Firewalls Don't Stop Dragons Podcast

The law that enables the warrantless collection and searching of the communications of US citizens is set to expire at the end of 2017. In today’s show, David Ruiz and I discuss several bills in Congress that attempt to curb the rampant abuses of this legislation (Section 702 of the FISA law). These long-overdue reforms go a long way towards restoring the principles of the Fourth Amendment and reclaiming basic civil liberties that we let slip away in fear after 9/11. In the news this week, I’ll update you on the Reaper botnet and tell you about an effort to safeguard our elections systems before the next major election. I’ll also help you double-check your smartphone app permissions, making sure they don’t have any more access than they need to things like your camera, microphone, location, and contacts. David Ruiz is a writer covering NSA surveillance and federal surveillance policy for Electronic Frontier Foundation, a digital rights non-profit. As 2017 closes, he is deeply involved in covering the multiple bills before Congress that seek to reform or reauthorize Section 702 of the FISA Amendments Act, a law that is currently one of the U.S. government's most powerful surveillance tools. Previously, David worked as a journalist covering legal affairs for some of Silicon Valley's largest companies, including Google, Facebook, Twitter and Uber. He has also had his work featured in KQED, The East Bay Express, SFGate.com, The Sacramento Bee and KZSU Stanford 90.1 FM. Beyond writing, David also hosts a personal podcast called Death Knell, which explores the grieving process after death. For Further Insight: Website: www.davidalruiz.com Follow on Twitter: https://twitter.com/davidalruiz Additional Resources: Surveillance watchdog, Open Technology Institute: https://www.newamerica.org/oti/ End the Backdoor! https://www.endthebackdoor.com/ Lock Down Your LAN (IoT security): http://firewallsdontstopdragons.com/locking-internet-things-iot/ Protect yourself from nosy apps: http://firewallsdontstopdragons.com/smartphone-privacy-reining-nosy-apps/

We have a lot to catch up on! This week we discuss a Bad Rabbit, a grim Reaper, and some risky Russians. A new WannaCry-like ransomware is hitting Russia and Ukraine, Kaspersky Labs is dealing with a PR nightmare, and a new botnet is forming up that could make last year’s Mirai botnet that took down Netflix, Twitter and AirBND look like small potatoes. We also have some hopeful Android news and discuss how Bitcoin mining might save us from the ad-based web. For Further Insight: Before paying a ransom for your data, check this site! www.nomoreransom.org Full article on Reaper and securing your IoT devices: http://firewallsdontstopdragons.com/locking-internet-things-iot/ Help me to help you! Visit: https://patreon.com/FirewallsDontStopDragons

Web ads are the bane of our web-surfing existence, and yet people repeatedly reject the notion of paying for web content. How do we strike a balance? Today I speak at length with Ben Williams from Eyeo, the maker of one of the most popular web browser plugins of all time: AdBlock Plus. His company pioneered the notion of ‘acceptable ads’ and has returned some semblance of sanity to our web browsing experience, while preserving the revenue model that has allowed most web sites to remain free. We discuss the history and future of ads on the web, including the threat of ‘malvertising’ that can actually infect your computer. In the news, I’ll get you up to speed on the hideous KRACK WiFi bug that affects billions of devices worldwide and explain why it’s not all it’s cracked up to be. Ben Williams is from the greatest commonwealth of them all, Kentucky, and has lived in Berlin, Washington, DC and now in Bonn, Germany. Before joining eyeo, the company that makes Adblock Plus and Flattr, as communications director, he worked in non-profits mainly. He likes cooking, cassettes, records, writing and hiking. For Further Insight: Website: https://adblockplus.org/ Follow on Twitter: https://twitter.com/B__e__n__w Linkedin: https://www.linkedin.com/in/benpwilliams/ Help updating your wifi router: https://www.lifewire.com/how-to-upgrade-your-wireless-routers-firmware-2487671 Download AdBlock Plus: https://adblockplus.org/ Help me to help you! Visit: https://patreon.com/FirewallsDontStopDragons

In the second of my two-part interview with activist and author Cory Doctorow, we discuss how copy protection schemes (called “Digital Rights Management”) is trying to control how you watch, save, and share the digital movies, books and music you thought you owned. Cory explains how the World Wide Web Consortium (W3C) has caved into corporate interests and set the stage for serious future security issues with all web browsers. In the news this week are some serious bugs in both Microsoft and Apple products, an update on an important court case involving the First Amendment and DreamHost, and long-overdue updates to the accepted ‘best practices’ on creating passwords (and an apology from the guy who caused us all so much grief). My tip of the week will speed up your web browsing and help protect your surfing privacy. Listen to Part 1: The Mouse That Scored, How Copyright Went Wrong Cory Doctorow is a science fiction author, activist, journalist and blogger — the co-editor of Boing Boing (boingboing.net) and the author of WALKAWAY, a novel for adults, a YA graphic novel called IN REAL LIFE, the nonfiction business book INFORMATION DOESN’T WANT TO BE FREE, and young adult novels like HOMELAND, PIRATE CINEMA and LITTLE BROTHER and novels for adults like RAPTURE OF THE NERDS and MAKERS. He works for the Electronic Frontier Foundation, is a MIT Media Lab Research Affiliate, is a Visiting Professor of Computer Science at Open University and co-founded the UK Open Rights Group. Born in Toronto, Canada, he now lives in Los Angeles. For Further Insight: Website: www.craphound.com Follow on Twitter: https://twitter.com/doctorow Donate to the EFF! https://supporters.eff.org/donate Help me to help you! Visit: https://patreon.com/FirewallsDontStopDragons Book: Buy the Book: Walkaway: A Novel Additional Resources: Donate to the EFF! https://supporters.eff.org/donate Decentraleyes (privacy plugin for your browser): https://decentraleyes.org/

