Firewalls Don't Stop Dragons Podcast

Equifax, one of the three major credit bureaus, was hacked – over 143 million U.S. accounts may have been leaked, making them much more vulnerable to identity theft and fraud. In this episode, I help you understand the potential impacts of this breach and give you several important actions you can take to protect yourself, including instituting a credit freeze on your account. Chris Romeo, CEO and Founder of Security Journey will help us understand the severity of this major news story and what we need to do to protect ourselves moving forward! Is there such a thing as a good hacker? We will tackle what it takes to be a hacker – and why you actually might want to become one! Hackers are not all bad guys in hoodies hunched over a laptop. The hacker mentality is much more about a desire to tinker and solve puzzles, just applied to computers – and we need good hackers to help us combat the bad ones. Chris Romeo is CEO and co-founder of Security Journey. His passion is to bring security belt programs to all organizations, large and small. He was the Chief Security Advocate at Cisco Systems for five years, where he guided Cisco’s Security Advocates, empowering engineers to “build security in” to all products at Cisco. He led the creation of Cisco’s internal, end-to-end security belt program launched in 2012. Chris has twenty years of experience in security, holding positions across the gamut, including application security, penetration testing, and incident response. Chris holds the CISSP and CSSLP. Help me to help you! Visit: https://patreon.com/FirewallsDontStopDragons For Further Insight: Website, www.securityjourney.com Follow on Twitter, @SecurityJourney Facebook, https://www.facebook.com/SecJourney/ Additional Resources: Freeze your credit at all three credit bureaus: Equifax, Experian and TransUnion. Get your free annual credit reports: https://www.ftc.gov/faq/consumer-protection/get-my-free-credit-report

Do you have backup copies of all your family photos and home videos? What about your tax documents and other financial data? Maybe you have a collection of priceless family history information that you’ve painstakingly compiled over many years. Unless you’re keeping copies of those files in multiple places (including at least one place outside your home!), you’re flying without a net. You’re one minor or major disaster away from losing them forever. Luckily, there are several simple and cost-effective solutions for automatically backing up all your files, photos, music and movies. In today’s show, part two of the Castle Defense 101 series, I’ll lay out a foolproof strategy for protecting your most precious digital data! For Further Insight: Help me to help you! Visit: https://patreon.com/FirewallsDontStopDragons Backblaze offers an affordable, easy-to-use cloud backup solution – try it for free! For complete step-by-step help with backups and over 100 other tips, check out my book, Firewalls Don’t Stop Dragons.

There are bills before Congress to use drones along our border for mass surveillance and provisions to capturing all manner of biometric data when you travel. How will that data be used and who will have access? We break it all down for you and tell you how to voice your opinions. India McKinney and Adam Schwartz from the EFF are with me this week to explain several ways that your privacy rights are under serious attack at the U.S. border. Your favorite PDF viewer is probably riddled with security vulnerabilities. I cover some recent news about Foxit PDF Reader and help you find safer alternatives with my Tip of the Week. India McKinney is a Legislative Analyst with the Electronic Frontier Foundation, primarily focusing on privacy and surveillance issues in upcoming legislation. Prior to joining EFF, India spent over 10 years in Washington, DC as a legislative staffer to three members of Congress from California. Her work there largely focused on the appropriations process, specifically analyzing and funding programs in the Departments of Veterans Affairs, Homeland Security, and Justice. Her biggest legislative accomplishment was authorizing, funding and then naming a new outpatient VA/DoD clinic that will serve over 80,000 people. Adam Schwartz is a Senior Staff Attorney at the Electronic Frontier Foundation. Adam works to ensure that new technologies expand instead of shrink our privacy, freedom of speech, and other civil liberties. Before joining EFF, Adam worked as a Senior Staff Attorney at the American Civil Liberties Union of Illinois. Adam graduated in 1995 from the Howard University School of Law. For Further Insight: Website: https://eff.org/ Follow on Twitter: https://twitter.com/EFF Facebook: https://www.facebook.com/eff/ Additional Resources For You: Help me to help you! Visit: https://patreon.com/FirewallsDontStopDragons EFF’s Defending Privacy at the U.S. Border: A Guide for Travelers Carrying Digital Devices Sumatra PDF Reader: https://www.sumatrapdfreader.org/download-free-pdf-viewer.html

