Firewalls Don't Stop Dragons podcast

Player FM - Internet Radio Done Right

18 subscribers

Lisätty four vuotta sitten

المحتوى المقدم من Carey Parker. يتم تحميل جميع محتويات البودكاست بما في ذلك الحلقات والرسومات وأوصاف البودكاست وتقديمها مباشرة بواسطة Carey Parker أو شريك منصة البودكاست الخاص بهم. إذا كنت تعتقد أن شخصًا ما يستخدم عملك المحمي بحقوق الطبع والنشر دون إذنك، فيمكنك اتباع العملية الموضحة هنا https://ar.player.fm/legal.

Pursuit: The Founders' Guide to Happiness

1
Episode 1: In Order to Be Happy 29:27

منذ 10 أيام29:27

التشغيل لاحقا

قوائم

إعجاب

احب

29:27

The “pursuit of happiness” is one of the most famous phrases in American history, and when America’s founders wrote it in the Declaration of Independence, they intended it to mean happiness through lifelong learning and self-improvement. To start our series, Jeffrey Rosen and scholar Robert P. George , the McCormick Professor of Jurisprudence and director of the James Madison Program in American Ideals and Institutions at Princeton University, trace how the meaning of pursuit of happiness has changed. Then, American filmmaker Ken Burns shares how — even as he has spent his “entire life trying to figure out the United States” — daily self-reflection has given him new perspectives on what the founders faced 250 years ago. Stay Connected and Learn More Questions or comments about the show? Email us at podcast@constitutioncenter.org . Continue the conversation by following us on social media @ConstitutionCtr. Explore the America at 250 Civic Toolkit. Sign up to receive Constitution Weekly , our email roundup of constitutional news and debate. Follow, rate, and review wherever you listen. Join us for an upcoming live program or watch recordings on YouTube . Support our important work. ⁠⁠⁠⁠⁠⁠⁠⁠ Donate Pursuit: The Founders’ Guide To Happiness is made possible with support from the John Templeton Foundation. © 2025 National Constitution Center. All Rights Reserved.…

Firewalls Don't Stop Dragons Podcast

منزل السلاسل•Feed

A Podcast on Computer Security & Privacy for Non-Techies

400 حلقات

#Tech #Carey Parker

Firewalls Don't Stop Dragons Podcast

18 subscribers

updated منذ 3 أيام

منزل السلاسل•Feed

A Podcast on Computer Security & Privacy for Non-Techies

400 حلقات

#Tech #Carey Parker

كل الحلقات

Firewalls Don't Stop Dragons Podcast

1
On the Ethics of AI 1:08:08

منذ 3 أيام1:08:08

1:08:08

Artificial Intelligence (AI) is the Big Tech buzzword of the day. Every company who wants investment (public or private) is scrambling to have an “AI story”, adding chatbots and ‘agentic’ features in their products wherever possible. The AI companies themselves are constantly expanding their models, ingesting as much data (including highly personal information) as possible. In this AI gold rush, companies are making flawed and often harmful products. Companies are firing workers and trying to replace them with AI bots. And it’s forcing us all to question what’s real, what has actual value, and what the impacts could and should be on society as a whole. Discussing deep questions like this is the purview of philosophers – and today I’ll be welcoming back someone uniquely and supremely qualified to address them, Carissa Véliz. Interview Notes Carissa Véliz: https://www.carissaveliz.com/ Privacy is Power: https://www.carissaveliz.com/books Carissa’s research: https://www.carissaveliz.com/research Moral Zombies: https://link.springer.com/article/10.1007/s00146-021-01189-x ChatGPT suicide: https://www.nytimes.com/2025/08/26/technology/chatgpt-openai-suicide.html TESCREAL: https://en.wikipedia.org/wiki/TESCREAL John Oliver on AI Slop: https://www.youtube.com/watch?v=TWpg1RmzAbc Proton Lumo: https://proton.me/blog/lumo-ai EU’s “public good” LLM: https://ethz.ch/en/news-and-events/eth-news/news/2025/07/a-language-model-built-for-the-public-good.html Further Info My book: https://fdsd.me/book My newsletter: https://fdsd.me/newsletter Support the mission: https://fdsd.me/support Give the gift of privacy and security: https://fdsd.me/coupons Get your Firewalls Don’t Stop Dragons Merch! https://fdsd.me/merch Table of Contents 0:00:00: Intro 0:05:09: What does “artifical intelligence” really mean? 0:13:21: Should STEM degrees require ethics training? 0:17:20: Does anthropomorphising AI undermine our discourse? 0:22:35: What is the TESCREAL view of AI? 0:28:09: Can we infuse AI tools with human morality? 0:34:31: What are the dangers of training AI on copyrighted works? 0:42:16: What happens when AI starts ingesting it’s own output? 0:44:27: Can we make AI systems that are truly private? 0:48:08: How should we assign liability for AI harms? 0:51:06: Is AI eroding our ability to trust anything? 0:54:06: What happens when AI obviates the need to work at all? 1:00:00: How do we maximize the benefits and minimize the harms of AI? 1:03:20: Interview wrap-up 1:06:06: Patron podcast preview 1:07:08: Looking ahead…

Firewalls Don't Stop Dragons Podcast

1
Find Old Accounts (Part 1) 1:03:24

منذ 10 أيام1:03:24

1:03:24

The next step in reducing our digital footprint is to identify all of our online accounts, including the long forgotten and unused ones. The easiest place to start is by using the tool we should already have: our password manager. By its very nature, it contains a list of all our accounts. You may have used your browser to remember your passwords, or you may have some other method… but it’s time to move to a real password manager. In other news: update your Android devices ASAP; Android malware spreading via Facebook ads; Google to make it harder to sideload Android apps; dashcam company cloud storage hacked; Anthropic to train model based on your chats; OpenAI sharing some GPT chats with law enforcement; ChatGPT getting parental controls after teen suicide; Microsoft Word will auto-save to OneDrive; Chrome VPN extension caught taking screenshots of sites you visit; US tells BigTech not to comply with DSA; and Flock pauses work with federal agencies. Article Links This Android Malware Is Spreading Through Facebook Ads https://lifehacker.com/tech/this-android-malware-is-spreading-using-meta-ads Android Is Making It More Difficult to Sideload Apps https://lifehacker.com/tech/android-is-making-it-more-difficult-to-sideload-apps This Company Turns Dashcams into ‘Virtual CCTV Cameras.’ Then Hackers Got In https://www.404media.co/this-company-turns-dashcams-into-virtual-cctv-cameras-then-hackers-got-in/ Anthropic will start training its AI models on chat transcripts https://www.theverge.com/anthropic/767507/anthropic-user-data-consumers-ai-models-training-privacy People Are Furious That OpenAI Is Reporting ChatGPT Conversations to Law Enforcement https://futurism.com/people-furious-openai-reporting-police OpenAI announces parental controls for ChatGPT after teen suicide lawsuit https://arstechnica.com/ai/2025/09/openai-announces-parental-controls-for-chatgpt-after-teen-suicide-lawsuit/ Microsoft Word now autosaves to OneDrive. Is your data safe? https://proton.me/blog/microsoft-word-autosave-onedrive-default Chrome VPN Extension With 100k Installs Screenshots All Sites Users Visit https://cyberinsider.com/chrome-vpn-extension-with-100k-installs-screenshots-all-sites-users-visit/ Big Tech Companies in the US Have Been Told Not to Apply the Digital Services Act https://www.wired.com/story/big-tech-companies-in-the-us-have-been-told-not-to-apply-the-digital-services-act/ License-plate reader company pauses work with federal agencies after backlash https://therecord.media/flock-license-plate-reader-pauses-federal-work Tip of the Week: https://firewallsdontstopdragons.com/find-old-accounts-part-1/ Further Info Nexar CityStream live: https://livefeed.getnexar.com My book: https://fdsd.me/book My newsletter: https://fdsd.me/newsletter Become a patron! https://fdsd.me/patron/ Give the gift of privacy and security: https://fdsd.me/coupons Get your Firewalls Don’t Stop Dragons Merch! https://fdsd.me/merch Table of Contents 0:00:00: Intro 0:01:10: Update your Android devices 0:01:41: News preview 0:03:38: Android malware spread via Facebook ads 0:06:49: Android is making it harder to sideload apps 0:12:16: “Virtual CCTV” dashcam company is hacked 0:18:01: Anthropic to train AI based on your chats 0:22:33: OpenAI sharing some GPT chats with law enforcement 0:26:46: OpenAI accounces parental controls after teen suicide 0:33:41: Microsoft Word now autosaves to OneDrive 0:40:36: Chrome VPN extension screenshots sites you visit 0:45:18: US tells BigTech not to comply with DSA 0:51:08: Flock pauses work with federal agencies 0:53:38: Tip of the Week 1:01:22: Patron podcast preview 1:01:55: Looking ahead…

Firewalls Don't Stop Dragons Podcast

1
Meet Rayhunter 1:06:16

منذ 17 يومًا1:06:16

1:06:16

We take our cell phones with us everywhere – which makes them the perfect tracking device. Just walking around with your device will give your location away in multiple ways. But even if you had no apps on your phone, the cellular chips in our devices will constantly be interacting with every cell tower that’s in range, negotiating the best tower to talk to, whether to use 5G or something else, and authenticating to the network – even in Airplane Mode. Cell site simulators (aka Stingrays or IMSI catchers) can be used to trick your phone into give away your location. The Electronic Frontier Foundation (EFF) has developed a cheap, easy-to-setup device that can try to discover and report these devices. Today I interview an expert panel about the clever Rayhunter project: Cooper Quintin, The Gibson, and OopsBagel. Interview Notes Rayhunter announcement: https://www.eff.org/deeplinks/2025/03/meet-rayhunter-new-open-source-tool-eff-detect-cellular-spying EFF’s Rayhunter project: https://efforg.github.io/rayhunter/ Submitting logs to EFF: https://efforg.github.io/rayhunter/support-feedback-community.html DEF CON talk on Rayhunter: https://spectra.video/w/jt9rZHCU51Rh58cBD8oiP3 Buy yourself an Orbic hotspot: https://www.ebay.com/sch/i.html?_nkw=orbic+rc400l Gotta Catch ‘Em All: https://www.eff.org/wp/gotta-catch-em-all-understanding-how-imsi-catchers-exploit-cell-networks iPhone/Android fake cell site protections: https://www.eff.org/deeplinks/2023/09/apple-and-google-are-introducing-new-ways-defeat-cell-site-simulators-it-enough Meshtastic: https://meshtastic.org/docs/getting-started/ Veilid: https://veilid.com/ Further Info My book: https://fdsd.me/book My newsletter: https://fdsd.me/newsletter Support the mission: https://fdsd.me/support Give the gift of privacy and security: https://fdsd.me/coupons Table of Contents 0:00:00: Intro 0:02:26: Interview setup 0:06:18: How did you become in involved with Rayhunter? 0:12:08: What is a cell site simulator? 0:14:01: What does a CSS look like and how are they deployed? 0:16:55: How is a CSS used for surveillance? 0:20:31: Can cell site simulaters work with modern protocols like 5G? 0:24:09: What information can you sniff from the cellular network? 0:27:41: Is there any transparency around the use of CSS’s? 0:30:02: How did Rayhunter evolve from previous work? 0:35:00: How do I make a Rayhunter device? 0:41:45: I’ve create a Rayhunter… now what? 0:46:10: How can I protect myself against CSS surveillance? 0:49:38: Does Airplane Mode really disable your cellular radio? 0:52:22: How else might I defeat mass surveillance tech? 0:54:46: What’s next for everyone? 1:00:53: Interview wrap-up 1:03:36: Meshtastic 1:04:49: Patron podcast preview 1:05:26: Looking ahead…

