Firewalls Don't Stop Dragons Podcast

Russia has been hacking Ukraine for at least a decade now, but since the invasion of Ukraine in February of 2022, the cyber war has changed. Instead of being a tactical element, cyber war is now a full-fledged strategic aspect of the conflict, on both sides. At the outset, Ukraine put out an official call to enlist cyber warriors from around the globe to their cause in what's been called the IT Army of Ukraine. Today we'll look at how this group was formed, how it operates, and what we should all be learning from what's happening there. My guest is Dina Temple-Raston from The Record, the Click Here Podcast, and formerly NPR. Interview Notes Dina Temple-Raston at The Record: https://therecord.media/author/dina-temple-raston  Click Here podcast: https://therecord.media/podcast  Click Here, Episode 98: “Lessons from the world's first hybrid war”: https://podcasts.apple.com/us/podcast/click-here/id1225077306?i=1000639045741  NPR’s I’ll Be Seeing You: https://www.npr.org/series/760566025/ill-be-seeing-you  Operation Glowing Symphony: https://www.npr.org/2019/09/26/763545811/how-the-u-s-hacked-isis  Further Info Send me your questions! https://fdsd.me/qna  Check out my book, Firewalls Don’t Stop Dragons: https://fdsd.me/book  Subscribe to the newsletter: https://fdsd.me/newsletter  Become a patron! https://www.patreon.com/FirewallsDontStopDragons  Get your Firewalls Don’t Stop Dragons Merch! https://fdsd.me/merch  Give the gift of privacy and security: https://fdsd.me/coupons  Support our mission! https://fdsd.me/support  Generate secure passphrases! https://d20key.com/#/  Table of Contents Use these timestamps to jump to a particular section of the show. 0:04:50: How did you get into covering cybersecurity and cyber warfare? 0:06:48: When and how did Russian cyber attacks begin in Ukraine? 0:15:40: What is the IT Army of Ukraine and what is its origin? 0:20:47: Have we seen other cyberwar volunteer organizations? 0:23:05: How are information and communications being utilized by the IT Army? 0:26:53: How has Russia responded to this? 0:28:34: How are IT Army members recruited and vetted? 0:30:17: How are objectives coordinated? 0:31:20: Where are IT Army members coming from? 0:32:03: Do we know if Western military members are participating in the IT Army? 0:36:30: What are the military lessons to be learned here? 0:42:11: What should civilians be learning from all of this? 0:46:01: What's next for you and Click Here? 0:47:14: Wrap-up and looking ahead

Google's Chrome browser has dominated the planet - both on desktop computers and mobile devices. Furthermore, many other popular web browsers are actually based on the same Google-made Chromium browser engine, including Microsoft Edge and Brave Browser. This gives Google an inordinate amount of influence on web standards, in particular preventing better privacy protections. We need to support privacy-forward alternatives lest they disappear. In other news: US passes expanded mass surveillance policies instead of curbing them; TikTok ban bill becomes law giving Bytedance a year to sell it; UK's Investigatory Powers Bill amendment passes; photo-sharing app will use users' uploaded images to train AI; Health insurers Kaiser and Change Healthcare are hacked; antivirus software service installs malware on user's systems; FCC fines telecom's $200M; CISA director pushes for vendor accountability; CISA's proactive protection programs are making positive impacts; UK becomes first country to enforce strong and strict IoT security requirements; net neutrality is back; Google again delays killing third party cookies. Article Links [Electronic Frontier Foundation] U.S. Senate and Biden Administration Shamefully Renew and Expand FISA Section 702, Ushering in a Two Year Expansion of Unconstitutional Mass Surveillance https://www.eff.org/deeplinks/2024/04/us-senate-and-biden-administration-shamefully-renew-and-expand-fisa-section-702-0 [TechCrunch] Biden signs bill that would ban TikTok if ByteDance fails to sell the app https://techcrunch.com/2024/04/24/biden-signs-bill-that-would-ban-tiktok-if-bytedance-fails-to-sell-the-app/ [theregister.com] UK's Investigatory Powers Bill to become law despite tech world opposition