Jeffrey Ritter, author of “Achieving Digital Trust”, is back to help us understand the phenomenon of “fake news” and to explain why it’s not a new thing. We talk about how deception and misdirection have been around since the dawn of marketing and how we can train ourselves to navigate these treacherous waters in the Information Age. Google is claiming they can match your offline, real-world purchases with their online ad tracking and the US government is proposing legislation that might finally being some much-needed security standards to the burgeoning “Internet of Things” marketplace. Jeffrey Ritter currently serves as an External Lecturer at two of the world’s great universities for computer science, Johns Hopkins University and the University of Oxford, where he teaches graduate level courses in privacy engineering, information governance, and information security policy design. His career includes legal services to global corporations, leadership in the work of the United Nations and the American Bar Association, and ongoing academic research and writing on digital trust. For Further Insight: Website: www.jeffreyritter.com Follow on Twitter: https://twitter.com/Jeffrey_Ritter LinkedIn: https://www.linkedin.com/in/jeffreyritter/ Further Reading: Can you trust what you hear? https://www.theverge.com/2017/4/24/15406882/ai-voice-synthesis-copy-human-speech-lyrebird Can you trust what you see? https://boingboing.net/2017/07/17/fake-obama-speech-is-the-begin.html Opt out of Google tracking: https://myaccount.google.com/privacy#activity Achieving Digital Trust: The New Rules for Business at the Speed of Light, is available on Amazon.com

Chris Romeo regales us with tales of safe-cracking robots, demonic car washes, possessed Teslas, and hacking of voting machines! Where did this all happen? At the hacker conferences, of course! We’ll help you understand how hackers really think and what they really do every year in Las Vegas at the DEFCON and BlackHat conferences. Chris Romeo is CEO and co-founder of Security Journey. His passion is to bring security belt programs to all organizations, large and small. He was the Chief Security Advocate at Cisco Systems for five years, where he guided Cisco’s Security Advocates, empowering engineers to “build security in” to all products at Cisco. He led the creation of Cisco’s internal, end-to-end security belt program launched in 2012. Chris has twenty years of experience in security, holding positions across the gamut, including application security, penetration testing, and incident response. Chris holds the CISSP and CSSLP. For Further Insight: Website, www.securityjourney.com Follow on Twitter, @SecurityJourney Facebook, https://www.facebook.com/SecJourney/ Additional Resources: Hackers: Heroes of the Computer Revolution by Steven Levy WITH HOVER… YOUR PRIVACY IS INCLUDED Get 10% off your first domain name order!

In this final segment, we address the classic conundrum: law enforcement believes that your servers hold key information that would prevent a devastating terror attack, but revealing the information may violate the privacy of the client, or even other unrelated people. What do you do? Ladar Levison answers that very question. Prior to the interview, I explain what “secure email” really means and what it entails – it’s not nearly as simple as it might seem. And time is running out to submit your backup horror stories or maybe success stories! Send your tales to CareyParker@AmericaOutLoud.com for your chance to win a free copy of my book! Ladar Levison serves as the founder, president, and chief executive of Lavabit, where he has worked the past 12 years. Lavabit was created because Mr. Levison believes that privacy is a fundamental, necessary right for a functioning, free and fair democratic society. Presently, Mr. Levison is focused on Lavabit’s Dark Mail Initiative, which aims to make end-to-end email encryption automatic and ubiquitous, while continuing to vigorously advocate for the privacy and free speech rights of all. For Further Insight: Website: www.lavabit.com Follow on Twitter: https://twitter.com/kingladar Additional Resources: Sign up for Lavabit secure email: https://lavabit.com/ Learn more about secure email: https://easycrypt.co/email-privacy-crash-course-part-1-introduction/

Ladar Levison is the CEO and Founder of Lavabit – a secure email service whose most famous customer was Edward Snowden. In part one of my two-part interview with Ladar, we discuss what happened when the FBI came knocking on his door, demanding access to his private security keys. Ladar shares some deep insights into the notion of privacy and intelligence gathering in this country, and how to strike the proper balance. I will also update you on the hot news from two top hacker conferences, including a nasty Mac virus and a bug in Broadcom WiFi chips found in over 1 BILLION devices worldwide. And I will tell you about one of the oldest and best fact-checking sites on the web, and why they need your help. For Further Insight: Website: www.lavabit.com Follow on Twitter: https://twitter.com/kingladar Additional Resources: Sign up for Lavabit secure email: https://lavabit.com/ How to remove Flash: http://firewallsdontstopdragons.com/ditch-flash/ The web’s original fact checker: http://snopes.com/