Firewalls Don't Stop Dragons Podcast

1
Going on a Data Diet 1:05:42

منذ 24 يومًا1:05:42

1:05:42

The world wide web, as we know it today, has been around for over 30 years. In that time, most of us have created many dozens, perhaps hundreds, of online accounts. How many of those accounts are still alive somewhere? What data do they hold? And how good are the passwords you used? Today we’re going to start on the path to finding all those accounts which could drastically improve our privacy and security. In the news: millions of Dell laptops have critical security flaws you need to patch now; Facebook may be secretly scanning your phone’s images; National Public Data is back and you should delete your data; data brokers are flouting privacy laws; Ionic 5 owners in the UK will have to pay for a security fix; Flipper Zero devices are being (wrongly) blamed for auto thefts; the US Supreme Court allows Mississippi social media law to go into effect; data brokers are hiding their opt-out pages; app TeaOnHer exposed users’ data; UK backs down from Apple backdoor demand; and now is the time for EU residents to speak out against Chat Control. Article Links Millions of Dell laptops hit by ‘critical’ security vulnerability https://www.pcworld.com/article/2870014/millions-of-dell-laptops-hit-by-critical-security-vulnerability.html Meta might be secretly scanning your phone’s camera roll – how to check and turn it off https://www.zdnet.com/article/meta-might-be-secretly-scanning-your-phones-camera-roll-how-to-check-and-turn-it-off/ You Should Remove Your Info From the Rebooted National Public Data Site https://lifehacker.com/tech/remove-your-info-from-rebooted-national-public-data-site Data Brokers Are Ignoring Privacy Law. We Deserve Better. https://www.eff.org/deeplinks/2025/08/data-brokers-are-ignoring-privacy-law-we-deserve-better Hyundai wants Ioniq 5 owners to pay to fix a keyless entry security hole https://www.theverge.com/news/757205/hyundai-ioniq-5-security-upgrade-fix-game-boy-device-attacks Can Flipper Zero really steal your car? (Spoiler: NO) https://blog.flipper.net/can-flipper-zero-steal-your-car/ Supreme Court allows Mississippi social media law to go into effect https://www.npr.org/2025/08/14/nx-s1-5482925/scotus-netchoice Data Brokers Are Hiding Their Opt-Out Pages From Google Search https://www.wired.com/story/data-brokers-hiding-opt-out-pages-google-search/ How we found TeaOnHer spilling users’ driver’s licenses in less than 10 minutes | TechCrunch https://techcrunch.com/2025/08/13/how-we-found-teaonher-spilling-users-drivers-licenses-in-less-than-10-minutes/ UK blinks, backs down from its Apple backdoor encryption demand https://appleinsider.com/articles/25/08/19/uk-blinks-backs-down-from-its-apple-backdoor-encryption-demand Worried about Chat Control? This website can help you get your say https://www.techradar.com/computing/cyber-security/worried-about-chat-control-this-website-can-help-you-get-your-say Tip of the Week: Data Diet Introduction: https://firewallsdontstopdragons.com/data-diet-introduction/ Further Info Cory Doctorow on age verification: https://pluralistic.net/2025/08/14/bellovin/#wont-someone-think-of-the-cryptographers Fight EU’s Chat Control: https://fightchatcontrol.eu/ My book: https://fdsd.me/book My newsletter: https://fdsd.me/newsletter Support our mission! https://fdsd.me/support Give the gift of privacy and security: https://fdsd.me/coupons Get your Firewalls Don’t Stop Dragons Merch! https://fdsd.me/merch Table of Contents 0:00:00: Intro 0:01:37: News preview 0:05:00: Millions of Dell laptops hit by ‘critical’ security vulnerability 0:06:44: Meta might be secretly scanning your phone’s camera roll 0:12:00: You Should Remove Your Info From National Public Data 0:15:39: Data Brokers Are Ignoring Privacy Law 0:19:06: Hyundai wants Ioniq 5 owners to pay for security fix 0:22:43: Can Flipper Zero really steal your car? (No.) 0:30:38: Supreme Court allows Mississippi social media law to go into effect 0:34:35: Data Brokers Are Hiding Their Opt-Out Pages 0:43:35: We found TeaOnHer spilling users’ info in less than 10 minutes 0:49:17: UK backs down from its Apple backdoor demand 0:53:38: Having your say about Chat Control 0:58:41: Tip of the Week: Data Diet, Intro 1:02:52: Merlin’s Musings preview 1:04:21: Looking ahead…

Firewalls Don't Stop Dragons Podcast

1
I’m Just a (Privacy) Bill 1:11:43

منذ 4 weeks1:11:43

1:11:43

Why don’t we have meaningful privacy laws in the US? While we haven’t been able to pass federal privacy legislation, many states have managed to pass laws protecting our data and establishing some basic privacy rights. Vermont House Representative Monique Priestley led a Herculean effort to pass privacy legislation in her state last year. While managing to get a solid bill through the House and Senate, the bill was ultimately vetoed by the governor and the Senate failed to override it. But along the way, Monique learned valuable lessons about dealing with Big Tech lobbyists. Today we’ll follow the journey of the Vermont Data Privacy Act of 2024 and what lessons we should learn for future attempts at privacy legislation. Interview Notes Monique Priestley: https://mepriestley.com/ Vermont State Representative site: https://priestleyvt.com/ Vermont Committee Zoom call: https://www.youtube.com/watch?v=RfvAteuwRCA Age Appropriate Design Code: https://epic.org/epic-applauds-passage-of-vermont-age-appropriate-design-code/ Big Tech Tried to Kill My State’s Privacy Bill. Here’s What I Learned. https://www.techpolicy.press/big-tech-tried-to-kill-my-states-privacy-bill-heres-what-i-learned/ The man quietly rewriting American privacy law https://www.politico.com/news/2024/09/17/andrew-kingman-data-privacy-lobbying-00179630 Further Info My book: https://fdsd.me/book My newsletter: https://fdsd.me/newsletter Support the mission: https://fdsd.me/support Give the gift of privacy and security: https://fdsd.me/coupons Get your Firewalls Don’t Stop Dragons Merch! https://fdsd.me/merch Table of Contents 0:00:00: Intro 0:01:36: Interview setup 0:05:45: How did you get into privacy politics? 0:08:44: Who drafts the initial bill? 0:12:25: How are initial bills modified during this process? 0:17:08: When and how do lobbyists get involved? 0:22:34: Are lobbyists transparent about who they represent? 0:30:42: What are the most controversial elements of a privacy bill? 0:34:16: How are privacy laws limited by scope? 0:39:11: Why is the privacy right of action so important? 0:43:37: How do lobbyists kill privacy bills? 0:49:05: Do legislators collaborate across states? 0:55:19: How did the Vermont privacy bill get killed? 0:57:55: What are your key takeaways from this experience? 1:02:12: What’s the current status of privacy legislation? 1:04:57: How can we help? 1:06:57: Wrap-up 1:09:38: Patron podcast preview 1:10:18: Looking ahead…

Firewalls Don't Stop Dragons Podcast

1
Hacker Summer Camp 2025 58:21

منذ 5 weeks58:21

58:21

It’s early August, which means it’s time for BSides Las Vegas and DEF CON, part of the trio of conferences that make up “hacker summer camp” (the other being Black Hat, which I don’t attend). It’s been a crazy, chaotic week – as usual – but in almost completely good ways. After the regular news, I’ve got some mini interviews with Jake Braun (DEF CON Franklin), Stacey Higginbotham (Consumer Reports), Cooper Quitin (EFF) and The Gibson (Veilid and hackers.town). In other news: Tea app users file a class action lawsuit over massive breach; ChatGPT sessions may be searchable by anyone; US government launches initiative to centralize health data for use by tech companies; Australia rolls out age verification for search engines; Grok AI is now in Teslas; China-backed hackers exploit horrific Microsoft bug; Dropbox ends its password manager service. Article Links Tea User Files Class Action After Women’s Safety App Exposes Data https://www.404media.co/tea-user-files-class-action-after-womens-safety-app-exposes-data/ ChatGPT users shocked to learn their chats were in Google search results https://arstechnica.com/tech-policy/2025/08/chatgpt-users-shocked-to-learn-their-chats-were-in-google-search-results/ Trump administration is launching a new private health tracking system with Big Tech’s help https://apnews.com/article/trump-ai-rfk-jr-health-tech-fa73703bd1fd557c787ef0b590e151f1 Australia is quietly rolling out age checks for search engines like Google https://www.abc.net.au/news/2025-07-11/age-verification-search-engines/105516256 Grok is now in Tesla cars, but not in the way you think https://mashable.com/article/grok-tesla China-backed hackers used Microsoft flaw in attacks https://www.washingtonpost.com/technology/2025/07/21/china-hackers-microsoft-sharepoint/ Users left scrambling for a plan B as Dropbox drops Dropbox Passwords https://www.theregister.com/2025/07/30/dropbox_drops_dropbox_passwords/ Tip of the Week: https://firewallsdontstopdragons.com/how-to-backup-cloud-data/ Further Info Top hacker interviews: https://fdsd.me/hackers DEF CON Franklin: https://defconfranklin.com/ EFF: https://www.eff.org/ Veilid: https://veilid.com/ Consumer Reports: https://securityplanner.consumerreports.org/ My book: https://fdsd.me/book My newsletter: https://fdsd.me/newsletter Support our mission! https://fdsd.me/support Give the gift of privacy and security: https://fdsd.me/coupons Get your Firewalls Don’t Stop Dragons Merch! https://fdsd.me/merch Table of Contents 0:00:00: Intro 0:02:24: News preview 0:03:31: Tea User Files Class Action Lawsuit 0:06:24: ChatGPT users shocked to learn their chats were in Google search results 0:11:11: Trump administration is launching a new private health tracking system 0:17:52: Australia is quietly rolling out age checks for search engines 0:22:56: Grok is now in Tesla cars, but not in the way you think 0:25:29: China-backed hackers used Microsoft flaw in attacks 0:29:50: Dropbox drops Dropbox Passwords 0:32:20: Tip of the Week 0:36:27: Hacker Summer Camp Extras! 0:42:53: SNIPPET: Stacey Higginbotham 0:47:03: SNIPPET: Jack Braun 0:50:18: SNIPPET: Cooper Quintin and Gibson 0:55:04: Wrapup…

Firewalls Don't Stop Dragons Podcast

1
Tariffs vs IP Law 1:02:14

منذ 6 weeks1:02:14

1:02:14

Cory Doctorow has garnered a lot of needed attention to the decline of modern online platforms, including Google Search, Facebook and Twitter. Much of this is a result of coining the now-viral term Enshittification. Today we’ll talk about how the internet was broken and who’s to blame. We’ll also discuss the lack of privacy laws and the threats of AI to tech workers and copyrighted works. Finally, we’ll discuss Cory’s novel proposal for how countries could respond to US tariffs by ripping up intellectual property agreements, changing the power dynamic of the Big Tech industry and hopefully benefiting consumers in the process. Interview Notes Cory’s blog (Pluralistic): https://pluralistic.net/ Canada shouldn’t retaliate with US tariffs: https://pluralistic.net/2025/01/15/beauty-eh/#its-the-only-war-the-yankees-lost-except-for-vietnam-and-also-the-alamo-and-the-bay-of-ham Who Broke the Internet? https://www.cbc.ca/listen/cbc-podcasts/1353-the-naked-emperor Enshittification book (coming Oct 2025): https://us.macmillan.com/books/9780374619329/enshittification/ Regex: https://en.wikipedia.org/wiki/Regular_expression Copyright and AI: https://www.technologyreview.com/2025/07/01/1119486/ai-copyright-meta-anthropic/ Further Info Humble Bundle: https://www.humblebundle.com/books/security-apress-books My book: https://fdsd.me/book My newsletter: https://fdsd.me/newsletter Support the mission: https://fdsd.me/support Give the gift of privacy and security: https://fdsd.me/coupons Get your Firewalls Don’t Stop Dragons Merch! https://fdsd.me/merch Table of Contents 0:00:00: Intro 0:02:07: Humble Bundle! 0:03:09: Interview preview 0:06:52: Has coining the term Enshittification helped to raise awareness? 0:11:08: Who broke the internet? 0:20:15: Will AI reduce tech workers’ power? 0:27:21: Why can we not get privacy laws? 0:35:21: How should countries respond to US tariffs? 0:39:57: Do DRM protections incentize creators? 0:44:37: What’s your take on the Anthropic AI copyright decision? 0:55:03: What’s next for you? 0:56:04: Interview wrap-up 0:57:27: Hacker summer camp 0:59:28: Patron podcast preview 1:00:24: Looking ahead…