In the first of a two-part interview, activist and author Cory Doctorow explains how copyright law has failed to keep up with the realities of the modern digital world, potentially exposing consumers and researchers to crushing lawsuits and generally stifling innovation. Unlike physical books and LP records, every song or movie you stream, every eBook you read, every app you download is accompanied by long, arcane licensing agreements that we never read. Cory explains why this makes no sense and why we must update this body of law to protect consumers and unleash new products. In the news, I’ll tell you about some password bugs in macOS, new security measures coming in Android’s Oreo release, and update you on the Equifax debacle. My Tip of the Week will help you avoid some nasty wireless vulnerabilities affecting literally billions of device (including laptops and smartphones). Listen to Part 2: Do We Own Any Media We Buy Anymore? Cory Doctorow is a science fiction author, activist, journalist and blogger — the co-editor of Boing Boing (boingboing.net) and the author of WALKAWAY, a novel for adults, a YA graphic novel called IN REAL LIFE, the nonfiction business book INFORMATION DOESN’T WANT TO BE FREE, and young adult novels like HOMELAND, PIRATE CINEMA and LITTLE BROTHER and novels for adults like RAPTURE OF THE NERDS and MAKERS. He works for the Electronic Frontier Foundation, is a MIT Media Lab Research Affiliate, is a Visiting Professor of Computer Science at Open University and co-founded the UK Open Rights Group. Born in Toronto, Canada, he now lives in Los Angeles. For Further Insight: Website: www.craphound.com Follow on Twitter: https://twitter.com/doctorow Donate to the EFF! https://supporters.eff.org/donate Help me to help you! Visit: https://patreon.com/FirewallsDontStopDragons Buy the Book: Walkaway: A Novel

Just because you’re not paranoid doesn’t mean they’re not tracking you! And just because you feel that you have nothing to hide doesn’t mean you shouldn’t be worried about privacy. In today’s edition of my Castle Defense 101 series, I spell out why privacy matters and why companies and governments are hell bent on violating it. I’ll also explain the myriad ways by which your web habits are tracked and then give you several simple ways you can protect yourself. Have you ever used the CCleaner app on your computer? If so, you’ll want to hear about a recent hack of this app’s installer and how to fix it. For Further Insight: Want to see what just one company knows about you? https://aboutthedata.com/ Why Privacy Matters: https://www.ted.com/talks/glenn_greenwald_why_privacy_matters How easy are you to track on the web? https://panopticlick.eff.org/ Help me to help you! Visit: https://patreon.com/FirewallsDontStopDragons

Will the robots rise up and take over? Or will Artificial Intelligence usher in a Utopian future? These concepts may have seemed like science fiction just 10-20 years ago, but visionaries like Elon Musk are warning us to take the notion of true AI very seriously. Like any powerful tool, the impact of AI will depend on how we develop and use it. In this week’s episode, I discuss the good, the bad and the ugly implications of AI and machine learning with technologist Albert Stepanyan. We’ve learned more about the Equifax debacle since last week – I’ll catch you up on everything you need to know, including another important tip on how to monitor your credit and protect yourself from identity theft. Albert Stepanyan is an A.I. Evangelist and Entrepreneur who loves code. He hasan entrepreneurial mindset with a passion for coding. Currently, he acts as the CEO and lead strategist at Develandoo, a software accelerator that is changing the way companies build products. His experience includes acting as CTO of a Munich-based Startup accelerator, lead engineer at various enterprises, and lead engineer or technical co-founder on more than 50 high-profile projects.. For Further Insight: Web site: www.cyberhulk.net Follow on Twitter: https://twitter.com/albertcyberhulk LinkedIn: https://www.linkedin.com/in/cyberhulk/ Further Reading: Equifax hack and response: http://firewallsdontstopdragons.com/equifax-hack-identity-theft/ Free annual credit reports: https://www.ftc.gov/faq/consumer-protection/get-my-free-credit-report Great article on what we need to do: https://www.schneier.com/blog/archives/2017/09/on_the_equifax_.html Help me to help you! Visit: https://patreon.com/FirewallsDontStopDragons