Is trust just an emotion or is it more than that? In this week’s episode, I speak at length with Jeffrey Ritter: a lawyer, diplomat, researcher and author of the book “Achieving Digital Trust”. We get to the heart of what it means to trust, how trust is gained and lost, and how living in the Information Age has had such a profound impact on all of the above. Jeffrey has some deep insights on how we can cope with the high rate of data and decision making inherent in this modern life – and shares some interesting stories along the way! Jeffrey Ritter currently serves as an External Lecturer at two of the world’s great universities for computer science, Johns Hopkins University and the University of Oxford, where he teaches graduate level courses in privacy engineering, information governance, and information security policy design. His career includes legal services to global corporations, leadership in the work of the United Nations and the American Bar Association, and ongoing academic research and writing on digital trust. I’ll also tell you how you can share your financial account information more securely using aggregator accounts and how to win a free copy of my book by sending me your best computer backup stories! Send your stories to CareyParker@AmericaOutLoud.com. For Further Insight: Website: www.jeffreyritter.com Follow on Twitter: https://twitter.com/Jeffrey_Ritter LinkedIn: https://www.linkedin.com/in/jeffreyritter/ Achieving Digital Trust: The New Rules for Business at the Speed of Light, is available on Amazon.com

What could be more crucial to a democracy than a voting system we can trust? Today I speak with Barbara Simons, President of VerifiedVoting.org, on why so many of our US election systems are vulnerable to hacking without leaving a trace. The solutions to these issues are well known and straightforward, and yet we can’t seem to come together in a unified way to implement them. We’ll discuss why the current systems are so bad, what needs to be done, and tell you what you can do to help. I will also tell you about a new file backup tool from Google, 14M Verizon customer records found online with no protection, why you might be wary about leaving your keys lying around in plain sight, and how to improve your privacy with Post-It Notes! Barbara Simons has been on the Board of Advisors of the U.S. Election Assistance Commission since 2008. She published Broken Ballots: Will Your Vote Count?, a book on voting machines co-authored with Douglas Jones. She also co-authored the report that led to the cancellation of Department of Defense’s Internet voting project (SERVE) in 2004 because of security concerns. In 2015 she co-authored the report of the U.S. Vote Foundation entitled The Future of Voting: End-to-End Verifiable Internet Voting, which included in its conclusions that “every publicly audited, commercial Internet voting system to date is fundamentally insecure.” Simons is a former President of the Association for Computing Machinery (ACM), the oldest and largest international educational and scientific society for computing professionals. She is President of Verified Voting and is retired from IBM Research. Get 10% off your first domain name order!   For Further Insight: Web site: VerifiedVoting.org Follow on Twitter: https://twitter.com/VerifiedVoting Further Reading: Does your state have proper voting machines? Do they have procedures for audits? https://www.verifiedvoting.org/ Google’s backup service: https://techcrunch.com/2017/07/12/google-launches-a-new-backup-sync-desktop-app-for-uploading-files-and-photos-to-the-cloud/ Change your Verizon PIN: https://www.verizonwireless.com/support/account-pin-faqs/ Copy a key with a photo: https://www.key.me/ Lose all your photos when your hard drive crashed? Did a cloud backup save your bacon when you had your phone stolen? Tell me your best backup stories for a chance to win a free copy of my book! Send them to CareyParker@AmericaOutLoud.com!

Passwords are the bane of our modern existence. Why the hell haven’t we figured out a better way to prove who we are? Today is the first in a series of educational shows that I’ve dubbed Castle Defense 101: Defending Your Digital Drawbridge. In our inaugural session, we’ll take a deep dive into the problem of passwords. What really makes a good password and how do I choose one? How can I possibly remember all these passwords? How often do I need to change my password? Why do we even need passwords, anyway – can’t we just use fingerprints or something? I will answer all of these questions and then some. I’ll even tell you why you should only ever know one single password! And finally, I’ll tell you how you can win a free copy of my book, Firewalls Don’t Stop Dragons! Domain names SAVE10% off your first order! For Further Insight: Some excellent password managers: LastPass , 1Password , Dashlane , Passwords Are Dead Long Live Passwords Firewalls Don't Stop Dragons: A Step-By-Step Guide to Computer Security for Non-Techies