https://www.theregister.com/2024/04/26/investigatory_powers_bill/ [TechCrunch] Photo-sharing community EyeEm will license users photos to train AI if they don’t delete them https://techcrunch.com/2024/04/26/photo-sharing-community-eyeem-will-license-users-photos-to-train-ai-if-they-dont-delete-them/ [TechCrunch] Health insurance giant Kaiser notifies millions of a data breach https://techcrunch.com/2024/04/25/kaiser-permanente-health-plan-millions-data-breach/ [TechCrunch] Change Healthcare hackers broke in using stolen credentials — and no MFA, says UHG CEO https://techcrunch.com/2024/04/30/uhg-change-healthcare-ransomware-compromised-credentials-mfa/ [Ars Technica] Hackers infect users of antivirus service that delivered updates over HTTP https://arstechnica.com/security/2024/04/hackers-infect-users-of-antivirus-service-that-delivered-updates-over-http/ [BleepingComputer] FCC fines carriers $200 million for illegally sharing user location https://www.bleepingcomputer.com/news/technology/fcc-fines-carriers-200-million-for-illegally-sharing-user-location/ [cybersecuritydive.com] CISA director pushes for vendor accountability and less emphasis on victims’ errors https://www.cybersecuritydive.com/news/cisa-highlights-vendors-errors/714300/ [therecord.media] More than 800 vulnerabilities resolved through CISA ransomware notification pilot https://therecord.media/vulnerabilities-resolved-through-cisa-pilot [therecord.media] UK becomes first country to ban default bad passwords on IoT devices https://therecord.media/united-kingdom-bans-defalt-passwords-iot-devices [WIRED] Net Neutrality Returns to a Very Different Internet https://www.wired.com/story/fcc-net-neutrality-rules-vote/ [Ars Technica] Google delays third-party cookie death again: Now scheduled for 2025 https://arstechnica.com/gadgets/2024/04/google-delays-third-party-cookie-death-again-now-scheduled-for-2025/ Tip of the Week: https://firewallsdontstopdragons.com/its-time-to-quit-chrome/  Further Info Under New Management plugin: https://github.com/classvsoftware/under-new-management  Donate to Mozilla (Firefox): https://foundation.mozilla.org/en/donate/  Send me your questions! https://fdsd.me/qna

AI has been grabbing all the tech headlines, but cryptocurrency is still innovating and changing. One of the primary goals of cryptocurrency was to be decentralized and therefore not controlled by governments like fiat currency. That is about to change. Central Bank Digital Currency (CBDC) is a new type of cryptocurrency that is created and governed by nation states, which comes with serious implications for privacy and global economics. Thankfully I've got cryptocurrency expert Seth for Privacy on the show to explain how CBDC works and how it will affect us. Interview Notes Opt Out Podcast: https://optoutpod.com/  Freedom.Tech: https://freedom.tech/  Foundation.xyz: https://foundation.xyz/  CBDC tracker: https://cbdctracker.hrf.org/home  Buying Monero: https://freedom.tech/buying-monero-privately/ Samourai Wallet 1: https://freedom.tech/how-samourai-worked/  Samourai Wallet 2: https://freedom.tech/samourai-to-sparrow/ Cryptocurrency 101 interview: https://podcast.firewallsdontstopdragons.com/2022/06/06/cryptocurrency-101/  Further Info Treasure & Coin Promo: https://fdsd.me/promo424  Send me your questions! https://fdsd.me/qna  Check out my book, Firewalls Don’t Stop Dragons: https://fdsd.me/book  Subscribe to the newsletter: https://fdsd.me/newsletter  Get your Firewalls Don’t Stop Dragons Merch! https://fdsd.me/merch  Give the gift of privacy and security: https://fdsd.me/coupons  Support our mission! https://fdsd.me/support  Generate secure passphrases! https://d20key.com/#/  Table of Contents Use these timestamps to jump to a particular section of the show. 0:00:30: Promo update 0:01:42: News preview 0:04:34: AT&T now says over 50M accounts were compromised 0:11:37: Apple password reset notification attack 0:16:04: Outlook is Microsoft’s new data collection service 0:22:40: Kobold letters 0:29:27: Backdoor in XZ Utils That Almost Happene 0:39:42: OpenAI and Google reportedly used transcriptions of YouTube videos to train their AI models 0:45:57: How to Turn Off Meta AI on their various apps 0:49:07: Vulnerabilities Identified in LG WebOS 0:52:14: Roku Says More Than 500,000 Accounts Were Compromised 0:56:05: X May Charge New Users a 'Small Fee' to Post, Like and Reply 1:00:04: DuckDuckGo Is Taking Its Privacy Fight to Data Brokers 1:04:19: Google Launches Android Find My Device Network 1:07:29: The CFPB wants to rein in data brokers 1:12:23: Tip of the Week: Freeze Your Credit 1:18:05: Wrap-up 1:19:06: Looking ahead