Equifax, one of the three major credit bureaus, was hacked – over 143 million U.S. accounts may have been leaked, making them much more vulnerable to identity theft and fraud. In this episode, I help you understand the potential impacts of this breach and give you several important actions you can take to protect yourself, including instituting a credit freeze on your account. Chris Romeo, CEO and Founder of Security Journey will help us understand the severity of this major news story and what we need to do to protect ourselves moving forward! Is there such a thing as a good hacker? We will tackle what it takes to be a hacker – and why you actually might want to become one! Hackers are not all bad guys in hoodies hunched over a laptop. The hacker mentality is much more about a desire to tinker and solve puzzles, just applied to computers – and we need good hackers to help us combat the bad ones. Chris Romeo is CEO and co-founder of Security Journey. His passion is to bring security belt programs to all organizations, large and small. He was the Chief Security Advocate at Cisco Systems for five years, where he guided Cisco’s Security Advocates, empowering engineers to “build security in” to all products at Cisco. He led the creation of Cisco’s internal, end-to-end security belt program launched in 2012. Chris has twenty years of experience in security, holding positions across the gamut, including application security, penetration testing, and incident response. Chris holds the CISSP and CSSLP. Help me to help you! Visit: https://patreon.com/FirewallsDontStopDragons For Further Insight: Website, www.securityjourney.com Follow on Twitter, @SecurityJourney Facebook, https://www.facebook.com/SecJourney/ Additional Resources: Freeze your credit at all three credit bureaus: Equifax, Experian and TransUnion. Get your free annual credit reports: https://www.ftc.gov/faq/consumer-protection/get-my-free-credit-report

Do you have backup copies of all your family photos and home videos? What about your tax documents and other financial data? Maybe you have a collection of priceless family history information that you’ve painstakingly compiled over many years. Unless you’re keeping copies of those files in multiple places (including at least one place outside your home!), you’re flying without a net. You’re one minor or major disaster away from losing them forever. Luckily, there are several simple and cost-effective solutions for automatically backing up all your files, photos, music and movies. In today’s show, part two of the Castle Defense 101 series, I’ll lay out a foolproof strategy for protecting your most precious digital data! For Further Insight: Help me to help you! Visit: https://patreon.com/FirewallsDontStopDragons Backblaze offers an affordable, easy-to-use cloud backup solution – try it for free! For complete step-by-step help with backups and over 100 other tips, check out my book, Firewalls Don’t Stop Dragons.

There are bills before Congress to use drones along our border for mass surveillance and provisions to capturing all manner of biometric data when you travel. How will that data be used and who will have access? We break it all down for you and tell you how to voice your opinions. India McKinney and Adam Schwartz from the EFF are with me this week to explain several ways that your privacy rights are under serious attack at the U.S. border. Your favorite PDF viewer is probably riddled with security vulnerabilities. I cover some recent news about Foxit PDF Reader and help you find safer alternatives with my Tip of the Week. India McKinney is a Legislative Analyst with the Electronic Frontier Foundation, primarily focusing on privacy and surveillance issues in upcoming legislation. Prior to joining EFF, India spent over 10 years in Washington, DC as a legislative staffer to three members of Congress from California. Her work there largely focused on the appropriations process, specifically analyzing and funding programs in the Departments of Veterans Affairs, Homeland Security, and Justice. Her biggest legislative accomplishment was authorizing, funding and then naming a new outpatient VA/DoD clinic that will serve over 80,000 people. Adam Schwartz is a Senior Staff Attorney at the Electronic Frontier Foundation. Adam works to ensure that new technologies expand instead of shrink our privacy, freedom of speech, and other civil liberties. Before joining EFF, Adam worked as a Senior Staff Attorney at the American Civil Liberties Union of Illinois. Adam graduated in 1995 from the Howard University School of Law. For Further Insight: Website: https://eff.org/ Follow on Twitter: https://twitter.com/EFF Facebook: https://www.facebook.com/eff/ Additional Resources For You: Help me to help you! Visit: https://patreon.com/FirewallsDontStopDragons EFF’s Defending Privacy at the U.S. Border: A Guide for Travelers Carrying Digital Devices Sumatra PDF Reader: https://www.sumatrapdfreader.org/download-free-pdf-viewer.html

Jeffrey Ritter, author of “Achieving Digital Trust”, is back to help us understand the phenomenon of “fake news” and to explain why it’s not a new thing. We talk about how deception and misdirection have been around since the dawn of marketing and how we can train ourselves to navigate these treacherous waters in the Information Age. Google is claiming they can match your offline, real-world purchases with their online ad tracking and the US government is proposing legislation that might finally being some much-needed security standards to the burgeoning “Internet of Things” marketplace. Jeffrey Ritter currently serves as an External Lecturer at two of the world’s great universities for computer science, Johns Hopkins University and the University of Oxford, where he teaches graduate level courses in privacy engineering, information governance, and information security policy design. His career includes legal services to global corporations, leadership in the work of the United Nations and the American Bar Association, and ongoing academic research and writing on digital trust. For Further Insight: Website: www.jeffreyritter.com Follow on Twitter: https://twitter.com/Jeffrey_Ritter LinkedIn: https://www.linkedin.com/in/jeffreyritter/ Further Reading: Can you trust what you hear? https://www.theverge.com/2017/4/24/15406882/ai-voice-synthesis-copy-human-speech-lyrebird Can you trust what you see? https://boingboing.net/2017/07/17/fake-obama-speech-is-the-begin.html Opt out of Google tracking: https://myaccount.google.com/privacy#activity Achieving Digital Trust: The New Rules for Business at the Speed of Light, is available on Amazon.com