Firewalls Don't Stop Dragons Podcast

1
Physical Phone Security 1:18:35

منذ 7 weeks1:18:35

1:18:35

We take our phones with us everywhere. And they contain, or have cloud access to, pretty much all of our personal information and online accounts. While phone makers have made it difficult for thieves to resell a stolen phone, anyone with physical access to your device may be able to extract its data or access all your accounts. Thankfully, Apple (iOS) and Google (Android) have recently introduced several features that can significantly increase your device’s physical security and privacy. We’ll discuss some of them today. In the news: VPN signups in UK spike after age verification law kicks in; Tea app data breach includes IDs; Amazon buys Bee AI wearable; your power meter is a surveillance tool; Amazon’s Ring returns to sharing video with police; startup sells hacked data to debt collectors; Gemini AI on Android to get third party app access; Brave blocks Windows Recall; UK backs down on Apple back door; Apple to make passkeys portable; two new AI chatbots that are truly open and private. Article Links Proton VPN Signups in UK Surge 1,400% After Online Safety Act Comes Into Force https://cyberinsider.com/proton-vpn-signups-in-uk-surge-1400-after-online-safety-act-comes-into-force/ I Knew the Viral ‘Tea’ App Was Trouble, but I Didn’t Expect a Data Breach https://lifehacker.com/tech/i-knew-the-viral-tea-app-was-trouble-but-i-didnt-expect-a-data-breach Amazon buys Bee AI wearable that listens to everything you say https://www.theverge.com/news/711621/amazon-bee-ai-wearable-acquisition When Your Power Meter Becomes a Tool of Mass Surveillance https://www.eff.org/deeplinks/2025/07/when-your-power-meter-becomes-tool-mass-surveillance Amazon’s Ring goes full founder mode, taking the company back to its crime-fighting roots https://www.businessinsider.com/amazon-ring-founder-mode-jamie-siminoff-crime-fighting-roots-2025-7 A Startup is Selling Data Hacked from Peoples’ Computers to Debt Collectors https://www.404media.co/a-startup-is-selling-data-hacked-from-peoples-computers-to-debt-collectors/ Unless users take action, Android will let Gemini access third-party apps https://arstechnica.com/security/2025/07/unless-users-take-action-android-will-let-gemini-access-third-party-apps/ Brave blocks Windows Recall from screenshotting your browsing activity https://www.bleepingcomputer.com/news/security/brave-blocks-windows-recall-from-screenshotting-your-browsing-activity/ UK backing down on Apple encryption backdoor after pressure from US https://arstechnica.com/tech-policy/2025/07/uk-backing-down-on-apple-encryption-backdoor-after-pressure-from-us/ Passkey portability is finally here in iOS 26 and macOS Tahoe 26 https://9to5mac.com/2025/07/12/passkey-portability-is-finally-here-in-ios-26-and-macos-tahoe-26/ Introducing Lumo, the AI where every conversation is confidential https://proton.me/blog/lumo-ai A language model built for the public good https://ethz.ch/en/news-and-events/eth-news/news/2025/07/a-language-model-built-for-the-public-good.html Tip of the Week: https://firewallsdontstopdragons.com/physical-phone-security/ Further Info Hacker Plants Computer ‘Wiping’ Commands in Amazon’s AI Coding Agent https://www.404media.co/hacker-plants-computer-wiping-commands-in-amazons-ai-coding-agent/ My book: https://fdsd.me/book My newsletter: https://fdsd.me/newsletter Support our mission! https://fdsd.me/support Give the gift of privacy and security: https://fdsd.me/coupons Get your Firewalls Don’t Stop Dragons Merch! https://fdsd.me/merch Table of Contents 0:00:00: Intro 0:00:47: DEF CON update 0:01:47: News preview 0:04:06: Proton VPN use surges in UK 0:08:13: Data breach at viral Tea app 0:19:36: Amazon buys Bee AI wearable 0:26:47: Using power meters for surveillance 0:30:48: Ring again sharing video with police 0:34:57: Startup selling hacked data to debt collectors 0:42:29: Android lets Gemini access 3rd party apps 0:48:31: Brave blocks Windows Recall 0:53:14: UK backs down on Apple back door 0:57:46: Apple to support passkey portability 1:01:41: Proton’s new AI: Lumo 1:07:20: A language model built for the public good 1:08:58: Tip of the Week 1:17:01: Looking ahead 1:17:55: Merlin’s Musing preview…

Firewalls Don't Stop Dragons Podcast

1
Passport, Lawyer, Locksmith 1:09:51

منذ 8 weeks1:09:51

1:09:51

We talk a lot about digital or online security. Today we’re going to focus on physical security and the general ethos of “be prepared”. There are many situations in life when you will find yourself wishing you had had the foresight to acquire certain things or establish certain professional relationships before you actually needed them. Deviant Ollam is a physical penetration specialist. His job is to find and fix weaknesses in physical things… buildings, locks, safes, etc. And along the way he has learned some important lessons for all of us. Today he will share his wisdom with us. Interview Notes Deviant’s website: https://deviating.net/ Lawyer,Passport, Locksmith, Gun talk: https://www.youtube.com/watch?v=6ihrGNGesfI Attacking Classified Safes & Vaults: https://www.youtube.com/watch?v=-Z_Jv7vuiqg Red Team Alliance: https://shop.redteamalliance.com/ Red Team Tools: https://www.redteamtools.com/ CackalackyCon: https://www.cackalackycon.org/ Shut the F**k Up PSA: https://www.youtube.com/watch?v=nWEpW6KOZDs Home lock – Schlage Primus: https://commercial.schlage.com/en/products/key-systems/primus-security-upgrade.html Padlock – Pacific Lock (PACLOCK): https://paclock.com/ Further Info My book: https://fdsd.me/book My newsletter: https://fdsd.me/newsletter Support the mission: https://fdsd.me/support Give the gift of privacy and security: https://fdsd.me/coupons Get your Firewalls Don’t Stop Dragons Merch! https://fdsd.me/merch Table of Contents 0:00:00: Intro 0:04:27: What is a physical entry specialist? 0:08:47: How would you describe the prepper ethos? 0:12:21: What are common mistakes for disaster prep? 0:15:52: What should everyone have a passport? 0:20:32: Why should everyone have an established lawyer? 0:28:55: What other professionals should I have at the ready? 0:34:09: What locks should I use or avoid? 0:40:39: Do any movies and TV shows portray lock picking correctly? 0:43:36: What is ‘responsible disclosure’ like for physical vulnerabilities? 0:47:44: Do you tell companies when you stumble on physical vulnerabilities? 0:51:41: What documents should we have physical copies of? 0:55:27: If I’m politically active, how can I minimize my digital footprint? 0:59:10: Why should we use secure, private communications? 1:02:34: What’s next for you? 1:06:05: Wrap-up 1:08:45: Patron podcast preview…

Firewalls Don't Stop Dragons Podcast

1
Freezing Your Mobile Account 1:04:02

منذ 9 weeks1:04:02

1:04:02

Your cell phone number uniquely identifies you. Many companies rely on this 1-to-1 relationship to authenticate you to their systems. So if someone were to somehow manage to steal your mobile phone number – a hack called SIM swapping – they could use that to impersonate you and compromise any of your accounts that are validated via SMS or phone call. There’s a new tool to combat this scam that’s better than the old-style account PIN codes. I’ll explain how it works. In the news: many Brother printers have serious cyber vulnerabilities; Belkin in abandoning Wemo smart devices next January; Xfinity’s WiFi routers can detect motion in your entire home; Bluesky is rolling out age verification in the UK; California is using drones to catch the use of illegal fireworks; McDonald’s AI hiring bot was hacked to expose millions of applicants’ data; Mexican drug cartel hacked FBI phone to catch informants; US strikes blow against North Korean fake worker scams; Denmark is looking to ditch Microsoft products. Article Links New Vulnerabilities Expose Millions of Brother Printers to Hacking https://www.securityweek.com/new-vulnerabilities-expose-millions-of-brother-printers-to-hacking/ Belkin pulls the plug on Wemo smart home products which will stop working in 2026 https://9to5google.com/2025/07/10/belkin-wemo-smart-home-shutdown-list/ Using WiFi Motion in the Xfinity app https://www.xfinity.com/support/articles/wifi-motion Bluesky is rolling out age verification in the UK https://www.theverge.com/news/704468/bluesky-age-verification-uk-online-safety-act Huge fines coming for Californians caught by drone with illegal fireworks https://www.sfgate.com/bayarea/article/california-drones-illegal-fireworks-20629637.php McDonald’s AI Hiring Bot Exposed Millions of Applicants’ Data https://www.wired.com/story/mcdonalds-ai-hiring-chat-bot-paradoxai/ Drug cartel hacked FBI official’s phone to track and kill informants https://arstechnica.com/security/2025/06/mexican-drug-cartel-hacked-fbi-officials-phone-to-track-informant-report-says/ Identities of More Than 80 Americans Stolen for North Korean IT Worker Scams https://www.wired.com/story/identities-of-80-plus-americans-stolen-for-north-korean-it-worker-scams/ Why Denmark is dumping Microsoft Office and Windows for LibreOffice and Linux https://www.zdnet.com/article/why-denmark-is-dumping-microsoft-office-and-windows-for-libreoffice-and-linux/ Tip of the Week: https://firewallsdontstopdragons.com/freezing-your-mobile-account/ Further Info Tom’s Hardware on WiFi Motion: https://www.tomshardware.com/networking/routers/new-xfinity-router-motion-detecting-feature-stokes-privacy-fears-feature-powered-by-wi-fi-signals RockYou password list: https://cybernews.com/security/rockyou2024-largest-password-compilation-leak/ LibreOffice: https://www.libreoffice.org/discover/libreoffice/ Eurostack: https://eurostack.eu/ Running Linux in a VM on Windows: https://itsfoss.com/install-linux-mint-in-virtualbox/ Age verification: https://www.privacyguides.org/articles/2025/05/06/age-verification-wants-your-face/ My book: https://fdsd.me/book My newsletter: https://fdsd.me/newsletter Support our mission! https://fdsd.me/support Give the gift of privacy and security: https://fdsd.me/coupons Get your Firewalls Don’t Stop Dragons Merch! https://fdsd.me/merch Table of Contents 0:00:00: Intro 0:00:17: DEF CON coming up fast 0:03:34: News preview 0:06:31: New Vulnerabilities Expose Millions of Brother Printers to Hacking 0:11:51: Belkin pulls the plug on Wemo smart home products 0:14:25: Using WiFi Motion in the Xfinity app 0:21:19: Bluesky is rolling out age verification in the UK 0:26:49: Huge fines coming for Californians caught by drone with illegal fireworks 0:29:36: McDonald’s AI Hiring Bot Exposed Millions of Applicants’ Data 0:35:31: Drug cartel hacked FBI official’s phone to track and kill informants 0:39:54: Identities of More Than 80 Americans Stolen for North Korean IT Worker Scams 0:48:33: Why Denmark is dumping Microsoft Office and Windows for LibreOffice and Linux 0:55:48: Tip of the Week 1:01:37: Merch reminder 1:02:12: Patron podcast preview 1:02:45: Looking ahead…

Firewalls Don't Stop Dragons Podcast

1
Defending Student Privacy 1:09:43

منذ 10 weeks1:09:43

1:09:43

Privacy risks are bad enough for adults - but it's much worse for our kids, particularly as students. Who provides notice and obtains consent for minors at school? In many cases it's not the parents, let alone the students - it's the school system. Not only are they opting the students into invasive data collection by profit-driven third parties, but they often also bind them to mandatory arbitration clauses, neutering their ability to seek legal redress for the inevitable violations. Today I'll discuss this horrid state of affairs with someone who is on the front lines of this battle for our children's right to privacy: co-founder of the EdTech Law Center, Andy Liddell. Interview Notes EdTech Law Center: https://edtech.law/about-us/ EdTech current cases: https://edtech.law/cases/ Internet Safety Labs: https://internetsafetylabs.org/ The Right to Oblivion (book): https://www.hup.harvard.edu/books/9780674260528 ACLU, Digital Dystopia: https://www.aclu.org/publications/digital-dystopia-the-danger-in-buying-what-the-edtech-surveillance-industry-is-selling The Markup, College Prep Software Naviance Is Selling Advertising Access to Millions of Students: https://themarkup.org/machine-learning/2022/01/13/college-prep-software-naviance-is-selling-advertising-access-to-millions-of-students Proton blog on EdTech and privacy: https://proton.me/blog/ed-tech-trackers Further Info My book: https://fdsd.me/book My newsletter: https://fdsd.me/newsletter Support the mission: https://fdsd.me/support Give the gift of privacy and security: https://fdsd.me/coupons Get your Firewalls Don’t Stop Dragons Merch! https://fdsd.me/merch Table of Contents 0:00:00: Intro 0:02:48: What's your mission at the EdTech Law Center? 0:05:20: What are the unique privacy threats for students? 0:09:46: What privacy laws are there for minors? 0:12:05: How are these laws enforced and litigated? 0:18:21: How does notice and consent work for students? 0:27:05: What rights do the kids have in these situations? 0:29:38: How are these EdTech companies? 0:31:40: Which apps and tools are most problematic and why? 0:37:20: Should minors's data be deleted when they reach adulthood? 0:40:15: Are school systems equipped to understand these contracts? 0:42:35: What about privacy issues with EdTech hardware? 0:45:50: What have we already learned via discovery or reporting? 0:50:01: As a parent, who do I talk to about my child's privacy risks at school? 0:54:16: What are some red flags to look out for? 0:57:10: What responsibilities do school systems have here? 1:00:57: So what can we do? When should we reach out to you? 1:05:02: Interview follow-up 1:06:26: Patron podcast preview 1:07:19: Looking ahead…