You've heard people like me recommend this for years. It's time to just do it: freeze your credit report. There are really no downsides at this point. For example, it's now free everywhere in the US, by law. It's also free to temporarily "thaw" your credit. And it's gotten a lot easier to do, too. Freezing your credit is your main defense against financial identity theft. And with the sheer number of data breaches (like the recent massive AT&T leak), the personal information needed to commit identity theft is out there already. In other news: AT&T now says 51 million past and current customers' data were leaked; beware of a new password reset 'bomb' campaign; Microsoft is using Outlook to harvest and share your data; a new email scam alters their content after forwarding; a devious and devastating supply chain attack was thwarted in the nick of time; AI organizations are using sneaky techniques to train their models on your data; Meta is lacing its apps with AI, and there's not much you can do about it; LG TVs are hacked; Roku is breached again, this time affecting over 500,000 accounts; Twitter/X looking to charge new users a small fee to try to curb bot accounts; DuckDuckGo unveils trio of new for-pay privacy services; Google launches their own Find My network; and various US government agencies, lacking a real privacy law, attempt to curb privacy abuses using existing powers. Article Links [BleepingComputer] AT&T now says data breach impacted 51 million customers https://www.bleepingcomputer.com/news/security/att-now-says-data-breach-impacted-51-million-customers/ [AppleInsider] If you're getting dozens of password reset notifications, you're being attacked https://appleinsider.com/articles/24/03/27/if-youre-getting-dozens-of-password-reset-notifications-youre-being-attacked [proton.me] Outlook is Microsoft’s new data collection service https://proton.me/blog/outlook-is-microsofts-new-data-collection-service [Lutra Security] Kobold letters https://lutrasecurity.com/en/articles/kobold-letters/ [Schneier Blog] Backdoor in XZ Utils That Almost Happened https://www.schneier.com/blog/archives/2024/04/backdoor-in-xz-utils-that-almost-happened.html [Engadget] OpenAI and Google reportedly used transcriptions of YouTube videos to train their AI models https://www.engadget.com/openai-and-google-reportedly-used-transcriptions-of-youtube-videos-to-train-their-ai-models-163531073.html [Lifehacker] How to Turn Off Meta AI on Facebook, Instagram, Messenger, and WhatsApp https://lifehacker.com/tech/how-to-turn-off-meta-ai-on-facebook-instagram-messenger-whatsapp [bitdefender.com] Vulnerabilities Identified in LG WebOS https://www.bitdefender.com/blog/labs/vulnerabilities-identified-in-lg-webos/ [Lifehacker] Roku Says More Than 500,000 Accounts Were Compromised in a Cyberattack https://lifehacker.com/tech/roku-cyberattack-compromises-accounts [MacRumors] X May Charge New Users a 'Small Fee' to Post, Like and Reply https://www.macrumors.com/2024/04/15/x-small-fee-new-users/ [WIRED] DuckDuckGo Is Taking Its Privacy Fight to Data Brokers https://www.wired.com/story/duckduckgo-vpn-data-removal-tool-privacy-pro/ [MacRumors] Google Launches Android Find My Device Network https://www.macrumors.com/2024/04/08/google-android-find-my-device-network-2/ [ftc.gov] Proposed FTC Order will Prohibit Telehealth Firm from Using or Disclosing Sensitive Data for Advertising Purposes https://www.ftc.gov/news-events/news/press-releases/2024/04/proposed-ftc-order-will-prohibit-telehealth-firm-cerebral-using-or-disclosing-sensitive-data [The Verge] The CFPB wants to rein in data brokers https://www.theverge.com/2024/4/15/24131354/cfpb-data-brokers-fair-credit-reporting-act [therecord.media] Automakers and FCC square off over potential regulations for connected cars https://therecord.media/fcc-automakers-connected-cars-regulation-mvnos Tip of the Week: https://firewallsdontstopdragons.

