for repair if you knew the technicians would be scanning your hard drive looking for anything suspicious while they had the hood up? It’s something that apparently we all need to be considering now. A recent lawsuit against a California doctor has revealed that the FBI has been paying Best Buy Geek Squad technicians to search for illegal content on the computers that were sent in for repairs. The relationship appears to go back at least 10 years. Today I speak with Aaron Mackey, a staff attorney at the Electronic Frontier Foundation - the organization who discovered this connection through the use of Freedom of Information Act queries. I’ll also briefly update on the latest Facebook scandals and their attempts to address the massive privacy issues. Aaron Mackey joined EFF in 2015 after moving from Washington, D.C. where he worked on speech, privacy, and freedom of information issues at the Reporters Committee for Freedom of the Press and the Institute for Public Representation at Georgetown Law. Aaron graduated from Berkeley Law in 2012, where he worked for EFF while a student in the Samuelson Law, Technology & Public Policy Clinic. Prior to law school, Aaron was a journalist at the Arizona Daily Star in Tucson, Arizona. He received his undergraduate degree in journalism and English from the University of Arizona in 2006, where he met his amazing wife, Ashley. They have two young children. For Further Insight: Website: www.eff.org Twitter URL: https://twitter.com/aaron_d_mackey Help me to help you! Visit: https://patreon.com/FirewallsDontStopDragons - https://www.eff.org/deeplinks/2018/03/geek-squads-relationship-fbi-cozier-we-thought How to delete (or curtail) Facebook: https://firewallsdontstopdragons.com/its-time-to-delete-facebook/

At Facebook, it’s critically important to remember that you are not the customer, you’re the product. None of Facebook’s users pay a dime for its service and yet Facebook makes tens of billions of dollars a year. Facebook makes money off of you and your data. And as we’ve seen in the last two weeks, that business model is ripe for abuse. It’s long since time that we, as consumers, reject the current Internet business model: the collection and sale of phenomenal amounts of highly personal data. In today’s episode, I’ll discuss the Cambridge Analytica scandal and why a Facebook VP believes that growth is good at any cost. I’ll spell out all the reasons why I’m deleting my Facebook account - and why you should strongly consider doing the same. At the very least, you should see what information Facebook has on you, so you can make an informed decision - I’ll tell you how to do that, too. For Further Insight: Help me to help you! Visit: https://patreon.com/FirewallsDontStopDragons Further Reading: https://firewallsdontstopdragons.com/its-time-to-delete-facebook/

Your privacy and 4th amendments rights were dealt another blow last week, while no one was really looking. Congress opened the door to more warrantless surveillance by tacking on a little-known, unvetted bill to the monster spending legislation passed last week. This bill, benignly titled the Clarifying Overseas Use of Data (“CLOUD”) Act, removes the need for foreign countries to obtain a search warrant before demanding data from US companies. This bill was never debated. It wasn’t reviewed or marked up by a single committee. There were no hearings. But it is now law. David Ruiz, from the Electronic Frontier Foundation, helps us to understand the stark implications of this new law and together we explore how it can be used to completely circumvent your 4th Amendment rights. David Ruiz is a writer covering NSA surveillance and federal surveillance policy for Electronic Frontier Foundation, a digital rights non-profit. As 2017 closes, he is deeply involved in covering the multiple bills before Congress that seek to reform or reauthorize Section 702 of the FISA Amendments Act, a law that is currently one of the U.S. government's most powerful surveillance tools. Previously, David worked as a journalist covering legal affairs for some of Silicon Valley's largest companies, including Google, Facebook, Twitter and Uber. He has also had his work featured in KQED, The East Bay Express, SFGate.com, The Sacramento Bee and KZSU Stanford 90.1 FM. Beyond writing, David also hosts a personal podcast called Death Knell, which explores the grieving process after death. For Further Insight: Website: davidalruiz.com Follow on Twitter: https://twitter.com/davidalruiz Little Brother by Cory Doctorow Donate to the Electronic Frontier Foundation Help me to help you! Visit: https://patreon.com/FirewallsDontStopDragons

Have you ever really stopped to consider the sheer amount of data Facebook has on you? How long have you had your Facebook account? How many pictures have you posted and tagged? How many relationships have you had? Facebook has all that data, and much more - all your posts, your messages, your status changes, your likes, your comments, your profile (every version), your photos and videos… Facebook knows all. Do you have the Facebook app on your smartphone? Then it probably also has all of your phone contacts, ever. What many people don’t know is that you can actually download your entire Facebook dossier, and it’ll blow your mind. I’ll tell you how. In other news, Intel has fixes coming soon for its chips while AMD chips have several newly discovered vulnerabilities. Alexa has been laughing at some of you, Apple has a nice web page to help you control what your kids can access, PayPal shares your data with over 600 companies, and the Geek Squad has been snooping around on your computers for the FBI. For Further Insight: Apple’s Families page: https://www.apple.com/families/ Download your Facebook data: https://www.facebook.com/help/302796099745838 Download your Google data: https://support.google.com/accounts/answer/3024190?hl=en Download your Twitter data: https://help.twitter.com/en/managing-your-account/how-to-download-your-twitter-archive Help me to help you! Visit: https://patreon.com/FirewallsDontStopDragons