Firewalls Don't Stop Dragons Podcast

It’s that time of year again – time for New Years Resolutions! While you consider going to the gym or maybe drinking a little less, we’re in the Information Age now – and that means you need to get your digital house in order, too! In our first show of 2018, I’ll give you several great projects to improve your cybersecurity and privacy – some easy, some that will take some time – but all of them are crucial in today’s world of hackers and prying eyes. With these top tips, you’ll be protected against malware, computer crashes, mass surveillance, and overzealous marketers! For Further Insight: LastPass password manager: https://www.lastpass.com/ TunnelBear VPN: https://www.tunnelbear.com/ Firefox web browser: https://www.mozilla.org/en-US/firefox/ Backblaze cloud backup: https://www.backblaze.com/cloud-backup.html#af9kxp Signal secure messaging app: https://signal.org/ ProtonMail: https://protonmail.com/ Help me to help you! Visit: https://patreon.com/FirewallsDontStopDragons

While you have some down time over the holidays, it’s a great opportunity to learn something new. I humbly suggest some cybersecurity and privacy “homework” that is both entertaining and educational! Like watching documentaries? Maybe you prefer to curl up by the fire with a good book? I’ve got you covered! In the news this week, we have yet another staggeringly large data breach – though it’s not clear whether the bad guys found it before it was locked down. Is your iPhone 6 or 7 running slower than it used to? You may not be imagining it – Apple did it on purpose, and I explain why. For Further Insight: EFF’s Surveillance Self-Defense: https://ssd.eff.org/en Stay Safe Online: https://staysafeonline.org/ Help me to help you! Visit: https://patreon.com/FirewallsDontStopDragons

Net Neutrality suffered a severe but expected setback this week when the new FCC repealed the protections enacted in 2015 by a 3-2 party line vote, without any public hearings or investigation into flawed comment system. Call your Congressman! Bitcoin value has soared in the last few months… but what the heck is a Bitcoin? I’ll explain what all the buzz is about. I’ll also tell you about massive database of 1.4 billion cracked passwords and give you several tips for buying those last-minute holiday gifts online! For Further Insight: 11 Lies about Net Neutrality: https://www.popsci.com/net-neutrality-lies Net Neutrality isn’t dead: https://www.battleforthenet.com/ Help me to help you! Visit: https://patreon.com/FirewallsDontStopDragons

Many of the most important voices on the web today are individuals or small, low-budget organizations: human rights groups, investigative journalists, political dissidents, and fighters for democracy in repressive regimes. These groups don’t have the wherewithal to defend themselves against hackers and bad state actors that would prefer their voices not be heard. Projects like Cloudflare’s Galileo and Google’s Shield help these at-risk groups to weather the heaviest of Internet storms, making sure that their voices cannot be silenced – without having to pay a dime. Doug Kramer, General Counsel for Cloudflare, helps us understand why these projects and groups are so important and how these programs help to protect their websites from attack. Doug Kramer is General Counsel of Cloudflare, where he is responsible for managing the legal, policy, and trust and safety teams. In this role, Doug helps address the broad range of issues that touch the company's operations around the world. Prior to joining Cloudflare, Doug worked for seven years in senior positions in the Obama Administration, including as Deputy Assistant to the President and White House Staff Secretary, as the Deputy Administrator of the US Small Business Administration, and General Counsel at USAID. He previously worked in private practice in Washington, DC and Kansas City. He received Bachelor’s degree in Philosophy and English from Georgetown University and his J.D. from University of Chicago Law School. For Further Insight: Website: https://www.cloudflare.com Project Galileo: https://www.cloudflare.com/galileo/ Project Shield: https://projectshield.withgoogle.com/public/ Help me to help you! Visit: https://patreon.com/FirewallsDontStopDragons

The gift-giving season is upon us and technology presents are always popular! But what you may not realize that the hackers and marketers out there are secretly hoping you’ll give your friends and family certain gifts, too! In this special holiday episode, I’ll tell you about some of the best and the worst holiday gifts and accessories, from a security and privacy viewpoint. Thinking about giving someone a DNA analysis kit? You might want to think again! Which computers and smart devices are the most secure? And are there products I can buy to help make them more secure? You bet! Tune in – I’ve got you covered! For Further Insight: Read this before buying a DNA test: https://vitals.lifehacker.com/what-you-should-know-before-you-gift-someone-a-dna-test-1820774515 Best WiFi Routers: https://thewirecutter.com/reviews/best-wi-fi-router/ Setting your Router’s DNS to Quad9: http://firewallsdontstopdragons.com/evading-malware-quad9-dns/ Data and Goliath: https://www.schneier.com/books/data_and_goliath/ Little Brother: https://craphound.com/littlebrother/download/ Help me to help you! Visit: https://patreon.com/FirewallsDontStopDragons