Firewalls Don't Stop Dragons Podcast

1
The In-App Switcheroo 1:12:28

منذ 11 weeks1:12:28

1:12:28

Do you realize that you're not always using your chosen mobile web browser or your network privacy features? Many mobile apps have their own in-app browser that can gather your data and even inject ads and trackers into any web links you click. I'll explain how this works and what you can do about it. In the news: 23andMe bankruptcy ombudsman argues for user consent to data; Meta AI app privacy nightmare; Amazon, Roku sharing users for ads; WhatsApp launches in-app ads; healthcare sites are sharing your data; ICE seeks powerful new surveillance tool; Austrian government wants your encrypted data; new US visa rules require social media posts; Scattered Spider targeting insurance info; VT governor signs child data privacy law; Flock blocks access to some US states; Microsoft offers 1-year security updates for Win10 users; new Android 16 security features; Denmark's answer to deepfakes; cleaner Google search results; ChatGPT user info reports. Article Links [therecord.media] 23andMe privacy ombudsman recommends company obtains consent for sale of customer data https://therecord.media/23andme-privacy-ombudsman-recommends-consent-sale [techcrunch.com] The Meta AI app is a privacy disaster https://techcrunch.com/2025/06/12/the-meta-ai-app-is-a-privacy-disaster/ [variety.com] Amazon, Roku Strike Deal to Pool Connected-TV Audiences for Advertisers https://variety.com/2025/tv/news/amazon-roku-pool-connected-tv-audiences-advertising-deal-1236432579/ [9to5mac.com] WhatsApp just launched ads for all users https://9to5mac.com/2025/06/16/whatsapp-just-launched-ads-for-all-users-here-are-the-details/ [The Markup] This Is How You Stop Data Trackers From Sucking up Your Health Data https://themarkup.org/the-breakdown/2025/06/17/this-is-how-you-stop-data-trackers-from-sucking-up-your-health-data [fedscoop.com] ICE seeks proprietary data and tech to monitor up to a million people https://fedscoop.com/ice-seeks-proprietary-data-and-tech-to-monitor-up-to-a-million-people/ [reuters.com] Austrian government agrees on plan to allow monitoring of secure messaging https://www.reuters.com/world/austrian-government-agrees-plan-allow-monitoring-secure-messaging-2025-06-18/ [The Hacker News] New U.S. Visa Rule Requires Applicants to Set Social Media Account Privacy to Public https://thehackernews.com/2025/06/new-us-visa-rule-requires-applicants-to.html [therecord.media] Scattered Spider hackers targeting insurance industry following retail hits, Google warns https://therecord.media/scattered-spider-targeting-insurance-sector-following-retail-attacks [epic.org] EPIC Applauds Vermont Governor Phil Scott for Signing Age-Appropriate Design Code into Law https://epic.org/epic-applauds-vermont-governor-phil-scott-for-signing-age-appropriate-design-code-into-law/ [404media.co] Flock Removes States From National Lookup Tool After ICE and Abortion Searches Revealed https://www.404media.co/flock-removes-states-from-national-lookup-tool-after-ice-and-abortion-searches-revealed/ [techradar.com] Windows 10 users who don’t want to upgrade to Windows 11 get new lifeline from Microsoft https://www.techradar.com/computing/windows/windows-10-users-who-dont-want-to-upgrade-to-windows-11-get-new-lifeline-from-microsoft [androidauthority.com] Android 16 introduces Advanced Protection mode to fortify your phone against threats https://www.androidauthority.com/android-16-advanced-protection-mode-2-3566064/ [theguardian.com] Denmark to tackle deepfakes by giving people copyright to their own features https://www.theguardian.com/technology/2025/jun/27/deepfakes-denmark-copyright-law-artificial-intelligence [tedium.co] Does One Line Fix Google? https://tedium.co/2024/05/17/google-web-search-make-default/ [schneier.com] What LLMs Know About Their Users https://www.schneier.com/blog/archives/2025/06/what-llms-know-about-their-users.html Tip of the Week: https://firewallsdontstopdragons.com/the-in-app-switcheroo/…

Firewalls Don't Stop Dragons Podcast

1
ShmooCon: Moose You Already 1:11:09

منذ 12 weeks1:11:09

1:11:09

On January 12th, 2025, the ShmooCon hacker conference held it's 20th and final gathering. I was lucky enough to be able to not only attend the final show but also to interview the founders, Heidi and Bruce Potter. We talk about how it all got started, what made this hacker con so special and beloved, and hear some hilarious stories from the past twenty years of hacker shenanigans in Washington D.C. Interview Notes ShmooCon: https://www.shmoocon.org/ ShmooCon 2025 sessions: https://www.youtube.com/playlist?list=PLnKSfJ5rXw95HSPVl5L7dqhKpVAx3q_j0 Turngate: https://www.turngate.io/ HOPE conference: https://www.hope.net/ BSides: https://bsides.org/ Cackalackycon: https://cackalackycon.org/ Thotcon: https://www.thotcon.org/ SummerCon: https://www.summercon.org/ PancakesCon: https://pancakescon.com/ Further Info My book: https://fdsd.me/book My newsletter: https://fdsd.me/newsletter Support the mission: https://fdsd.me/support Give the gift of privacy and security: https://fdsd.me/coupons Recommend news stories: send to news [at] firewallsdontstopdragons.com Send me your questions! https://fdsd.me/qna Get your Firewalls Don’t Stop Dragons Merch! https://fdsd.me/merch Table of Contents 0:00:00: Intro 0:03:43: How and why did you start ShmooCon? 0:11:05: Why are hacker conferences so different from regular trade shows? 0:17:19: Why limit attendence and how did this give rise to LobbyCon? 0:21:52: What makes a good con? What's your post-con recovery like? 0:27:26: Why did you decide to end the con? 0:29:54: How have other cons influenced ShmooCon? 0:33:16: Why is it important to be so transparent about your con? 0:37:38: What are your favorite ShmooCon stories? 0:44:54: What's it like running a conference as a married couple? 0:49:39: What are you most proud of with ShmooCon? 0:52:13: Was there anything you wish you had done but didn't? 0:56:07: Did you ever consider handing ShmooCon off to someone else? 0:58:13: So what now? 1:00:58: What are some ShmooCon alternatives? 1:06:36: Wrap-up 1:08:07: Attend a hacker con! 1:09:35: Patron bonus preview 1:10:24: Looking ahead…

Firewalls Don't Stop Dragons Podcast

1
Rogue AI? 1:00:35

منذ 13 weeks1:00:35

1:00:35

Artificial Intelligence is taking over. But I don't mean that in a Skynet kinda way. It's simply becoming ubiquitous because companies are insisting on inserting the technology into all their products, even if it's not useful - or not even safe. Unfortunately, the breathless reporting on dangers of AI is also getting way out of hand, including stories of AI systems 'blackmailing' their designers. Today I'll try to bring us back to reality a bit. Also in the news: Billions of session login cookies up for grabs; Meta and Yandex cheat in order to track you around the web; Qualcomm fixes three zero-day bugs being actively exploited; Apple releases transparency report on push notification data requests; LAPD using Waymo for gathering video evidence; another massive AT&T user data leak includes SSNs; AI system appears to try to blackmail its owner; judge grants preliminary injunction on DOGE data grab; and we'll check in on your 2025 New Year's Resolutions! Article Links [theregister.com] Billions of cookies up for grabs as experts warn over session security https://www.theregister.com/2025/05/29/billions_of_cookies_available/ [arstechnica.com] Meta and Yandex are de-anonymizing Android users’ web browsing identifiers https://arstechnica.com/security/2025/06/meta-and-yandex-are-de-anonymizing-android-users-web-browsing-identifiers/ More info: https://www.zeropartydata.es/p/localhost-tracking-explained-it-could [techcrunch.com] Phone chipmaker Qualcomm fixes three zero-days exploited by hackers https://techcrunch.com/2025/06/03/phone-chipmaker-qualcomm-fixes-three-zero-days-exploited-by-hackers/ [404media.co] Apple Gave Governments Data on Thousands of Push Notifications https://www.404media.co/apple-gave-governments-data-on-thousands-of-push-notifications/ [404media.co] LAPD Publishes Crime Footage It Got From a Waymo Driverless Car https://www.404media.co/lapd-publishes-crime-footage-it-got-from-a-waymo-driverless-car/ [cyberinsider.com] AT&T Investigating New Leak of 86 Million Customer Records with Decrypted SSNs https://cyberinsider.com/att-investigating-new-leak-of-86-million-customer-records-with-decrypted-ssns/ [bbc.com] AI system resorts to blackmail if told it will be removed https://www.bbc.com/news/articles/cpqeng9d20go [eff.org] Privacy Victory! Judge Grants Preliminary Injunction in OPM/DOGE Lawsuit https://www.eff.org/press/releases/privacy-victory-judge-grants-preliminary-injunction-opmdoge-lawsuit Tip of the Week: https://firewallsdontstopdragons.com/2025-resolutions-check-in/ Further Info 2025 New Year’s Resolutions: https://firewallsdontstopdragons.com/new-years-resolutions-2025/ Privacy Guides: https://www.privacyguides.org/articles/ EFF’s Rayhunter project: https://www.eff.org/deeplinks/2025/03/meet-rayhunter-new-open-source-tool-eff-detect-cellular-spying My book: https://fdsd.me/book My newsletter: https://fdsd.me/newsletter Support our mission! https://fdsd.me/support Give the gift of privacy and security: https://fdsd.me/coupons Send me your questions! https://fdsd.me/qna Get your Firewalls Don’t Stop Dragons Merch! https://fdsd.me/merch Table of Contents 0:00:00: Intro 0:00:50: A note on protest privacy 0:04:32: News preview 0:06:43: Billions of cookies up for grabs as experts warn over session security 0:18:27: Meta and Yandex are de-anonymizing Android users’ web browsing identifiers 0:25:59: Phone chipmaker Qualcomm fixes three zero-days exploited by hackers 0:27:51: Apple Gave Governments Data on Thousands of Push Notifications 0:33:25: LAPD Publishes Crime Footage It Got From a Waymo Driverless Car 0:37:39: AT&T Investigating New Leak of 86 Million Customer Records with Decrypted SSNs 0:41:51: AI system resorts to blackmail if told it will be removed 0:51:40: Privacy Victory! Judge Grants Preliminary Injunction in OPM/DOGE Lawsuit 0:56:04: Tip of the Week 0:58:13: Wrapup…

Firewalls Don't Stop Dragons Podcast

1
Dialog with the Data Diva 1:02:36

منذ 14 weeks1:02:36

1:02:36

Debbie Reynolds (aka, The Data Diva) has been working in the privacy realm for many years, as a privacy consultant, speaker, advisor and podcaster. She and I have been running in the same circles on LinkedIn for a while now, and we finally decided it was time to be a guest on each other's shows. Today Debbie and I will discuss the dangers of privacy in the realm of IoT devices (including her contributions on the US Department of Commerce's IoT Advisory Board), vehicles, and AI. I'll ask about her experiences advising corporations on privacy issues with emerging technologies and how she advocates for less data gathering and more transparency. Interview Notes Debbie Reynolds consulting: https://www.debbiereynoldsconsulting.com/ Data Diva podcast: https://www.debbiereynoldsconsulting.com/podcast My interview on Debbie’s podcast: https://www.debbiereynoldsconsulting.com/podcast/e228-carey-parker The Right to Privacy book (1995): https://www.amazon.com/Right-Privacy-Caroline-Kennedy/dp/0679419861 IoT Advisory Board report: https://www.debbiereynoldsconsulting.com/iot-advisory-board Shodan search: https://www.shodan.io/ Further Info My book: https://fdsd.me/book My newsletter: https://fdsd.me/newsletter Support the mission: https://fdsd.me/support Give the gift of privacy and security: https://fdsd.me/coupons Send me your questions! https://fdsd.me/qna Get your Firewalls Don’t Stop Dragons Merch! https://fdsd.me/merch Table of Contents 0:00:00: Intro 0:01:27: During your privacy career, how have privacy changed? 0:05:59: How do you define privacy? 0:08:51: What were your contributions on the IoT Advisory Board? 0:12:54: Who was the primary audience for that report? 0:15:49: Which IoT devices have the worst privacy? 0:19:33: How bad are modern cars in terms of privacy? 0:29:50: How does AI threaten our privacy today? 0:33:30: How can we mitigate AI privacy risks? 0:40:11: How can we convince companies to truly embrace user privacy? 0:45:36: What are some of the biggest privacy mistakes companies make? 0:49:34: Why can't we have a global tracking opt-out signal? 0:53:52: What can we learn from the EU's GDPR? 0:58:35: So what can we do to improve our privacy? 1:00:50: Patron preview 1:01:21: Looking ahead…

