Firewalls Don't Stop Dragons Podcast

Are you ready for the next YouTube, Netflix or Hulu? Then you need to fight to save net neutrality. Today I discuss the threatened gutting of the hard-fought net neutrality rules with Ernesto Falcon from the Electronic Frontier Foundation. The new FCC chairman, Ajit Pai, is looking to undo the protections put into place that would allow the next Internet startup to compete on a level playing field. Internet Service Providers would like to put their massive thumbs on the digital scale, tipping the advantage to companies that can afford to pay or even to favor their own content. Now that we have deep-pocketed incumbents, we need net neutrality rules to allow the new guys a chance to compete fairly. In the news, we’ll discuss the 198M voter profiles that were left unprotected on the web, Microsoft’s abandonment of SMBv1 (that’s a good thing), Google’s move to respect your email privacy, and Girl Scouts becoming cyber experts! In my Tip of the Week, I’ll tell you how to avoid giving away too much information whe

If you use public WiFi of any sort at the hotel, airport, or coffee shop (AND WHO DOESN'T), then you need to pay attention. A VPN could be a viable answer to protect your data and your devices. The other big challenge is your Internet Service Provider at home is probably capturing and selling your web browsing info - there is something you can do at home to protect yourself as well. Dave Peck helped to create one of the best Virtual Private Network products on the market, and today he and I will discuss why you need a VPN and how to pick one. Dave is an independent software developer and co-founder of GetCloak.com, a very easy-to-use VPN service. Not clicking on links apparently isn’t good enough anymore - now you can’t even hover over them! Also, Microsoft and Adobe have some software updates that fix critical bugs in Windows and Flash. And for the Tip of the Week, I’ll tell you why you really just need to uninstall Flash completely and how to do it. Transfer your domain names and save 40% in June! https:/

The Internet of Things will soon include cars... what could possibly go wrong? If all the cars on the road could tell each other what they were doing, would that make us safer? Maybe. But if your car is constantly broadcasting this information, that would also make it trivial to track you everywhere you go. Worse yet, any time you put something on a network, it is immediately a target for hackers. Crashing a computer is one thing; crashing a car is quite different, but this is quickly becoming a reality we have to deal with. I will also tell you about an interesting new ‘travel mode’ feature from 1Password and talk about the Fireball adware that is already on over 250 million computers. We’ll wrap up with a new Tip of the Week, just in time for summer storm season! Jamie Williams is a staff attorney at the Electronic Frontier Foundation, where she is part of the civil liberties team. Jamie focuses on the First and Fourth Amendment implications of new technologies. She also co-taught Internet La

Do you have a “smart” TV? Or an Internet-connected baby monitor? Then you are a part of the Internet of Things (IoT)! Welcome to the world of everyday devices being connected to the network, allowing you to change the temperature of your home while traveling, check up on your dogs from work, and have a Bluetooth speaker that can also fetch tomorrow’s weather forecast. While there are lots of great uses for these devices, their security (or lack thereof) is making many of us vulnerable to attack. Today I speak at length with John Graham-Cumming, CTO of Cloudflare, about the Internet of Things and how it’s already wreaking havoc on our world. We’ll tell you how to be smart about your smart devices! We’ll also talk about the massive OneLogin password system breach and how hackers are increasingly turning to social media to target people for phishing attacks. John Graham-Cumming is a computer programmer and author. He studied mathematics and computation at Oxford and stayed for a doctorate in computer security

Summer is upon us and for many of us that means travel - but before you even pack your bags, you need to listen to this podcast! In my second interview with Michael Kaiser (the Executive Director of the National Cyber Security Alliance), we discuss all the cyber security and privacy issues you need to consider: before you go and while you’re traveling. Going abroad this summer? There are even more things you need to consider well before you leave! Also in this episode, I’ll tell you why Twitter’s new privacy policy changes are not in your favor, and how to fix it. Android’s next major software release, due out later this year, should finally address some of the major problems with getting updates. And I answer two questions from listeners on how best to deal with getting off mailing lists and tell you how secure Apple’s Message system really is. Michael Kaiser joined the National Cyber Security Alliance (NCSA) in 2008. As NCSA’s executive director, Mr. Kaiser engages diverse constituencies—business, govern