Chris Romeo regales us with tales of safe-cracking robots, demonic car washes, possessed Teslas, and hacking of voting machines! Where did this all happen? At the hacker conferences, of course! We’ll help you understand how hackers really think and what they really do every year in Las Vegas at the DEFCON and BlackHat conferences. Chris Romeo is CEO and co-founder of Security Journey. His passion is to bring security belt programs to all organizations, large and small. He was the Chief Security Advocate at Cisco Systems for five years, where he guided Cisco’s Security Advocates, empowering engineers to “build security in” to all products at Cisco. He led the creation of Cisco’s internal, end-to-end security belt program launched in 2012. Chris has twenty years of experience in security, holding positions across the gamut, including application security, penetration testing, and incident response. Chris holds the CISSP and CSSLP. For Further Insight: Website, www.securityjourney.com Follow on Twitter, @SecurityJourney Facebook, https://www.facebook.com/SecJourney/ Additional Resources: Hackers: Heroes of the Computer Revolution by Steven Levy WITH HOVER… YOUR PRIVACY IS INCLUDED Get 10% off your first domain name order!

In this final segment, we address the classic conundrum: law enforcement believes that your servers hold key information that would prevent a devastating terror attack, but revealing the information may violate the privacy of the client, or even other unrelated people. What do you do? Ladar Levison answers that very question. Prior to the interview, I explain what “secure email” really means and what it entails – it’s not nearly as simple as it might seem. And time is running out to submit your backup horror stories or maybe success stories! Send your tales to [email protected] for your chance to win a free copy of my book! Ladar Levison serves as the founder, president, and chief executive of Lavabit, where he has worked the past 12 years. Lavabit was created because Mr. Levison believes that privacy is a fundamental, necessary right for a functioning, free and fair democratic society. Presently, Mr. Levison is focused on Lavabit’s Dark Mail Initiative, which aims to make end-to-end email encryption automatic and ubiquitous, while continuing to vigorously advocate for the privacy and free speech rights of all. For Further Insight: Website: www.lavabit.com Follow on Twitter: https://twitter.com/kingladar Additional Resources: Sign up for Lavabit secure email: https://lavabit.com/ Learn more about secure email: https://easycrypt.co/email-privacy-crash-course-part-1-introduction/

Ladar Levison is the CEO and Founder of Lavabit – a secure email service whose most famous customer was Edward Snowden. In part one of my two-part interview with Ladar, we discuss what happened when the FBI came knocking on his door, demanding access to his private security keys. Ladar shares some deep insights into the notion of privacy and intelligence gathering in this country, and how to strike the proper balance. I will also update you on the hot news from two top hacker conferences, including a nasty Mac virus and a bug in Broadcom WiFi chips found in over 1 BILLION devices worldwide. And I will tell you about one of the oldest and best fact-checking sites on the web, and why they need your help. For Further Insight: Website: www.lavabit.com Follow on Twitter: https://twitter.com/kingladar Additional Resources: Sign up for Lavabit secure email: https://lavabit.com/ How to remove Flash: http://firewallsdontstopdragons.com/ditch-flash/ The web’s original fact checker: http://snopes.com/

Is trust just an emotion or is it more than that? In this week’s episode, I speak at length with Jeffrey Ritter: a lawyer, diplomat, researcher and author of the book “Achieving Digital Trust”. We get to the heart of what it means to trust, how trust is gained and lost, and how living in the Information Age has had such a profound impact on all of the above. Jeffrey has some deep insights on how we can cope with the high rate of data and decision making inherent in this modern life – and shares some interesting stories along the way! Jeffrey Ritter currently serves as an External Lecturer at two of the world’s great universities for computer science, Johns Hopkins University and the University of Oxford, where he teaches graduate level courses in privacy engineering, information governance, and information security policy design. His career includes legal services to global corporations, leadership in the work of the United Nations and the American Bar Association, and ongoing academic research and writing on digital trust. I’ll also tell you how you can share your financial account information more securely using aggregator accounts and how to win a free copy of my book by sending me your best computer backup stories! Send your stories to [email protected]. For Further Insight: Website: www.jeffreyritter.com Follow on Twitter: https://twitter.com/Jeffrey_Ritter LinkedIn: https://www.linkedin.com/in/jeffreyritter/ Achieving Digital Trust: The New Rules for Business at the Speed of Light, is available on Amazon.com