There's a lot of nasty stuff online - things we would prefer our kids not see, at least not until they're mature enough to handle it. Our elected representatives have proposed various regulations to try to protect kids online, and while this is obviously a laudable goal, the devil is always in the details. Many of the proposed solutions have serious negative consequences for both kids and adults, chilling free speech and blocking useful content. I'll discuss the latest iteration of these proposed solutions in the US called the Kids Online Safety Act (KOSA) as well as the similar Online Safety Act in the UK. With me is Joe Mullin, senior policy analyst at the Electronic Frontier Foundation (EFF). Interview Notes Joe Mullin (EFF): https://www.eff.org/about/staff/joe-mullin  EFF on KOSA: https://www.eff.org/deeplinks/2024/02/dont-fall-latest-changes-dangerous-kids-online-safety-act  EFF on KOSA in depth: https://www.eff.org/deeplinks/2024/03/analyzing-kosas-constitutional-problems-depth  Contact Congress: https://www.eff.org/congress  EFF on CA ballot initiative: https://www.eff.org/deeplinks/2024/02/eff-opposes-california-initiative-would-cause-mass-censorship  EFF submission to Ofcom: https://www.eff.org/deeplinks/2024/03/effs-submission-ofcoms-consultation-illegal-harms  Santa Clara Principles for online content moderation: https://santaclaraprinciples.org/  Further Info Treasure & Coin Promo: https://fdsd.me/promo424  Send me your questions! https://fdsd.me/qna  Check out my book, Firewalls Don’t Stop Dragons: https://fdsd.me/book  Subscribe to the newsletter: https://fdsd.me/newsletter  Become a patron! https://www.patreon.com/FirewallsDontStopDragons  Get your Firewalls Don’t Stop Dragons Merch! https://fdsd.me/merch  Give the gift of privacy and security: https://fdsd.me/coupons  Support our mission! https://fdsd.me/support  Generate secure passphrases! https://d20key.com/#/ Table of Contents Use these timestamps to jump to a particular section of the show. 0:00:56: Eclipse! 0:01:50: Treasure & Coin promo update 0:02:29: Interview preview 0:03:41: What are the primary concerns today with kids on the internet? 0:08:24: What laws already exist to protect kids online? 0:17:05: What are the key provisions of KOSA? 0:25:04: What content is KOSA trying to restrict based on age? 0:34:22: What did we learn from the UK's Online Safety Act? 0:38:47: Doesn't KOSA interfere with Section 230? 0:44:41: How does KOSA impact content access for adults? 0:50:17: Are our representatives seeking insights from groups like EFF? 0:54:58: Are there onlione safety regulations EFF could support? 0:58:55: Do you have any advice for parents on protecting their kids online? 1:06:55: Interview wrap-up 1:08:59: Patron bonus content 1:09:28: Looking ahead

Today's podcast addresses listener questions on topics like handling 2FA codes while traveling, the necessity of changing passwords, securing IoT devices, using hardware security keys, privacy-focused email clients, VPN challenges, and protecting cryptocurrency. The host also gives insights on the TikTok ban legislation.

Today I talk with Justin and Jodi Daniels about that state of privacy today, how we can help consumers and companies better understand the importance of privacy and security, and how companies are dealing with these aspects internally. We talk about the state of privacy regulations (or the lack thereof), why companies are failing to protect their customers, and what we can do about that. Justin and Jodi host a podcast together called She Said Privacy, He Said Security. They've also co-written a book called "Data Reimagined: Building trust one byte at a time". Interview Notes Justin & Jodi Daniels’ podcast: https://redcloveradvisors.com/podcasts/ Justin Daniels: https://www.linkedin.com/in/justinsdaniels/ Jodi Daniels: https://www.linkedin.com/in/jodihoffmandaniels/  Red Clover Advisors: https://redcloveradvisors.com/ Baker Donelson: https://www.bakerdonelson.com/  Data Reimagined book: https://redcloveradvisors.com/book-sales/  International Association of Privacy Professionals (IAPP): https://iapp.org/  Information Commissioner’s Office (ICO): https://ico.org.uk/  YourAdChoices (AboutAds.info): https://youradchoices.com/  How to enable Global Privacy Control: https://firewallsdontstopdragons.com/how-to-enable-global-privacy-control/  Jeff Jockisch top 10: https://www.linkedin.com/posts/jozian_privacypodcast-peopleschoice-privacyawards-activity-7155591864593637376-Q3bi/  Further Info Coin & Treasure Promo: https://fdsd.me/promo424 Send me your questions: https://fdsd.me/qna  Check out my book, Firewalls Don’t Stop Dragons: https://fdsd.me/book  Subscribe to the newsletter: https://fdsd.me/newsletter  Get your Firewalls Don’t Stop Dragons Merch! https://fdsd.me/merch  Give the gift of privacy and security: https://fdsd.me/coupons  Support our mission! https://fdsd.me/support  Generate secure passphrases! https://d20key.com/#/  Table of Contents Use these timestamps to jump to a particular section of the show. 0:01:33: Interview setup 0:03:31: Tell me about your podcast and how you got into this space. 0:06:40: How do you explain privacy to regular, everyday people? 0:09:37: How can we help people better understand the need for privacy? 0:11:10: What are the newest threats to our privacy? 0:14:58: So how do we know what to trust? 0:17:07: What mistakes do companies make when crafting and implementing privacy policies? 0:21:37: How should companies embrace privacy? 0:25:51: What's life like for a Chief Privacy Officer today? 0:30:22: Can we blame companies for monetizing our data since it's legal to do so? 0:34:01: How do we combat privacy problems with security tech? 0:37:11: Why can't the US government pass a federal privacy law? 0:42:54: Would it help to pass laws that mandate transparency? 0:46:11: What about a universal opt-out mechanism? 0:47:24: Is mainstream media covering privacy and security properly? 0:49:36: What are some promising Privacy Enhancing Technologies? 0:53:50: What are some of your top resources to learn more about privacy? 0:56:09: Any final thoughts? 0:57:30: Interview follow-up 0:59:25: Looking ahead

Passwords, two-factor authentication and even passkeys don't matter if you can access someone's account by answering three simple account recovery questions. Also, just about every account today has a way to reset your password, no matter how strong it is, if you can gain access to someone's email account. Until we can remove these weak links, it doesn't matter how secure our regular authentication schemes are. In the news: old A&T breach data is making the rounds; Apple Silicon chips have a security flaw baked into the hardware; two very popular digital safe locks come with backdoor codes; Twitter/X is failing to properly check posted links that redirect to scam sites; a court rules that external continuous camera surveillance of your house doesn't require a warrant; searches for VPNs spike after PornHub pulls out of Texas; a blockbuster NY Times article brings much needed attention to data collection in cars; AirBnB implements a blanket camera ban. And I announce a killer new patron promotion! Click this link! https://fdsd.me/promo424 Article Links [restoreprivacy.com] AT&T Investigating Potential Breach Following Leak of 73.4 Million Records https://restoreprivacy.com/att-investigating-breach-following-leak-of-73-4-million-records/ HaveIBeenPwned.com: https://haveibeenpwned.com/  [9to5Mac] Unpatchable security flaw in Apple Silicon Macs breaks encryption https://9to5mac.com/2024/03/22/unpatchable-security-flaw-mac/ [404media.co] Massively Popular Safe Locks Have Secret Backdoor Codes https://www.404media.co/massively-popular-safe-locks-have-secret-backdoor-codes/ [Lifehacker] It's Not Safe to Click Links on X https://lifehacker.com/tech/its-not-safe-to-click-links-on-x [Gizmodo] The Feds Can Film Your Front Porch for 68 Days Without a Warrant, Says Court https://gizmodo.com/feds-can-film-your-front-porch-without-warrant-1851352414 [CNN] Searches for VPNs spike in Texas after Pornhub pulls out of the state https://www.cnn.com/2024/03/15/tech/vpn-searches-spike-texas-pornhub [The New York Times] Automakers Are Sharing Consumers’ Driving Behavior With Insurance Companies https://www.nytimes.com/2024/03/11/technology/carmakers-driver-tracking-insurance.html [Lifehacker] Airbnb's New Security Camera Ban Is a Big Deal https://lifehacker.com/tech/airbnbs-new-security-camera-ban Tip of the Week: https://firewallsdontstopdragons.com/account-security-is-broken/ Further Info Become a Patron! (promo): https://fdsd.me/promo424  Lock & Code Podcast: https://www.malwarebytes.com/blog/podcast/2024/03/securing-your-home-network-is-long-tiresome-and-entirely-worth-it-with-carey-parker-lock-and-code-s05e07 Send