It’s been a rough week or so for Apple products, in particular their new Macintosh operating system version called High Sierra. A horrendous security bug was released last week that would let anyone have full, unfettered access to your computer – possible even remotely. That’s about as bad as it gets, folks. I’ll tell you all about it, including how to fix it once and for all. We’ll also talk about some insidious HP computer software that is sending tracking information back to the mother ship without proper warning or consent, how some clever thieves have figured out how to steal cars by faking out your keyless entry system, and why now is the time to support Net Neutrality. For Further Insight: Fixing Apple’s horrible “root” bug: http://firewallsdontstopdragons.com/fixing-apple-root-bug/ Save Net Neutrality! https://www.battleforthenet.com/ John Oliver on Net Neutrality (includes adult language): https://www.youtube.com/watch?v=92vuuZt7wak Help me to help you! Visit: https://patreon.com/FirewallsDontStopDragons

In the era of mass surveillance, our communications are being hoovered up, searched and stored by both corporations and intelligence agencies, without a warrant and with almost zero transparency. While we should be fighting for our right to privacy, creating and amending laws is hard and can take years. Dr Andy Yen is the CEO of ProtonMail, a secure email service based in Switzerland. Today we discuss why it’s important for even regular, “uninteresting” people to use a truly secure and private email service. In the news this week, hundreds of top websites are tracking everything you do and Intel comes clean about a horrendous flaw in their secretive Management Engine that is part of every CPU they’ve made in the last 8 years. I’ll tell what you can do about it. Also, in the Tip of the Week, I’ll tell you about a new free service that can protect you from bad websites. Dr. Andy Yen is the CEO and Co-Founder of Protonmail. Andy has over 8 years of experience in distributed computing for demanding particle physics applications. Andy was a researcher at CERN from 2009 to 2015, where ProtonMail’s founding team met. He has a PhD in Physics from Harvard and a degree in Economics from Caltech. For Further Insight: Website: https://protonmail.com/ Twitter URL: https://twitter.com/ProtonMail LinkedIn URL: https://www.linkedin.com/in/andy-yen-03a9676 Quad9’s free DNS service protects you as you surf: http://firewallsdontstopdragons.com/evading-malware-quad9-dns/ Help me to help you! Visit: https://patreon.com/FirewallsDontStopDragons

In our next installment of the Castle Defense 101 series, I’ll help you to choose the web browser that will keep you safe and protect your privacy. We’ll talk about the big four (Safari, Internet Explorer, Firefox and Chrome) as well as some others you’ve never heard of. I walk you through the things you need to consider when comparing these browsers and explain why the choice can be tricky. In the end, I’ll share my personal browser strategy and recommend several free browser add-ons that will make you even safer! In the news: Facebook recommends that you upload your nude photos so that they can protect you and a cheeky New Zealand company has created a new automated service that enables some sweet revenge on all those spam emailers. For Further Insight: ExpressVPN Browser rankings: https://www.expressvpn.com/blog/best-browsers-for-privacy/ RE: Scam, spammer chatbot: https://www.rescam.org/ Help me to help you! Visit: https://patreon.com/FirewallsDontStopDragons

The law that enables the warrantless collection and searching of the communications of US citizens is set to expire at the end of 2017. In today’s show, David Ruiz and I discuss several bills in Congress that attempt to curb the rampant abuses of this legislation (Section 702 of the FISA law). These long-overdue reforms go a long way towards restoring the principles of the Fourth Amendment and reclaiming basic civil liberties that we let slip away in fear after 9/11. In the news this week, I’ll update you on the Reaper botnet and tell you about an effort to safeguard our elections systems before the next major election. I’ll also help you double-check your smartphone app permissions, making sure they don’t have any more access than they need to things like your camera, microphone, location, and contacts. David Ruiz is a writer covering NSA surveillance and federal surveillance policy for Electronic Frontier Foundation, a digital rights non-profit. As 2017 closes, he is deeply involved in covering the multiple bills before Congress that seek to reform or reauthorize Section 702 of the FISA Amendments Act, a law that is currently one of the U.S. government's most powerful surveillance tools. Previously, David worked as a journalist covering legal affairs for some of Silicon Valley's largest companies, including Google, Facebook, Twitter and Uber. He has also had his work featured in KQED, The East Bay Express, SFGate.com, The Sacramento Bee and KZSU Stanford 90.1 FM. Beyond writing, David also hosts a personal podcast called Death Knell, which explores the grieving process after death. For Further Insight: Website: www.davidalruiz.com Follow on Twitter: https://twitter.com/davidalruiz Additional Resources: Surveillance watchdog, Open Technology Institute: https://www.newamerica.org/oti/ End the Backdoor! https://www.endthebackdoor.com/ Lock Down Your LAN (IoT security): http://firewallsdontstopdragons.com/locking-internet-things-iot/ Protect yourself from nosy apps: http://firewallsdontstopdragons.com/smartphone-privacy-reining-nosy-apps/

We have a lot to catch up on! This week we discuss a Bad Rabbit, a grim Reaper, and some risky Russians. A new WannaCry-like ransomware is hitting Russia and Ukraine, Kaspersky Labs is dealing with a PR nightmare, and a new botnet is forming up that could make last year’s Mirai botnet that took down Netflix, Twitter and AirBND look like small potatoes. We also have some hopeful Android news and discuss how Bitcoin mining might save us from the ad-based web. For Further Insight: Before paying a ransom for your data, check this site! www.nomoreransom.org Full article on Reaper and securing your IoT devices: http://firewallsdontstopdragons.com/locking-internet-things-iot/ Help me to help you! Visit: https://patreon.com/FirewallsDontStopDragons