What could be more crucial to a democracy than a voting system we can trust? Today I speak with Barbara Simons, President of VerifiedVoting.org, on why so many of our US election systems are vulnerable to hacking without leaving a trace. The solutions to these issues are well known and straightforward, and yet we can’t seem to come together in a unified way to implement them. We’ll discuss why the current systems are so bad, what needs to be done, and tell you what you can do to help. I will also tell you about a new file backup tool from Google, 14M Verizon customer records found online with no protection, why you might be wary about leaving your keys lying around in plain sight, and how to improve your privacy with Post-It Notes! Barbara Simons has been on the Board of Advisors of the U.S. Election Assistance Commission since 2008. She published Broken Ballots: Will Your Vote Count?, a book on voting machines co-authored with Douglas Jones. She also co-authored the report that led to the cancellation of Department of Defense’s Internet voting project (SERVE) in 2004 because of security concerns. In 2015 she co-authored the report of the U.S. Vote Foundation entitled The Future of Voting: End-to-End Verifiable Internet Voting, which included in its conclusions that “every publicly audited, commercial Internet voting system to date is fundamentally insecure.” Simons is a former President of the Association for Computing Machinery (ACM), the oldest and largest international educational and scientific society for computing professionals. She is President of Verified Voting and is retired from IBM Research. Get 10% off your first domain name order! For Further Insight: Web site: VerifiedVoting.org Follow on Twitter: https://twitter.com/VerifiedVoting Further Reading: Does your state have proper voting machines? Do they have procedures for audits? https://www.verifiedvoting.org/ Google’s backup service: https://techcrunch.com/2017/07/12/google-launches-a-new-backup-sync-desktop-app-for-uploading-files-and-photos-to-the-cloud/ Change your Verizon PIN: https://www.verizonwireless.com/support/account-pin-faqs/ Copy a key with a photo: https://www.key.me/ Lose all your photos when your hard drive crashed? Did a cloud backup save your bacon when you had your phone stolen? Tell me your best backup stories for a chance to win a free copy of my book! Send them to [email protected]!

Passwords are the bane of our modern existence. Why the hell haven’t we figured out a better way to prove who we are? Today is the first in a series of educational shows that I’ve dubbed Castle Defense 101: Defending Your Digital Drawbridge. In our inaugural session, we’ll take a deep dive into the problem of passwords. What really makes a good password and how do I choose one? How can I possibly remember all these passwords? How often do I need to change my password? Why do we even need passwords, anyway – can’t we just use fingerprints or something? I will answer all of these questions and then some. I’ll even tell you why you should only ever know one single password! And finally, I’ll tell you how you can win a free copy of my book, Firewalls Don’t Stop Dragons! Domain names SAVE10% off your first order! For Further Insight: Some excellent password managers: LastPass , 1Password , Dashlane , Passwords Are Dead Long Live Passwords Firewalls Don't Stop Dragons: A Step-By-Step Guide to Computer Security for Non-Techies

Lawrence Abrams is the creator and CEO of Bleeping Computer, and he and I delve into the latest malware sweeping the globe called NotPetya (among other things). The supposed ransomware appears to be just plain mean, destroying all the data on your hard drive whether you pay the ransom or not. We’ll tell you what you need to know, including how to protect yourself and what to do if you think you might be infected. We talk about the usefulness of anti-virus software and give you the info you need to pick the right one for you. Finally, in my Tip of the Week, I explain why you need more than one account on your computer and how it can help to mitigate and isolate malware attacks. Lawrence Abrams is the creator and owner of BleepingComputer.com. Lawrence’s area of expertise includes malware research, ransomware, and computer forensics. For Further Insight: Web site: BleepingComputer.com Twitter: https://twitter.com/BleepinComputer Facebook: https://www.facebook.com/BleepingComputer LinkedIn: https://www.linkedin.com/in/lawrence-abrams-43074a10/ Further Reading: BleepingComputer’s how to remove malware Windows antivirus software: Malwarebytes, ESET, Emsisoft, Kaspersky Creating non-admin accounts: Windows or MacOS

Are you ready for the next YouTube, Netflix or Hulu? Then you need to fight to save net neutrality. Today I discuss the threatened gutting of the hard-fought net neutrality rules with Ernesto Falcon from the Electronic Frontier Foundation. The new FCC chairman, Ajit Pai, is looking to undo the protections put into place that would allow the next Internet startup to compete on a level playing field. Internet Service Providers would like to put their massive thumbs on the digital scale, tipping the advantage to companies that can afford to pay or even to favor their own content. Now that we have deep-pocketed incumbents, we need net neutrality rules to allow the new guys a chance to compete fairly. In the news, we’ll discuss the 198M voter profiles that were left unprotected on the web, Microsoft’s abandonment of SMBv1 (that’s a good thing), Google’s move to respect your email privacy, and Girl Scouts becoming cyber experts! In my Tip of the Week, I’ll tell you how to avoid giving away too much information when needing to sign up to access web content. Prior to joining EFF, Ernesto worked as a legislative staffer for two Members of Congress (2004-2010). He then became Vice President of Government Affairs at Public Knowledge where he advocated on behalf of consumers on copyright issues and broadband competition. During his tenure, Public Knowledge was successful in achieving one of the largest consumer victories in telecom policy by defeating AT&T’s merger with T-Mobile. The following year, PK and EFF scored a major victory for consumers by rallying the Internet community to defeat the Stop Online Piracy Act (SOPA). After eight years in Washington DC, he returned to his home state of California to go to law school at McGeorge School of Law in order to strengthen his digital rights advocacy. Now, as an attorney, he is excited to rejoin the fight for consumers and Internet freedom. For Further Insight: Website: https://eff.org/ Follow on Twitter: https://twitter.com/EFFFalcon Additional Resources: Tell the FCC not to gut net neutrality: https://DearFCC.org Tell your representatives, too: https://act.eff.org/action/tell-congress-don-t-surrender-the-internet FOSCAM security vulnerabilities: http://thehackernews.com/2017/06/online-ip-camera-hacking.html Disposable and shared email accounts: mailinator.com, 10minutemail.com, bugmenot.com