Firewalls Don't Stop Dragons Podcast

1
Life in the Panopticon 1:26:01

منذ 15 weeks1:26:01

1:26:01

Tracking our faces and whereabouts is getting out of control. It's a mass surveillance infrastructure that keeps growing in Borg-like fashion. Facial recognition and license plate readers are proliferating at a stupefying pace and companies like Flock are consolidating the collected data and packaging it up for sale to law enforcement agencies. Even if no human in these agencies were to abuse this data, it's creating an irresistible target for scheming hackers and nation states keen on espionage. The longer we let this go, the harder it will be to stop. In today's news: Asus routers are being hacked and you need to take action; 23andMe has been sold, along with its users' genetic data; AI-generated videos have just become way more realistic; US government taps surveillance company to centralize all its citizen data; CFPB regulation limiting data brokers is axed; Kroger is packaging and selling its customer loyalty data; automated license plate reader data use is expanding in scary ways; Android phones gain key new security feature; EU court rules that real-time bidding data gathering is illegal; Montana is first state to plug data broker loophole; and I relate my recent privacy experience at the US border. Article Links [LifeHacker.com] If You Have an Asus Router, You Need to Check If It's Been Hacked https://lifehacker.com/tech/asus-routers-hacked [404media.co] 23andMe Sale Shows Your Genetic Data Is Worth $17 https://www.404media.co/23andme-sale-shows-your-genetic-data-is-worth-17/ [lifehacker.com] You Are Not Prepared for This Terrifying New Wave of AI-Generated Videos https://lifehacker.com/tech/you-are-not-prepared-for-this-new-wave-of-ai-generated-videos [nytimes.com] Trump Taps Palantir to Compile Data on Americans https://www.nytimes.com/2025/05/30/technology/trump-palantir-data-americans.html [techcrunch.com] White House scraps plan to block data brokers from selling Americans’ sensitive data https://techcrunch.com/2025/05/14/white-house-scraps-plan-to-block-data-brokers-from-selling-americans-sensitive-data/ [therecord.media] Consumer Reports: Kroger using loyalty program to package, sell customer data https://therecord.media/kroger-using-loyalty-program-to-sell-customer-data [404media.co] A Texas Cop Searched License Plate Cameras Nationwide for a Woman Who Got an Abortion https://www.404media.co/a-texas-cop-searched-license-plate-cameras-nationwide-for-a-woman-who-got-an-abortion/ [404media.co] License Plate Reader Company Flock Is Building a Massive People Lookup Tool, Leak Shows https://www.404media.co/license-plate-reader-company-flock-is-building-a-massive-people-lookup-tool-leak-shows/ [arstechnica.com] Android phones will soon reboot themselves after sitting unused for 3 days https://arstechnica.com/gadgets/2025/04/android-phones-will-soon-reboot-themselves-after-sitting-unused-for-3-days/ [signal.org] By Default, Signal Doesn't Recall https://signal.org/blog/signal-doesnt-recall/ [therecord.media] EU court rules that tracking-based online ads are illegal https://therecord.media/eu-court-rules-tracking-based-ads-illegal [eff.org] Montana Becomes First State to Close the Law Enforcement Data Broker Loophole https://www.eff.org/deeplinks/2025/05/montana-becomes-first-state-close-law-enforcement-data-broker-loophole Tip of the Week: https://firewallsdontstopdragons.com/border-insecurity-update/ The Atlantic: How to Disappear https://www.theatlantic.com/ideas/archive/2025/05/extreme-personal-data-privacy-protection/682867/ BADBOOL data removal service list: https://docs.google.com/spreadsheets/d/115L6LpQg_UX638IyUfdwGhRS7dIU3lKwz6fjAcDtE-0/edit?gid=0#gid=0 Further Info My book: https://fdsd.me/book My newsletter: https://fdsd.me/newsletter Support our mission! https://fdsd.me/support Give the gift of privacy and security: https://fdsd.me/coupons Recommend news stories: send to news [at] firewallsdontstopdragons.com…

Firewalls Don't Stop Dragons Podcast

1
Dividing Trust 1:10:19

منذ 16 weeks1:10:19

1:10:19

VPNs were not invented for privacy, despite the name - they were invented for security. Nevertheless, in recent years, they have been touted as privacy tools to thwart rampant and fanatical data gathering. With a regular VPN, this really just means you're shifting your trust from your internet service provider to your VPN provider. But what if your encrypted data traffic was actually divided between two separate companies? The split trust model is a powerful way to protect your privacy and it's the key technology behind new services like Apple's Private Relay and Obscura VPN. Today we'll discuss the benefits of this approach with Obscura's founder, Carl Dong. Interview Notes Obscura VPN: https://obscura.net/ Wireguard: https://en.wikipedia.org/wiki/WireGuard Obscura Wireguard configuration tool: https://obscura.net/#faq-wireguard-config QUIC explainer video: https://www.youtube.com/watch?v=HnDsMehSSY4 Masque: https://datatracker.ietf.org/wg/masque/about/ Privacy Pass: https://privacypass.github.io/ Anubis: https://anubis.techaro.lol/docs/design/how-anubis-works/ How Onion Routing Works: https://firewallsdontstopdragons.com/how-onion-routing-works/ Further Info My book: https://fdsd.me/book My newsletter: https://fdsd.me/newsletter Support the mission: https://fdsd.me/support Give the gift of privacy and security: https://fdsd.me/coupons Recommend news stories: send to news [at] firewallsdontstopdragons.com Send me your questions! https://fdsd.me/qna Get your Firewalls Don’t Stop Dragons Merch! https://fdsd.me/merch Table of Contents 0:00:00: Intro 0:01:16: Interview setup 0:04:46: Lingo definitions 0:09:48: Why do we need yet another VPN? 0:15:00: How does Obscura differ from Apple Private Relay and Tor? 0:21:59: How little info can you give to set up an Obscura account? 0:25:33: What is the Bitcoin Lightning Network? 0:27:30: How can we know how much logging a VPN provider is doing? 0:35:04: Does Obscura have the same quirks as regular VPNs? 0:42:10: How vulnerable are you to being taken down by governments? 0:46:11: What are the core technologies in Obscura? 0:50:49: What do you think about Safing's IP-per-connection idea? 0:54:00: Are you planning to expand your partner VPNs? 0:56:41: How does Obscura handle the TunnelVision problem? 0:59:57: What is the roadmap for supporting other operating systems? 1:03:14: What's next for Obscura? 1:04:32: Interview wrap-up 1:09:19: Patron podcast preview 1:09:50: Looking ahead…

Firewalls Don't Stop Dragons Podcast

1
Slay Message Snoopers 45:24

منذ 17 weeks45:24

45:24

There are way too many messenger apps today. It's a sad state of affairs and I don't see it getting better anytime soon. But the real problem (for me) is that almost all of the popular messenger apps aren't really that secure and private. Most do not have end-to-end encryption (E2EE) at all or it's not turned on by default. And frankly even the apps with E2EE are run by companies whose revenue model is based on monetizing your personal data. I'm going to suggest you try Signal. In other news: study finds Canadian's health data being sold to drug makers; DOGE worker's computer has been hacked; airlines are selling your data to ICE; a massive proxy botnet has been shut down; Google pays $1.4B to Texas over unauthorized tracking and data collection; Denver decides to stop using license plate readers of privacy concerns; jury orders NSO Group to pay hundreds of millions of dollars for hacking WhatsApp users. Article Links [cbc.ca] Millions of Canadians' health data available for sale to pharmaceutical industry, study shows https://www.cbc.ca/news/health/health-data-records-pharmaceutical-private-clinics-1.7529955 [micahflee.com] DOGE bro Kyle Schutt's computer infected by malware, credentials found in stealer logs https://micahflee.com/doge-bro-kyle-schutts-computer-infected-by-malware-credentials-found-in-stealer-logs/ [jacobin.com] Airlines Are Selling Your Data to ICE https://jacobin.com/2025/05/airlines-data-ice-trump-immigration/ [The Hacker News] BREAKING: 7,000-Device Proxy Botnet Using IoT, EoL Systems Dismantled in U.S. - Dutch Operation https://thehackernews.com/2025/05/breaking-7000-device-proxy-botnet-using.html [The Hacker News] Google Pays $1.375 Billion to Texas Over Unauthorized Tracking and Biometric Data Collection https://thehackernews.com/2025/05/google-pays-1375-billion-to-texas-over.html [9news.com] Denver will stop using license plate reader cameras amid privacy worries https://www.9news.com/article/news/local/local-politics/license-plate-reader-camera-data-security-concerns/73-9c570252-9d1c-4e5c-b042-c12392aa1081 [arstechnica.com] Jury orders NSO to pay $167 million for hacking WhatsApp users https://arstechnica.com/security/2025/05/jury-orders-nso-to-pay-167-million-for-hacking-whatsapp-users/ Tip of the Week: Slay Snoopers: https://firewallsdontstopdragons.com/dragon-hacks-slay-snoopers/ Further Info My book: https://fdsd.me/book My newsletter: https://fdsd.me/newsletter Support our mission! https://fdsd.me/support Give the gift of privacy and security: https://fdsd.me/coupons Recommend news stories: send to news [at] firewallsdontstopdragons.com Send me your questions! https://fdsd.me/qna Get your Firewalls Don’t Stop Dragons Merch! https://fdsd.me/merch Table of Contents 0:00:00: Intro 0:00:43: News preview 0:02:53: Millions of Canadians' health data available for sale to pharmaceutical industry 0:08:39: DOGE engineer's computer infected by malware 0:14:38: Airlines Are Selling Your Data to ICE 0:22:05: 7,000-Device Proxy Botnet Using IoT, EoL Systems Dismantled in US, Dutch Operation 0:28:04: Google Pays $1.375 Billion to Texas Over Unauthorized Tracking and Biometric Data Collection 0:30:21: Denver will stop using license plate reader cameras amid privacy worries 0:34:54: Jury orders NSO to pay $167 million for hacking WhatsApp users 0:39:17: Tip of the Week: Slay Snoopers 0:44:31: Wrap-up…

Firewalls Don't Stop Dragons Podcast

1
Shelter from the Storm 1:16:42

منذ 18 weeks1:16:42

1:16:42

Almost exactly two years ago, "Five Eyes" intelligence agencies discovered a successful and ongoing cyber attack on critical US infrastructure by a state-sponsored actor based in China. This group, associated with the People's Liberation Army and known as Volt Typhoon, was tasked with quietly gaining persistent remote access to critical systems including water, power, communications, and transportation systems, as well as ports and government networks. The goal was to deter the US from interfering with a future invasion of Taiwan by China, either by crippling the US infrastructure or threatening to. Despite dire warnings from the four top cyber officials in a Jan 2024 Congressional hearing, the US is still woefully unprepared for such attacks. Josh Corman is leading an effort labeled UnDisruptable27 to greatly improve the resilience of our critical systems before 2027, the year China seems to be targeting to make their move. Interview Notes UnDisruptable27: https://securityandtechnology.org/undisruptable27/ Critical Effect conference (DC): http://critical-effect.org/ Congressional hearing, CCP cyber threat to national security: https://selectcommitteeontheccp.house.gov/committee-activity/hearings/hearing-notice-ccp-cyber-threat-american-homeland-and-national-security Josh’s RSA talk (2024): https://www.youtube.com/watch?v=dhJvslRRlFc UnDisruptable27 video 1: https://www.youtube.com/watch?v=GnozKc3gFsM UnDisruptable27 video 2: https://www.youtube.com/watch?v=d8UsrMRvt14 Cyber Resilience Corps: https://cltc.berkeley.edu/program/cyber-resilience-corps/ Cyber Volunteer Resource Center: https://www.cisa.gov/audiences/high-risk-communities/cybervolunteerresourcecenter Further Info My book: https://fdsd.me/book My newsletter: https://fdsd.me/newsletter Support the mission: https://fdsd.me/support Give the gift of privacy and security: https://fdsd.me/coupons Recommend news stories: send to news [at] firewallsdontstopdragons.com Send me your questions! https://fdsd.me/qna Get your Firewalls Don’t Stop Dragons Merch! https://fdsd.me/merch Table of Contents 0:00:00: Intro 0:03:49: Lingo explanations 0:07:26: What is UnDisruptable27 and why did you start it? 0:16:47: How does this relate to China's intention to invade Taiwan? 0:22:00: What at the psychological impacts of this sort of attack? 0:25:31: How long might it take to recover from this sort of attacK? 0:33:12: If this threat is so dire, why aren't we scrambling to address it? 0:37:24: Do Russia, Iran and North Korea pose similar threats? 0:41:32: How can we surface single points of failure from secondary sources? 0:49:21: Can't we also do this to our adversaries? Is that a deterrence? 0:53:45: What should our government be doing about this? 0:58:39: How can we incentivze private companies to take action? 1:01:55: What can we do, at home and in our communities? 1:07:19: What's next for UnDisruptable27? 1:10:47: Some final thoughts 1:15:03: Patron bonus content 1:15:29: Looking ahead…