The WannaCry virus hit over 200,000 computers in over 150 countries in a matter of days. While WannaCry spread quickly, it had some fatal flaws that prevented it from doing a lot more damage. However, these flaws will soon be fixed - Round 2 of this virus is already upon us. I speak with Michael Kaiser from the National Cyber Security Alliance to find the lessons we need to learn and what we need to do to protect ourselves from the next generations of this nasty malware. We also take a good look at who might be to blame for all of this and some thorny issues exposed by this attack. In other news, I’ll tell you how to find out if your HP laptop might be logging all of your keystrokes and how to fix it. Michael Kaiser joined the National Cyber Security Alliance (NCSA) in 2008. As NCSA’s executive director, Mr. Kaiser engages diverse constituencies—business, government and other nonprofit organizations—in NCSA’s broad public education and outreach efforts to promote a safer, more secure and more trusted Interne

The WannaCry ransomware worm spread across the planet is a matter of hours, infecting over 200,000 computers in just a matter of hours - this included hospitals in the UK, phone service in Spain, and even a Russian ministry. The malware was stopped dead by one security researcher who basically got lucky. In today’s show, I will explain what WannaCry is and how to ensure that you are protected again this nasty bug and others just like it that will surely be coming. My guest today is security research Nick Weaver who will help us understand what the real threats are for most people - it’s not just hackers! He explains why we’re vulnerable and gives us a lot of great and timely tips on how to protect your computers and mobile devices (spoiler alert: you need to ditch Android and go with Apple). Nicholas Weaver received a B.A. in Astrophysics and Computer Science in 1995, and his Ph.D. in Computer Science in 2003 from the University of California at Berkeley. Although his dissertation was on novel FPGA architect

This week I’ll tell you why you should not be using Microsoft’s Edge Browser, how to find out if you were bitten by a very clever Google Docs phishing scheme, and why you can’t believe every voice you hear. Along the way, I’ll give you my recommendations on the best web browser to use as well as how to revoke permissions you may have granted to Twitter, Facebook and Google over the years that may be leaving your vulnerable. Finally, I’ll tell you how Intel finally found and fixed a flaw in their backdoor chip for managing PC’s, how to see if your computer is affected, and why backdoors can let the bad guys in just as easily as the good guys. For Further Insight: Lyrebird: https://soundcloud.com/user-535691776 Google app permissions: https://myaccount.google.com/permissions Twitter app permissions: http://lifehacker.com/5905299/clean-our-your-twitter-app-permissions-as-part-of-your-spring-cleaning-regimen Facebook app permisssions: http://lifehacker.com/5904590/clean-out-your-facebook-app-permissions-as-part

Would you write banking information, passwords, private conversation or any sensitive data on the back of a postcard? Sounds like a silly question perhaps - but this is the equivalency of writing private information in your public emails. Your emails are NOT secure. Today I'm going to help you understand the options available to you so you don't get caught with your drawbridge down! I have an insightful discussion with Dr Andy Yen, the CEO and Co-Founder of Protonmail. We discuss why regular email is not very secure and how corporations like Yahoo, Google, and others have complete access to everything you send and receive. There are lots of better options out there and we discuss how to evaluate and choose a better service. We have lots of important news items this week including another Android hack that has infected at least 2 million phones, a raft of bugs in the latest Linksys home WiFi routers, a clever new ransomware attack that nests like Russian dolls, and finally a vigilante hacker that has written

The Shadow Brokers have dumped a treasure trove of NSA secret hacking tools, proving that even the best secret-keepers in the country can’t always prevent info from leaking. Is it better for intelligence agencies to hoard software vulnerabilities for use against others, or to report those vulnerabilities so they can be fixed? I delve into this topic in detail, exploring the pros and cons. What if you could do one simple thing to protect your computer from most critical software bugs? It’s not only simple, it’s free and available to all users of modern Windows and Mac computers - and yet most people never use it! And as a bonus, I answer several of your questions from the mailbag about sharing WiFi passwords, choosing a cloud storage provider, protecting your kids while surfing the web, and things to consider when picking out a new computer! For Further Insight: https://www.eff.org/deeplinks/2017/04/border-search-bill-would-rein-cbp https://support.microsoft.com/en-us/help/306525/how-to-configure-and-use-aut

This week I talk with Chris Romeo on why humans are so horribly bad at picking good passwords and why this invariably makes you vulnerable to hacking. We discuss password managers and how to create the one and only password you should ever need. Along the way, we’ll explain things like two-factor authentication, how often you should be changing your passwords, and how to make sure your accounts can still be accessible if the worst happens. In the news this week, I’ll tell you about a nasty WiFi bug that affects just about every smartphone on the market and why you will be vulnerable on public hotspots until you download the fix. Popular password manager LastPass also fixed a serious flaw in their browser plugin, though in this case, you’re probably already protected by the auto-update feature in your browser. And finally, I’ll answer a listener’s question about defending against ransomware and whether having a firewall will help. Chris Romeo is CEO and co-founder of Security Journey. His passion is to bring