If you use public WiFi of any sort at the hotel, airport, or coffee shop (AND WHO DOESN'T), then you need to pay attention. A VPN could be a viable answer to protect your data and your devices. The other big challenge is your Internet Service Provider at home is probably capturing and selling your web browsing info – there is something you can do at home to protect yourself as well. Dave Peck helped to create one of the best Virtual Private Network products on the market, and today he and I will discuss why you need a VPN and how to pick one. Dave is an independent software developer and co-founder of GetCloak.com, a very easy-to-use VPN service. Not clicking on links apparently isn’t good enough anymore – now you can’t even hover over them! Also, Microsoft and Adobe have some software updates that fix critical bugs in Windows and Flash. And for the Tip of the Week, I’ll tell you why you really just need to uninstall Flash completely and how to do it. Transfer your domain names and save 40% in June! https://hover.com/transfermydomain For Further Insight: Web site: https://davepeck.org/ Follow on Twitter: https://twitter.com/dangerdave Further Reading: Why It’s Hard to Pick a VPN: https://davepeck.org/2017/04/16/why-its-hard-to-choose-a-vpn-provider/ Cloak VPN: https://www.getcloak.com/ TunnelBear VPN: https://www.tunnelbear.com/ VyprVPN: http://www.goldenfrog.com/vyprvpn/special/vpn-seasonal-special?offer_id=78&aff_id=3809 How to Uninstall Flash: http://firewallsdontstopdragons.com/ditch-flash/ How to Uninstall Shockwave: https://krebsonsecurity.com/2014/05/why-you-should-ditch-adobe-shockwave/

The Internet of Things will soon include cars… what could possibly go wrong? If all the cars on the road could tell each other what they were doing, would that make us safer? Maybe. But if your car is constantly broadcasting this information, that would also make it trivial to track you everywhere you go. Worse yet, any time you put something on a network, it is immediately a target for hackers. Crashing a computer is one thing; crashing a car is quite different, but this is quickly becoming a reality we have to deal with. I will also tell you about an interesting new ‘travel mode’ feature from 1Password and talk about the Fireball adware that is already on over 250 million computers. We’ll wrap up with a new Tip of the Week, just in time for summer storm season! Jamie Williams is a staff attorney at the Electronic Frontier Foundation, where she is part of the civil liberties team. Jamie focuses on the First and Fourth Amendment implications of new technologies. She also co-taught Internet Law at University of California Berkeley, School of Law. Jamie joined EFF in 2014 as a Frank Stanton Legal Fellow. Prior to joining EFF, Jamie clerked for Judge Saundra Brown Armstrong in the Northern District of California. Before her clerkship, she was a litigation associate at Paul Hastings LLP and an attorney law clerk at the Alameda County Public Defender. Jamie has a J.D. from the University of California, Berkeley School of Law (Boalt Hall) and a B.A. in journalism from the University of Wisconsin, Madison. Mr. Kaiser has served on several nonprofit boards. He is currently the chair and a founding board member of SPINUSA, a national nonprofit based in Massachusetts, and has served on the Board of Trustees of the College of the Atlantic in Bar Harbor, Maine, and New Destiny Housing Corporation in New York City. For Further Insight: Web site: www.eff.org Follow on Twitter: https://twitter.com/jamieleewi LinkedIn: https://www.linkedin.com/in/jamie-williams-60635555/ Further Reading: EFF article on v2v communication issues: https://www.eff.org/deeplinks/2017/05/danger-ahead-governments-plan-vehicle-vehicle-communication-threatens-privacy Automated License Plate Readers: https://www.eff.org/sls/tech/automated-license-plate-readers/faq#faq-Are-private-companies-using-ALPRs Who has your back? https://www.eff.org/who-has-your-back-2016 Finding and removing Fireball adware: http://computerfixguide.com/how-can-i-remove-fireball-malware-effectively/ Best UPS: http://thewirecutter.com/reviews/best-uninterruptible-power-supply-ups/

Do you have a “smart” TV? Or an Internet-connected baby monitor? Then you are a part of the Internet of Things (IoT)! Welcome to the world of everyday devices being connected to the network, allowing you to change the temperature of your home while traveling, check up on your dogs from work, and have a Bluetooth speaker that can also fetch tomorrow’s weather forecast. While there are lots of great uses for these devices, their security (or lack thereof) is making many of us vulnerable to attack. Today I speak at length with John Graham-Cumming, CTO of Cloudflare, about the Internet of Things and how it’s already wreaking havoc on our world. We’ll tell you how to be smart about your smart devices! We’ll also talk about the massive OneLogin password system breach and how hackers are increasingly turning to social media to target people for phishing attacks. John Graham-Cumming is a computer programmer and author. He studied mathematics and computation at Oxford and stayed for a doctorate in computer security. As a programmer he has worked in Silicon Valley and New York, the UK, Germany and France and currently works at CloudFlare. His open source POPFile program won a Jolt Productivity Award in 2004. He is the author of a travel book for scientists published in 2009 called The Geek Atlas and has written articles for The Times, The Guardian, The Sunday Times, The San Francisco Chronicle, New Scientist and other publications. In 2009 he successfully petitioned the British Government to apologize for the mistreatment of British mathematician Alan Turing. He is a licensed radio amateur. For Further Insight: Website: http://jgc.org Follow on Twitter: https://twitter.com/jgrahamc Additional Resources: Save 40% off next year’s domain registration (and get FREE privacy) https://hover.com/transfermydomain Social media increasingly used by hackers: https://www.nytimes.com/2017/05/28/technology/hackers-hide-cyberattacks-in-social-media-posts.html The Geek Atlas: https://www.amazon.com/Geek-Atlas-Places-Science-Technology/dp/0596523203 EFF’s page to help send comments to FCC on Net Neutrality: https://dearfcc.org/