Firewalls Don't Stop Dragons Podcast

1
Disable Your MAID 1:06:23

منذ 19 weeks1:06:23

1:06:23

As we learned last week from Zach Edwards, our smartphones have a globally unique mobile ad ID, or MAID, that is automatically associated with everything we do on our phones... unless we take explicit steps to turn this off. Today I'll tell you how this works and why you should disable this insidious form of tracking. In other news: the FTC warns us about a new type of scam; dating app Raw exposed sensitive user data; a determined reporter documents his efforts to disable all the AI features in his Google phone; "juice jacking" is back with a tricky twist; Apple's AirPlay has a vulnerability whose fix may not reach all devices; Microsoft is pushing hard for passwordless accounts; Google Wallet allows you to verify your age without giving up personal info; and there's a new and troubling update to the Signalgate saga. Article Links [lifehacker.com] The FTC Is Warning Consumers About a Scam on Discounted Monthly Bills https://lifehacker.com/money/ftc-monthly-services-scam [techcrunch.com] Dating app Raw exposed users’ location data and personal information https://techcrunch.com/2025/05/02/dating-app-raw-exposed-users-location-data-personal-information/ [cnet.com] I Tried to Turn Off the AI on My Pixel 9. It Wasn't Easy https://www.cnet.com/tech/mobile/i-tried-to-turn-off-the-ai-on-my-pixel-9-it-wasnt-easy/ [arstechnica.com] iOS and Android juice jacking defenses have been trivial to bypass for years https://arstechnica.com/security/2025/04/ios-and-android-juice-jacking-defenses-have-been-trivial-to-bypass-for-years/ [wired.com] Millions of Apple Airplay-Enabled Devices Can Be Hacked via Wi-Fi https://www.wired.com/story/airborne-airplay-flaws/ [Bleeping Computer] Microsoft makes all new accounts passwordless by default https://www.bleepingcomputer.com/news/microsoft/microsoft-makes-all-new-accounts-passwordless-by-default/ [blog.google] It’s now easier to prove age and identity with Google Wallet https://blog.google/products/google-pay/google-wallet-age-identity-verifications/ [404media.co] Mike Waltz Accidentally Reveals Obscure App the Government Is Using to Archive Signal Messages https://www.404media.co/mike-waltz-accidentally-reveals-obscure-app-the-government-is-using-to-archive-signal-messages/ Tip of the Week: Disable your Mobile Ad ID: https://firewallsdontstopdragons.com/disable-your-mobile-ad-id/ Bonus Links [consumerreports.org] Using Contactless Payments on Your Phone? Take These Smart Steps. https://www.consumerreports.org/money/digital-payments/using-contactless-payments-on-phone-take-these-smart-steps-a1152343770/ Micah Lee’s TM SGNL blogs: https://micahflee.com/tm-sgnl-the-obscure-unofficial-signal-app-mike-waltz-uses-to-text-with-trump-officials/ https://micahflee.com/heres-the-source-code-for-the-unofficial-signal-app-used-by-trump-officials/ Further Info My book: https://fdsd.me/book My newsletter: https://fdsd.me/newsletter Support our mission! https://fdsd.me/support Give the gift of privacy and security: https://fdsd.me/coupons Recommend news stories: send to news [at] firewallsdontstopdragons.com Send me your questions! https://fdsd.me/qna Get your Firewalls Don’t Stop Dragons Merch! https://fdsd.me/merch Table of Contents Use these timestamps to jump to a particular section of the show. 0:00:00: Intro 0:01:09: News preview 0:03:38: FTC Warning Consumers About a Scam on Discounted Monthly Bills 0:06:51: Dating app Raw exposed users’ location data and personal information 0:13:31: I Tried to Turn Off the AI on My Pixel 9. It Wasn't Easy 0:20:30: iOS and Android juice jacking defenses have been trivial to bypass for years 0:29:07: Millions of Apple Airplay-Enabled Devices Can Be Hacked via Wi-Fi 0:35:06: Microsoft makes all new accounts passwordless by default 0:40:35: It’s now easier to prove age and identity with Google Wallet 0:47:42: Mike Waltz Accidentally Reveals Obscure App ...…

Firewalls Don't Stop Dragons Podcast

1
Riding the Data Gravy Train 1:14:22

منذ 20 weeks1:14:22

1:14:22

Data brokers are out of control. While we think of them gathering data in order to target us with ads, they can actually use the targeted ad system (real-time bidding) to collect vast quantities of personal information. It's a very shady business and the primary players are trying hard to obfuscate what they're doing. Thankfully, we have people like my guest, Zach Edwards, whose investigations are ripping the cover off of these unscrupulous practices. Interview Notes Zach Edwards: https://www.linkedin.com/in/zedwards/ Zach at Silent Push: https://www.silentpush.com/team/zach-edwards/ Using email aliases: https://firewallsdontstopdragons.com/how-to-use-email-aliases-part-1/ Disable mobile ad ID (iOS): https://ssd.eff.org/module/how-to-get-to-know-iphone-privacy-and-security-settings#disable-ad-tracking Disable mobile ad ID (Android): https://ssd.eff.org/module/how-to-get-to-know-android-privacy-and-security-settings#disable-ad-tracking Further Info Dragon Coin Promo!! https://fdsd.me/promo425 Generate passphrases with a d20: https://d20key.com/#/ My book: https://fdsd.me/book My newsletter: https://fdsd.me/newsletter Support the mission: https://fdsd.me/support Give the gift of privacy and security: https://fdsd.me/coupons Recommend news stories: send to news [at] firewallsdontstopdragons.com Send me your questions! https://fdsd.me/qna Get your Firewalls Don’t Stop Dragons Merch! https://fdsd.me/merch Table of Contents Use these timestamps to jump to a particular section of the show. 0:00:00: Intro 0:01:15: Last call for dragon coins! 0:01:57: Interview setup 0:03:01: Lingo definitions 0:05:05: How did you get into ad tracking as a profession? 0:12:57: How does Real-Time Bidding work? 0:16:16: Who are the big players in this space? 0:28:25: How does RTB leak data about us? 0:42:47: How much info about us is actually inferred rather than explicit? 0:46:09: Who else is looking to get hold of this ad data? 0:50:33: How else is our data being abused? 0:54:13: How does my data being leaked impact other people? 0:56:04: Are government agencies doing enough to protect our data? 0:57:53: Have we managed to fix any of the RTB system problems? 0:59:56: Is there a way to have targeted ads AND privacy? 1:05:31: So what can we do about this? 1:09:26: Wrap-up: revisiting email aliases 1:12:51: Patron bonus content preview 1:13:33: Looking ahead…

Firewalls Don't Stop Dragons Podcast

1
Travel Insecurity 1:05:30

منذ 21 weeks1:05:30

1:05:30

Going through border security today - even just returning to your own country - is not at simple and stress-free as it should be. The likelihood of our digital devices being searched by a border agent has increased in recent years and political sensitivities today can be high. Our devices have access to a ridiculous amount of extremely personal information. How can we protect ourselves? The answers aren't great, but I'll give the current best advice from immigration lawyers and civil rights groups. In other news: the Apple-UK data privacy court case will be at least partially public; some companies are ignoring automated opt-out signals; Waymo may use interior car video to train its AI; data breaches at Hertz and a Planned Parenthood medical lab; air travel group paints a picture of future use of facial recognition; San Francisco police have a new surveillance center; Ukraine drones come with anti-Russian malware; judge rules that 'cell tower dumps' require a warrant. Article Links [bbc.com] Apple-UK data privacy row should not be secret, court rules https://www.bbc.com/news/articles/cvgn1lz3v4no [innovation.consumerreports.org] New Report: Many Companies May Be Ignoring Opt-Out Requests Under State Privacy Laws https://innovation.consumerreports.org/new-report-many-companies-may-be-ignoring-opt-out-requests-under-state-privacy-laws/ [techcrunch.com] Waymo may use interior camera data to train generative AI models, but riders will be able to opt out https://techcrunch.com/2025/04/08/waymo-may-use-interior-camera-data-to-train-generative-ai-models-sell-ads/ [Bleeping Computer] US lab testing provider exposed health data of 1.6 million people https://www.bleepingcomputer.com/news/security/us-lab-testing-provider-exposed-health-data-of-16-million-people/ [9to5mac.com] PSA: Hertz belatedly says customer personal data stolen, inc credit card details https://9to5mac.com/2025/04/15/psa-hertz-belatedly-says-customer-personal-data-stolen-inc-credit-card-details/ [theguardian.com] Boarding Passes and Check in to Be Scrapped in Air Travel Shake-up Plans https://www.theguardian.com/world/2025/apr/11/boarding-passes-and-check-in-to-be-scrapped-in-air-travel-shake-up-plans [cbsnews.com] San Francisco Police's new surveillance hub being credited with 20% drop in crime https://www.cbsnews.com/sanfrancisco/news/san-francisco-police-surveillance-hub-real-time-investigation-center/ [forbes.com] Russians Capture Ukrainian Drones Which Infect Their Systems With Malware https://www.forbes.com/sites/vikrammittal/2025/04/02/russians-capture-ukrainian-drones-which-infect-their-systems-with-malware/ [404media.co] Judge Rules Blanket Search of Cell Tower Data Unconstitutional https://www.404media.co/judge-rules-blanket-search-of-cell-tower-data-unconstitutional/ Tip of the Week: https://firewallsdontstopdragons.com/border-insecurity/ Further Info Dragon Coin Promo!! https://fdsd.me/promo425 Generate passphrases with a d20: https://d20key.com/#/ My book: https://fdsd.me/book My newsletter: https://fdsd.me/newsletter How to enable Global Privacy Control: https://firewallsdontstopdragons.com/how-to-enable-global-privacy-control/ How and why to freeze your credit: https://firewallsdontstopdragons.com/credit-freeze-now-is-the-time/ Give the gift of privacy and security: https://fdsd.me/coupons Recommend news stories: send to news [at] firewallsdontstopdragons.com Send me your questions! https://fdsd.me/qna Get your Firewalls Don’t Stop Dragons Merch! https://fdsd.me/merch Table of Contents 0:00:00: Intro 0:00:24: Update Apple stuff 0:00:42: Dragon coin promo! 0:01:32: News preview 0:04:11: Apple-UK data privacy row should not be secret, court rules 0:08:14: Many Companies May Be Ignoring Opt-Out Requests 0:14:20: Waymo may use interior camera data to train generative AI models 0:19:56: US lab testing provider exposed health data of 1.…

Firewalls Don't Stop Dragons Podcast

1
Life on the Blue Team 1:05:18

منذ 22 weeks1:05:18

1:05:18

It's easy to be a Monday morning quarterback, even with cybersecurity. But defending a business, of any size, against cyber threats today is hard. Like, really hard. Defenders have to succeed every single time; attackers only need to succeed once. And then your company makes the headlines. Today we'll delve into the world of the "blue team" - the defenders who are charged with protecting your data and the services you depend on - with cyber expert Oz Jones. Along the way, we'll learn valuable lessons for everyone. Interview Notes Oz Jones on LinkedIn: https://www.linkedin.com/in/4f5a/ Troy Hunt got pwned: https://www.troyhunt.com/a-sneaky-phish-just-grabbed-my-mailchimp-mailing-list/ CIS Controls: https://www.cisecurity.org/controls Marsh’s Top 12 controls: https://www.marsh.com/en-gb/services/cyber-risk/insights/cyber-resilience-twelve-key-controls-to-strengthen-your-security.html Further Info Dragon Coin Promo!! https://fdsd.me/promo425 Generate passphrases with a d20: https://d20key.com/#/ My book: https://fdsd.me/book My newsletter: https://fdsd.me/newsletter Support the mission: https://fdsd.me/support Give the gift of privacy and security: https://fdsd.me/coupons Recommend news stories: send to news [at] firewallsdontstopdragons.com Send me your questions! https://fdsd.me/qna Get your Firewalls Don’t Stop Dragons Merch! https://fdsd.me/merch Table of Contents 0:00:00: Intro 0:00:29: Patron promo is LIVE! 0:01:16: Correction 0:01:49: Interview setup 0:04:44: Jargon definitions 0:06:39: How did you get into cyber incident response? 0:09:56: What does it mean to be on the Blue Team? 0:13:25: What are the most impactful cyber threats to companies today? 0:16:34: Are people or companies most as risk for ransomware attacks? 0:19:57: What impact has cyber insurance had on cyber security? 0:21:02: What are the most common types of attacks on companies? 0:23:59: How should companies educate their employees about cyber threats? 0:30:48: How does working from home or using personal devices impact cyber attacks? 0:35:22: How can you protect your company against supply chain attacks? 0:38:45: What resources are available to help companies prepare? 0:41:07: How can we detect attacks and malware infections? 0:44:22: After an attack, how do you respond? 0:48:05: What are my legal obligations for notifying my customers? 0:50:25: Are table top simulations useful? 0:52:07: Are there incident response consultants you can hire? 0:53:05: Can you recommend some helpful resources? 0:56:11: As consumers, how can we make better choices? 0:58:22: Interview wrap-up 1:01:51: Troy Hunt was pwned 1:03:04: Patron bonus preview 1:04:32: Looking ahead…