This week I discuss the stunning repeal of Internet privacy provisions with Ernesto Falcon from the Electronic Frontier Foundation. Congress narrowly passed a bill that would not only toss out the regulations that would have given consumers much-needed transparency and choice in how their web surfing data is collected and used, but also would effectively prevent any further regulations from being created. Mr Falcon explains how we got here, what this means for you (the consumer), and what we can do about it. One potential solution to this invasion of your privacy is using a Virtual Private Network (VPN) service. I discuss how VPN’s work and how you can find a service that works for you. VPN’s are not only good for hiding your web surfing from your nosey Internet Service Provider (ISP) and wireless carrier, they can also protect your data from snooping when you’re connected to public WiFi networks. Prior to joining EFF, Ernesto worked as a legislative staffer for two Members of Congress (2004-2010). He then

What are your rights at the border? It depends on your immigration status, and even US citizens will not enjoy their usual Constitutional rights in this situation. This is an important topic that should not be overlooked. I have a insightful and revealing discussion with Adam Schwartz from the Electronic Frontier Foundation about the recent escalation in US border searches of electronic devices. We'll discuss what’s happening and how you can prepare for potential searches at the border, and why this is important for every citizen whether you plan to leave the country or not. Adam Schwartz is a Senior Staff Attorney at the Electronic Frontier Foundation. Adam works to ensure that new technologies expand instead of shrink our privacy, freedom of speech, and other civil liberties. Before joining EFF, Adam worked as a Senior Staff Attorney at the American Civil Liberties Union of Illinois. Adam graduated in 1995 from the Howard University School of Law. Also, in the news this week: 600M iCloud accounts are purp

WikiLeaks dumped almost 9000 pages of secret CIA documents on the web for all to see, detailing dozens of secret hacking tools and techniques. What does this all mean for you and me? In this week’s interview, I speak with Daniel Davis from the privacy-preserving web search engine company DuckDuckGo. We discuss how crafty marketing services are attempting to track everywhere you go on the web in an effort to show you highly targeted (and highly profitable) advertising. We explain how it all works and give you several tips on how you can protect your privacy. Daniel Davis is Community Manager at DuckDuckGo, the search engine that doesn't track you. Working with both contributing developers and end users, he's passionate about spreading the benefits of open source and online privacy. For Further Insight: Website: https://duckduckgo.com The company's blog: https://spreadprivacy.com Follow on Twitter: https://twitter.com/duckduckgo Connect on Linkedin: https://www.linkedin.com/company/duck-duck-go Send me your

“Phishing” is one of the most common and most effective ways for the bad guys to get your passwords or credit card information. In this episode, I’ll be discussing this classic hacking tactic that has grown by leaps and bounds in just the last year - one report said phishing attacks grew over 250% in the first quarter of 2016 alone. Secretary of Homeland Security Jeh Johnson recently said that “the most devastating attacks by the most sophisticated attackers almost always begin with the simple act of spear-phishing.” Tune in to find out what phishing is all about and how best to protect yourself! In the news this week, we ask the question: Can drones steal your computer information by video taping the flashing light on your PC?? (Spoiler alert: Look up Betteridge's Law of Headlines.) Chris Romeo is CEO and co-founder of Security Journey. His passion is to bring security belt programs to all organizations, large and small. He was the Chief Security Advocate at Cisco Systems for five years, where he guided Ci

The media was once again telling everyone to light their hair on fire over the latest web bug that threatens to expose all of our private information - a bug they called CloudBleed. In this show, I use this particular web vulnerability to discuss how the media so often gets the reporting on these things totally wrong. In today’s world, where every headline is dire and begs to be clicked on, the phrase “if it bleeds it leads” has never been more true. We’ll talk about just what CloudBleed is and why the chances of it affecting you are likely very small - despite what most of the articles would have you believe. Meet Carey Parker, he is a software engineer, cyber security expert and published author of the book, and now podcast Firewalls Don’t Stop Dragons, A Guide to Computer Security for non-techies. His primary goal is to help everyday non-technical people and small businesses understand how to be proactive in securing their computers and protecting their online privacy. For Further Insight: Glenn Greenwal