Summer is upon us and for many of us that means travel – but before you even pack your bags, you need to listen to this podcast! In my second interview with Michael Kaiser (the Executive Director of the National Cyber Security Alliance), we discuss all the cyber security and privacy issues you need to consider: before you go and while you’re traveling. Going abroad this summer? There are even more things you need to consider well before you leave! Also in this episode, I’ll tell you why Twitter’s new privacy policy changes are not in your favor, and how to fix it. Android’s next major software release, due out later this year, should finally address some of the major problems with getting updates. And I answer two questions from listeners on how best to deal with getting off mailing lists and tell you how secure Apple’s Message system really is. Michael Kaiser joined the National Cyber Security Alliance (NCSA) in 2008. As NCSA’s executive director, Mr. Kaiser engages diverse constituencies—business, government and other nonprofit organizations—in NCSA’s broad public education and outreach efforts to promote a safer, more secure and more trusted Internet. Mr. Kaiser leads NCSA in several major awareness initiatives, including National Cyber Security Awareness Month (NCSAM) each October, Data Privacy Day (Jan. 28) and STOP. THINK. CONNECT., the global online safety awareness and education campaign. NCSA builds efforts through public-private partnerships that address cybersecurity and privacy issues for a wide array of target audiences, including individuals, families and the education and business communities. In 2009, Mr. Kaiser was named one of SC Magazine’s information security luminaries. Mr. Kaiser has served on several nonprofit boards. He is currently the chair and a founding board member of SPINUSA, a national nonprofit based in Massachusetts, and has served on the Board of Trustees of the College of the Atlantic in Bar Harbor, Maine, and New Destiny Housing Corporation in New York City. For Further Insight: Web site: staysafeonline.org Follow on Twitter: https://twitter.com/MKaiserNCSA Facebook: https://www.facebook.com/staysafeonline/ LinkedIn: https://www.linkedin.com/in/michael-kaiser-3579752b Additionally Important: NCSA’s Cyber Trip Advisor: https://www.stopthinkconnect.org/resources/preview/tip-sheet-ncsas-cyber-trip-advisor Undoing the new Twitter privacy settings: https://www.eff.org/deeplinks/2017/05/how-opt-out-twitters-new-privacy-settings Secure messaging apps: WhatsApp: https://www.whatsapp.com/ Signal: https://whispersystems.org/

The WannaCry virus hit over 200,000 computers in over 150 countries in a matter of days. While WannaCry spread quickly, it had some fatal flaws that prevented it from doing a lot more damage. However, these flaws will soon be fixed – Round 2 of this virus is already upon us. I speak with Michael Kaiser from the National Cyber Security Alliance to find the lessons we need to learn and what we need to do to protect ourselves from the next generations of this nasty malware. We also take a good look at who might be to blame for all of this and some thorny issues exposed by this attack. In other news, I’ll tell you how to find out if your HP laptop might be logging all of your keystrokes and how to fix it. Michael Kaiser joined the National Cyber Security Alliance (NCSA) in 2008. As NCSA’s executive director, Mr. Kaiser engages diverse constituencies—business, government and other nonprofit organizations—in NCSA’s broad public education and outreach efforts to promote a safer, more secure and more trusted Internet. Mr. Kaiser leads NCSA in several major awareness initiatives, including National Cyber Security Awareness Month (NCSAM) each October, Data Privacy Day (Jan. 28) and STOP. THINK. CONNECT., the global online safety awareness and education campaign. NCSA builds efforts through public-private partnerships that address cybersecurity and privacy issues for a wide array of target audiences, including individuals, families and the education and business communities. In 2009, Mr. Kaiser was named one of SC Magazine’s information security luminaries. Mr. Kaiser has served on several nonprofit boards. He is currently the chair and a founding board member of SPINUSA, a national nonprofit based in Massachusetts, and has served on the Board of Trustees of the College of the Atlantic in Bar Harbor, Maine, and New Destiny Housing Corporation in New York City. For Further Insight: Web site: staysafeonline.org Follow on Twitter: https://twitter.com/MKaiserNCSA Facebook: https://www.facebook.com/staysafeonline/ LinkedIn: https://www.linkedin.com/in/michael-kaiser-3579752b Additionally Important: 10% off your first domain name order! https://www.hover.com/welcome/Firewalls HP key logger: https://www.bleepingcomputer.com/news/security/keylogger-found-in-audio-driver-of-hp-laptops/ Got ransomware? Go here before paying! https://www.nomoreransom.org/ Start With Security: https://www.ftc.gov/tips-advice/business-center/guidance/start-security-guide-business Dept Homeland Security C-Cubed: https://www.dhs.gov/ccubedvp