Firewalls Don't Stop Dragons Podcast

1
Differential Privacy 1:12:05

منذ 23 weeks1:12:05

1:12:05

When we collect a lot of personal data, say via the US Census, the goal is to glean important aggregate information and statistics, while somehow preserving the anonymity and privacy of the individual respondents. There's a rigorous mathematical process for doing this - that's actually not that hard to understand - called Differential Privacy. I'll explain how it works. In the news: iOS has a new location privacy setting; Google confirms it's rolling out AI to Gmail; Windows makes it much harder to avoid creating a Microsoft Account; WhatsApp is rolling out AI in Europe with no way to opt out; Switzerland is considering undermining encrypted communications; 23andMe is going bankrupt - it's time to delete your data; France rejects a backdoor mandate; and finally, I have a lot to say about the US officials' Signal chat debacle. Article Links [9to5mac.com] iOS 18.4 includes a new location services privacy setting for your iPhone https://9to5mac.com/2025/04/02/ios-iphone-new-location-services-privacy-toggle/ [forbes.com] Google Confirms Gmail Upgrade—3 Billion Users Must Now Decide https://www.forbes.com/sites/zakdoffman/2025/03/22/google-confirms-gmail-upgrade-3-billion-users-must-now-decide/ [windowscentral.com] Microsoft will force Windows 11 installs to use a Microsoft Account — confirms removal of popular setup bypass https://www.windowscentral.com/software-apps/windows-11/microsoft-will-force-windows-11-installs-to-use-a-microsoft-account-confirms-removal-of-popular-setup-bypass [Bleeping Computer] WhatsApp's Meta AI is now rolling out in Europe, and it can't be turned off https://www.bleepingcomputer.com/news/artificial-intelligence/whatsapps-meta-ai-is-now-rolling-out-in-europe-and-it-cant-be-turned-off/ [techradar.com] Secure encryption and online anonymity are now at risk in Switzerland – here's what you need to know https://www.techradar.com/vpn/vpn-privacy-security/secure-encryption-and-online-anonymity-are-now-at-risk-in-switzerland-heres-what-you-need-to-know [arstechnica.com] FTC: 23andMe buyer must honor firm’s privacy promises for genetic data https://arstechnica.com/tech-policy/2025/04/ftc-watching-23andme-bankruptcy-sale-for-impact-on-users-genetic-data/ [schneier.com] The Signal Chat Leak and the NSA https://www.schneier.com/blog/archives/2025/03/the-signal-chat-leak-and-the-nsa.html [eff.org] A Win for Encryption: France Rejects Backdoor Mandate https://www.eff.org/deeplinks/2025/03/win-encryption-france-rejects-backdoor-mandate How Differential Privacy Works: https://firewallsdontstopdragons.com/how-differential-privacy-works/ Further Info Dragon Coin Promo!! https://fdsd.me/promo425 Generate passphrases with a d20: https://d20key.com/#/ My book: https://fdsd.me/book My newsletter: https://fdsd.me/newsletter Support our mission! https://fdsd.me/support Give the gift of privacy and security: https://fdsd.me/coupons Recommend news stories: send to news [at] firewallsdontstopdragons.com Send me your questions! https://fdsd.me/qna Get your Firewalls Don’t Stop Dragons Merch! https://fdsd.me/merch Table of Contents 0:00:00: Intro 0:00:28: Coin promo teaser 0:02:47: News preview 0:05:21: iOS 18.4 includes a new location services privacy setting 0:10:09: Google Confirms Gmail AI Upgrade 0:16:41: Microsoft will force Windows 11 installs to use a Microsoft Account 0:20:57: WhatsApp's Meta AI is now rolling out in Europe 0:23:32: Secure encryption and online anonymity are now at risk in Switzerland 0:27:33: FTC: 23andMe buyer must honor firm’s privacy promises for genetic data 0:35:09: The Signal Chat Leak 0:53:05: A Win for Encryption: France Rejects Backdoor Mandate 0:56:14: Tip of the Week: Differential Privacy 1:06:20: Coin promo details 1:11:04: Merlin's Musings topic 1:11:29: Looking ahead…

Firewalls Don't Stop Dragons Podcast

1
Microscoping Our Apps 1:10:56

منذ 24 weeks1:10:56

1:10:56

We've been installing apps on our smartphones for almost two decades now. The iPhone and Android app stores kicked off in 2008 and we still, to this day, have no real way to know what's in them. It turns out that most apps are an amalgamation of software libraries and development kits from various third party vendors, so often even the makers of apps don't fully understand the makeup of their products. Lisa LeVasseur from Internet Safety Labs has worked to build tools to dissect and inspect our apps and help us understand what they're really doing. Interview Notes Internet Safety Labs: https://internetsafetylabs.org/ App Microscope: https://appmicroscope.org/ Interview with Dr. Johnny Ryan on real-time bidding: https://podcast.firewallsdontstopdragons.com/2021/08/02/selling-you-out-to-the-highest-bidder/ Dark Patterns interview: https://podcast.firewallsdontstopdragons.com/2020/11/16/dark-patterns-part-1/ Using Burp Suite to intercept HTTP traffic: https://portswigger.net/burp/documentation/desktop/getting-started/intercepting-http-traffic Exodus Privacy: https://exodus-privacy.eu.org/en/ Henrietta Lacks: https://en.wikipedia.org/wiki/Henrietta_Lacks Further Info My book: https://fdsd.me/book My newsletter: https://fdsd.me/newsletter Support the mission: https://fdsd.me/support My social media: https://firewallsdontstopdragons.com/contact/ Give the gift of privacy and security: https://fdsd.me/coupons Recommend news stories: send to news [at] firewallsdontstopdragons.com Send me your questions! https://fdsd.me/qna Get your Firewalls Don’t Stop Dragons Merch! https://fdsd.me/merch Table of Contents 0:00:00: Intro 0:00:31: Note on 23andMe 0:01:35: Follow my social media 0:01:58: Signal debacle 0:02:39: Interview setup 0:07:06: What is Internet Safety Labs and what do you do there? 0:09:49: What are the privacy risks with EdTech? 0:16:31: How did the pandemic impact EdTech software? 0:19:02: How does the "notice and consent" model work with EdTech software? 0:25:26: Do app makers even know what's in their own software? 0:28:11: How do ads inside our apps get there? 0:30:45: How does App Microscope work? 0:32:33: How does safety differ from security? 0:34:37: What can you learn from the data and metadata an app generates? 0:37:22: Do you study "dark patterns" in apps? 0:41:42: How do you determine the software makeup of a given app? 0:47:10: How accurate are the app privacy "nutrition" labels? 0:51:58: How important are the non-technical aspects of an app for safety? 0:56:33: How do I use the App Microscope tool? 1:00:38: How can we support your efforts? 1:04:41: Interview follow-up 1:08:51: Burp Suite info 1:09:32: Patron bonus preview 1:10:27: Looking ahead…

Firewalls Don't Stop Dragons Podcast

1
It’s Tax (Scam) Time Again 58:32

منذ 25 weeks58:32

58:32

Tax time is once again upon us here in the USA, which means that the tax scammers are coming out of the woodwork. Many will claim to be representing the IRS, claiming that there is an urgent need to fix a problem with your return, threatening penalties if you don't pay them money. Others will simply try to file fake returns in your name, but send the massive false refund checks to themselves. I'll help you spot and avoid these scams. In other news: Apple's Passwords app was vulnerable to phishing attacks (now fixed); Amazon is forcing Echo owners to share voice recordings; the Bluetooth chip "backdoor" that wasn't; Captchas were used by Google to translate books and Street View images; ICE uses third party tool to scrape tons of your data; beware of online file converters; Clearview AI attempted to buy millions of mugshots; RCS messaging will soon allow end-to-end encrypted chats between iPhones and Android phones. Article Links [9to5mac.com] Apple’s Passwords app was vulnerable to phishing attacks for nearly three months after launch https://9to5mac.com/2025/03/18/apples-passwords-app-was-vulnerable-to-phishing-attacks-for-nearly-three-months-after-launch/ [arstechnica.com] Everything You Say to Your Echo Will Soon Be Sent to Amazon, and You Can’t Opt Out https://arstechnica.com/gadgets/2025/03/everything-you-say-to-your-echo-will-be-sent-to-amazon-starting-on-march-28/ [darkmentor.com] The ESP32 "backdoor" that wasn't https://darkmentor.com/blog/esp32_non-backdoor/ [techradar.com] Captcha if you can: how you’ve been training AI for years without realising it https://www.techradar.com/news/captcha-if-you-can-how-youve-been-training-ai-for-years-without-realising-it [404media.co] The 200+ Sites an ICE Surveillance Contractor is Monitoring https://www.404media.co/the-200-sites-an-ice-surveillance-contractor-is-monitoring/ [malwarebytes.com] Warning over free online file converters that actually install malware https://www.malwarebytes.com/blog/news/2025/03/warning-over-free-online-file-converters-that-actually-install-malware [404media.co] Facial Recognition Company Clearview Attempted to Buy Social Security Numbers and Mugshots for its Database https://www.404media.co/facial-recognition-company-clearview-attempted-to-buy-social-security-numbers-and-mugshots-for-its-database/ [appleinsider.com] RCS messaging will get end-to-end encryption on iPhone https://appleinsider.com/articles/25/03/14/rcs-messaging-will-get-end-to-end-encryption-on-iphone Tip of the Week: https://firewallsdontstopdragons.com/its-tax-scam-time/ Further Info Data Diva interview: https://www.debbiereynoldsconsulting.com/podcast/e228-carey-parker Malwarebytes interview: https://www.malwarebytes.com/blog/podcast/2025/03/what-google-chrome-knows-about-you-with-carey-parker-lock-and-code-s06e06 Amazon Mechanical Turk: https://en.wikipedia.org/wiki/Amazon_Mechanical_Turk My book: https://fdsd.me/book My newsletter: https://fdsd.me/newsletter Support our mission! https://fdsd.me/support Give the gift of privacy and security: https://fdsd.me/coupons Recommend news stories: send to news [at] firewallsdontstopdragons.com Send me your questions! https://fdsd.me/qna Get your Firewalls Don’t Stop Dragons Merch! https://fdsd.me/merch Table of Contents Use these timestamps to jump to a particular section of the show. 0:00:00: Intro 0:00:21: Guest appearances 0:01:22: News preview 0:03:50: Apple’s Passwords app was vulnerable to phishing attacks for nearly three months 0:10:41: Everything You Say to Your Echo Will Soon Be Sent to Amazon, and You Can’t Opt Out 0:21:30: The ESP32 "backdoor" that wasn't 0:29:16: Captcha if you can: how you’ve been training AI for years without realising it 0:35:08: The 200+ Sites an ICE Surveillance Contractor is Monitoring 0:43:10: Warning over free online file converters that actually install malware…