me your questions! https://fdsd.me/qna  Check out my book, Firewalls Don’t Stop Dragons: https://fdsd.me/book  Subscribe to the newsletter: https://fdsd.me/newsletter  Get your Firewalls Don’t Stop Dragons Merch! https://fdsd.me/merch  Give the gift of privacy and security: https://fdsd.me/coupons  Generate secure passphrases! https://d20key.com/#/  Table of Contents Use these timestamps to jump to a particular section of the show. 0:04:05: News preview 0:06:12: AT&T Investigating Potential Breach Following Leak of 73.4 Million Records 0:11:24: Unpatchable security flaw in Apple Silicon Macs breaks encryption 0:16:34: Massively Popular Safe Locks Have Secret Backdoor Codes 0:21:57: It's Not Safe to Click Links on X 0:30:28: The Feds Can Film Your Front Porch for 68 Days Without a Warrant, Says Court 0:33:28: Searches for VPNs spike in Texas after Pornhub pulls out of the state 0:38:35: Automakers Are Sharing Consumers’ Driving Behavior With Insurance 0:47:36: Airbnb's New Security Camera Ban Is a Big Deal 0:49:57: Tip of the Week: Account Security is Broken 0:55:49: Dragon Coin promotion details

The United States has no general data privacy laws. However, we do have some sector-specific regulations, including HIPAA for health data. But there are many misconceptions about HIPAA. For example, the "P" in HIPAA does not stand for Privacy - it stands for Portability. So, what information does HIPAA cover? Which healthcare and related service providers are governed by HIPAA? And most importantly, what can you do to protect your medical and health data? Today we'll dive deep into this subject with Kate Black, a data, privacy & health lawyer and a strategic advisor in the health data field. Interview Notes Kate Black: https://www.linkedin.com/in/kate-black-sfo/  Washington’s My Health, My Data law: https://hintzelaw.com/blog/2023/4/9/wa-my-health-my-data-act-pt1-overview  HIPAA rights: https://www.hhs.gov/hipaa/for-individuals/guidance-materials-for-consumers/index.html  STAT medical news: https://www.statnews.com/  Further Info Check out my dragon challenge coins! https://fdsd.me/coin2 Send me your questions! https://fdsd.me/qna  Check out my book, Firewalls Don’t Stop Dragons: https://fdsd.me/book  Subscribe to the newsletter: https://fdsd.me/newsletter  Become a patron! https://www.patreon.com/FirewallsDontStopDragons  Get your Firewalls Don’t Stop Dragons Merch! https://fdsd.me/merch  Give the gift of privacy and security: https://fdsd.me/coupons  Support our mission! https://fdsd.me/support  Generate secure passphrases! https://d20key.com/#/  Table of Contents Use these timestamps to jump to a particular section of the show. 0:03:29: What is covered by HIPAA? What isn't covered? 0:06:51: Can I sign away my HIPAA rights? 0:08:08: Who in my medical provider's office can access my data? 0:10:23: How audits HIPAA compliance? 0:11:47: How is my health data shared between providers? 0:14:49: Are certain types of health data treated differently? 0:15:23: How does health privacy work for minors? 0:16:53: Outside of health providers, who else can access my data? 0:20:56: How does HIPAA compare to other sector-specific privacy laws? 0:22:20: Do secondary providers share back with my primary care physician? 0:24:42: Who stores and protects my digital medical records? 0:27:46: How are third party providers audited for privacy and security? 0:29:56: Are HIPAA security requirements keeping up with the times? 0:33:13: Do I have full access to my complete medical record? 0:36:52: How do marketers get my health data? 0:39:51: What laws govern inferred health information? 0:45:48: Do pharmacies sell health data to marketers? 0:48:57: How private are online medical portals and checkin services? 0:53:35: How concerned should we be about using DNA analysis services? 0:59:17: How can we improve our health privacy laws? 1:00:30: What are your personal tips for protecting health data? 1:02:37: If I think someone has abused my data, what can I do? 1:04:13: Interview wrap-up 1:06:49: Looking ahead

The podcast delves into the importance of backing up 2FA seeds for account security. Topics include FBI using push notifications, Roku's forced arbitration, security risks in video doorbells, AI pinpointing photo locations, facial recognition in vending machines, data broker bankruptcy impact, privacy laws, Proton Mail's features, and crackdowns on spyware firms.