Firewalls Don't Stop Dragons Podcast

1
All Things Secured 1:04:37

منذ 26 weeks1:04:37

1:04:37

Josh Summers lived in China for many years and learned a lot about privacy and security. Since he left, he's made it his mission to share this knowledge through his website and YouTube channel called All Things Secured - helping regular, everyday people like you and me to protect our data and devices. Today we'll talk specifically about improving your security and privacy on iPhones and Android phones, and even some alternatives outside the Apple and Google ecosystems. Interview Notes All Things Secured: https://www.allthingssecured.com/ All Things Secured YouTube: https://www.youtube.com/@AllThingsSecured Apple iPhone Lockdown Mode: https://support.apple.com/en-us/105120 Apple Stolen Device Protection: https://support.apple.com/en-us/120340 Apple Advanced Data Protection: https://support.apple.com/en-us/108756 Android Theft Protection: https://blog.google/products/android/android-theft-protection/ Google Advanced Protection Program: https://landing.google.com/advancedprotection/faq/ iPhone hide/lock apps: https://support.apple.com/guide/iphone/lock-or-hide-or-an-app-iph00f208d05/ios Cryptomator: https://cryptomator.org/ OsmAnd maps: https://osmand.net/ Jitsi video conferencing: https://jitsi.org/ Hoody AI: https://hoody.com/ai DuckDuckGo AI: https://duck.ai/ GrapheneOS: https://grapheneos.org/ Further Info Recommend news stories: send to news [at] firewallsdontstopdragons.com Send me your questions! https://fdsd.me/qna Check out my book, Firewalls Don’t Stop Dragons: https://fdsd.me/book Subscribe to the newsletter: https://fdsd.me/newsletter Become a patron! https://www.patreon.com/FirewallsDontStopDragons Get your Firewalls Don’t Stop Dragons Merch! https://fdsd.me/merch Give the gift of privacy and security: https://fdsd.me/coupons Support our mission! https://fdsd.me/support Generate secure passphrases! https://d20key.com/#/ Table of Contents 0:00:14: intro 0:00:27: Couple quick news items 0:01:59: Interview setup 0:02:47: How did you come to start All Things Secured? 0:04:41: What's is like living in China, from a privacy perspective? 0:07:26: What are the basic security and privacy risks with a smartphone? 0:11:21: How do iPhones compare to Android phones? 0:13:35: How does Android's multi-level ecosystem impact security? 0:16:42: How secure are smartphones against remote attacks? 0:19:39: Can you protect your smartphone against direct physical access? 0:25:20: What are some of the latest and greatest smartphone security features? 0:35:51: What if we don't trust Apple or Google's security? 0:40:05: If we don't trust Apple or Google apps, which ones should we consider using? 0:45:35: How can we protect our privacy with AI? 0:53:08: Are there better smartphone options beyond iOS and Android? 0:56:27: What worries you most? What gives you hope? 0:58:54: How can we learn more from you? 1:00:01: Interview wrap-up 1:00:55: Patron bonus content 1:01:55: Guest appearances 1:02:47: Looking ahead…

Firewalls Don't Stop Dragons Podcast

1
Slay Browser Ads Forever 1:07:31

منذ 27 weeks1:07:31

1:07:31

Google's Chrome browser is rolling out changes that will hamstring ad blockers - so there's never been a better time to try a better browser. There are a handful of good options, but I'm going to recommend that you try Firefox with a fantastic ad blocker called uBlock Origin. If you've never tried this powerful combination, you won't believe what you've been missing. In other news: the UK scrubs all encryption advice from government sites; Signal's CEO threatens to leave Sweden over backdoor demands; UK private health services hit by Medusa ransomware; Australian IVF provider has patient data stolen; Brazil gives Apple 90 days to allow side loading of apps; millions of Android TVs hijacked by a botnet; Qualcomm and Google team up to offer 8 years of Android updates; Google rolls out AI voice call scam detector; and confusion over Trump admin orders regarding Russia cyber threats. Article Links [techcrunch.com] UK quietly scrubs encryption advice from government websites https://techcrunch.com/2025/03/06/uk-quietly-scrubs-encryption-advice-from-government-websites/ [swedenherald.com] Signal's CEO: Then We're Leaving Sweden https://swedenherald.com/article/signals-ceo-then-were-leaving-sweden [theregister.com] Medusa ransomware gang demands $2M from UK private health services provider https://www.theregister.com/2025/02/20/medusa_hcrg_ransomware/ [techcrunch.com] Hackers publish sensitive patient data allegedly stolen from Australian IVF provider Genea https://techcrunch.com/2025/02/26/hackers-publish-sensitive-patient-data-allegedly-stolen-from-australian-ivf-provider-genea/ [9to5mac.com] Brazilian court gives Apple 90 days to allow sideloading on iOS https://9to5mac.com/2025/03/06/brazilian-court-apple-sideloading-ios/ [tomsguide.com] Millions of Android TVs hijacked in massive botnet https://www.tomsguide.com/computing/online-security/millions-of-android-tvs-hijacked-in-massive-botnet-how-to-see-if-yours-is-at-risk [arstechnica.com] Qualcomm and Google team up to offer 8 years of Android updates https://arstechnica.com/gadgets/2025/02/qualcomm-and-google-team-up-to-offer-8-years-of-android-updates/ [The Hacker News] Google Rolls Out AI Scam Detection for Android to Combat Conversational Fraud https://thehackernews.com/2025/03/google-rolls-out-ai-scam-detection-for.html [zetter-zeroday.com] Did Trump Admin Order U.S. Cyber Command and CISA to Stand Down on Russia? https://www.zetter-zeroday.com/did-trump-admin-order-u-s-cyber-command-and-cisa-to-stand-down-on-russia/ [theregister.com] uBlock Origin dead for many as Google purges Manifest v2 extensions https://www.theregister.com/2025/02/24/google_v2_eol_v3_rollout/ Tip of the Week: Slay Browser Ads: https://firewallsdontstopdragons.com/dragon-hacks-slay-browser-ads/ Further Info My book: https://fdsd.me/book My newsletter: https://fdsd.me/newsletter Support our mission! https://fdsd.me/support Check out my dragon challenge coin: https://fdsd.me/coin2 Give the gift of privacy and security: https://fdsd.me/coupons Recommend news stories: send to news [at] firewallsdontstopdragons.com Send me your questions! https://fdsd.me/qna Get your Firewalls Don’t Stop Dragons Merch! https://fdsd.me/merch Table of Contents Use these timestamps to jump to a particular section of the show. 0:00:07: Intro 0:00:26: Update your Android devices 0:00:47: News rundown 0:02:50: UK quietly scrubs encryption advice from government websites 0:08:45: Signal's CEO: Then We're Leaving Sweden 0:11:01: Medusa ransomware gang hits UK health services provider 0:15:32: Hackers publish patient data allegedly from Australian IVF provider 0:19:13: Brazilian court gives Apple 90 days to allow sideloading on iOS 0:22:32: Millions of Android TVs hijacked in massive botnet 0:32:17: Qualcomm and Google offer 8 years of Android updates 0:39:18: Google Rolls Out AI Scam Detection for Android…

Firewalls Don't Stop Dragons Podcast

1
Back to The L0pht 1:03:21

منذ 28 weeks1:03:21

1:03:21

Today, we travel back in time and back to The L0pht with one of the original founders of L0pht Heavy Industries, Weld Pond (aka Chris Wysopal). We'll talk about how hacker culture has impacted modern technology, cybersecurity practices and digital rights, while sprinkling in some classic and hilarious stories from hacker history by someone who lived them. Interview Notes Veracode: https://www.veracode.com/ L0pht.com: https://l0pht.com/ L0pht Congressional testimony 1998: https://www.youtube.com/watch?v=VVJldn_MmMY DEF CON 26 reunion panel: https://archive.org/details/youtube-noE4o-roAWM MIT Lockpicking guide: https://archive.org/details/mit-guide-to-lock-picking-v05/mode/2up The Open Organisation Of Lockpickers (TOOOL): https://toool.us/ 2600: https://www.2600.com/ Classic engineering references: https://bitsavers.org/ Further Info Send me your questions! https://fdsd.me/qna Check out my book, Firewalls Don’t Stop Dragons: https://fdsd.me/book Subscribe to the newsletter: https://fdsd.me/newsletter Become a patron! https://www.patreon.com/FirewallsDontStopDragons Get your Firewalls Don’t Stop Dragons Merch! https://fdsd.me/merch Give the gift of privacy and security: https://fdsd.me/coupons Support our mission! https://fdsd.me/support Generate secure passphrases! https://d20key.com/#/ Table of Contents Use these timestamps to jump to a particular section of the show. 0:00:16: intro 0:00:40: Interview setup 0:03:19: How did you come to be in The L0pht? 0:08:36: How did meeting in real life as well as online affect L0pht's dynamics? 0:09:34: How did you find so much free and adandoned computer hardware? 0:13:44: How did you manage to just drive your van in the NSA parking lot? 0:19:20: What has been the lasting impact of your Congressional testimony in 1998? 0:21:45: How did you come to invite cyber czar Richard Clarke to The L0pht? 0:27:17: How have hackers pushed back against overreach from corporations? 0:36:05: Why are lockpicking and computer hacking so closely related? 0:40:55: Is it easier or harder to be a hacker today versus when you started? 0:45:56: Are we still fighing the Crypto Wars of the 90s? Are we winning? 0:51:17: Are there any glaring misconceptions about The L0pht you'd like to fix? 0:55:16: Where are The L0pht folks now and what are they up to? 0:57:51: Interview wrap-up 1:00:59: Patron bonus preview 1:01:35: Looking ahead…

Firewalls Don't Stop Dragons Podcast

1
Onion Routing 1:13:45

منذ 29 weeks1:13:45

1:13:45

Not all Privacy Enhancing Technologies are new - but this one is probably new to you. Onion routing was developing in the 1990's by the US government and is the basis for the Tor Network. Onion routing does one thing very well: it masks your actual IP address. While you can use a VPN for this purpose, onion routing adds a different layer of anonymity - and it's just a cool technology. Today I'll explain how it works, how to use it, and the pros and cons of doing so. In other news: Bitly is leveraging its URL-shortening empire to monetize your links; a major car company is experimenting with in-car pop up ads; a cautionary tale about law enforcement's access to private phone data; Russian spies are using a clever new phishing technique to gain access to Microsoft 365 accounts; Apple pulls its Advanced Data Protection feature from the UK market in response to demands to 'backdoor' its encryption; and whatever your political beliefs, the chaos and careless changes made by the DOGE group are seriously undermining national security. Article Links [tedium.co] Broken Bits https://tedium.co/2025/02/07/bitly-terms-of-service-change/ [techstory.in] Stellantis Introduces Pop-Up Ads in Vehicles, Sparking Outrage Among Owners https://techstory.in/stellantis-introduces-pop-up-ads-in-vehicles-sparking-outrage-among-owners/ [arstechnica.com] No warrant or crimes—but Oregon woman’s nudes were shared after illegal phone search https://arstechnica.com/tech-policy/2025/02/no-warrant-or-crimes-but-oregon-womans-nudes-were-shared-after-illegal-phone-search/ [arstechnica.com] Russian spies use device code phishing to hijack Microsoft accounts https://arstechnica.com/information-technology/2025/02/russian-spies-use-device-code-phishing-to-hijack-microsoft-accounts/ [bbc.com] Apple pulls data protection tool after UK government security row https://www.bbc.com/news/articles/cgj54eq4vejo [schneier.com] DOGE as a National Cyberattack https://www.schneier.com/blog/archives/2025/02/doge-as-a-national.html Tip of the Week: How Onion Routing Works: https://firewallsdontstopdragons.com/how-onion-routing-works/ Further Info Safe link shortener: https://kutt.it/ Read before using the Tor Browser: https://www.privacyguides.org/en/tor/ Tor Browser: https://www.torproject.org/download/ Onion sites that don’t suck: https://github.com/neilzone/onion-sites-that-dont-suck My book: https://fdsd.me/book My newsletter: https://fdsd.me/newsletter Support our mission! https://fdsd.me/support Give the gift of privacy and security: https://fdsd.me/coupons Recommend news stories: send to news [at] firewallsdontstopdragons.com Send me your questions! https://fdsd.me/qna Get your Firewalls Don’t Stop Dragons Merch! https://fdsd.me/merch Table of Contents Use these timestamps to jump to a particular section of the show. 0:00:07: News preview 0:02:19: Broken Bits 0:13:50: Stellantis Introduces Pop-Up Ads in Vehicles 0:20:28: Oregon woman’s nudes were shared after illegal phone search 0:28:03: Russian spies use device code phishing to hijack Microsoft accounts 0:35:07: Apple pulls data protection tool after UK government security row 0:45:58: DOGE as a National Cyberattack 0:59:54: Tip of the Week: Onion Routing 1:11:53: Wrap-up…

مرحبًا بك في مشغل أف ام!

يقوم برنامج مشغل أف أم بمسح الويب للحصول على بودكاست عالية الجودة لتستمتع بها الآن. إنه أفضل تطبيق بودكاست ويعمل على أجهزة اندرويد والأيفون والويب. قم بالتسجيل لمزامنة الاشتراكات عبر الأجهزة.