The WannaCry ransomware worm spread across the planet is a matter of hours, infecting over 200,000 computers in just a matter of hours – this included hospitals in the UK, phone service in Spain, and even a Russian ministry. The malware was stopped dead by one security researcher who basically got lucky. In today’s show, I will explain what WannaCry is and how to ensure that you are protected again this nasty bug and others just like it that will surely be coming. My guest today is security research Nick Weaver who will help us understand what the real threats are for most people – it’s not just hackers! He explains why we’re vulnerable and gives us a lot of great and timely tips on how to protect your computers and mobile devices (spoiler alert: you need to ditch Android and go with Apple). Nicholas Weaver received a B.A. in Astrophysics and Computer Science in 1995, and his Ph.D. in Computer Science in 2003 from the University of California at Berkeley. Although his dissertation was on novel FPGA architectures, he also was highly interested in Computer Security, including postulating the possibility of very fast computer worms in 2001. In 2003, he joined the International Computer Science Institute (ICSI), first as a postdoc and then as a staff researcher. His primary research focus is on network security, notably worms, botnets, and other internet-scale attacks, and network measurement. Other areas have included both hardware acceleration and software parallelization of network intrusion detection, defenses for DNS resolvers, and tools for detecting ISP-introduced manipulations of a user's network connection. For Further Insight: Website: http://www1.icsi.berkeley.edu/~nweaver Follow on Twitter: @ncweaver Further Reading: Article on WannaCry by our guest: https://lawfareblog.com/crying-about-wannacry-notable-features-newest-ransomeware-attack Microsoft help on WannaCry malware: https://blogs.technet.microsoft.com/msrc/2017/05/12/customer-guidance-for-wannacrypt-attacks/ John Oliver on Net Neutrality: https://www.youtube.com/watch?v=92vuuZt7wak Tell the FCC how you feel about Net Neutrality! http://gofccyourself.com/

This week I’ll tell you why you should not be using Microsoft’s Edge Browser, how to find out if you were bitten by a very clever Google Docs phishing scheme, and why you can’t believe every voice you hear. Along the way, I’ll give you my recommendations on the best web browser to use as well as how to revoke permissions you may have granted to Twitter, Facebook and Google over the years that may be leaving your vulnerable. Finally, I’ll tell you how Intel finally found and fixed a flaw in their backdoor chip for managing PC’s, how to see if your computer is affected, and why backdoors can let the bad guys in just as easily as the good guys. For Further Insight: Lyrebird: https://soundcloud.com/user-535691776 Google app permissions: https://myaccount.google.com/permissions Twitter app permissions: http://lifehacker.com/5905299/clean-our-your-twitter-app-permissions-as-part-of-your-spring-cleaning-regimen Facebook app permisssions: http://lifehacker.com/5904590/clean-out-your-facebook-app-permissions-as-part-of-your-spring-cleaning-regimen Intel chip security bulletin: https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00075&languageid=en-fr ShieldsUp! https://www.grc.com/x/ne.dll?bh0bkyd2

Would you write banking information, passwords, private conversation or any sensitive data on the back of a postcard? Sounds like a silly question perhaps – but this is the equivalency of writing private information in your public emails. Your emails are NOT secure. Today I’m going to help you understand the options available to you so you don’t get caught with your drawbridge down! I have an insightful discussion with Dr Andy Yen, the CEO and Co-Founder of Protonmail. We discuss why regular email is not very secure and how corporations like Yahoo, Google, and others have complete access to everything you send and receive. There are lots of better options out there and we discuss how to evaluate and choose a better service. We have lots of important news items this week including another Android hack that has infected at least 2 million phones, a raft of bugs in the latest Linksys home WiFi routers, a clever new ransomware attack that nests like Russian dolls, and finally a vigilante hacker that has written software that he dubs “Internet chemotherapy” that may completely take out your insecure devices. Dr. Andy Yen, CEO and Co-Founder of Protonmail has over 8 years of experience in distributed computing for demanding particle physics applications. Andy was a researcher at CERN from 2009 to 2015, where ProtonMail’s founding team met. He has a PhD in Physics from Harvard and a degree in Economics from Caltech. For Further Insight: Website: https://protonmail.com/ Follow on Twitter: https://twitter.com/ProtonMail Linkedin: https://www.linkedin.com/in/andy-yen-03a9676 Further Reading: http://blog.checkpoint.com/2017/04/24/falaseguide-misleads-users-googleplay/ http://www.linksys.com/us/support-article?articleNum=246427 https://thatoneprivacysite.net/email-section/ https://www.ted.com/talks/andy_yen_think_your_email_s_private_think_again Top VPN Servers List by Country

The Shadow Brokers have dumped a treasure trove of NSA secret hacking tools, proving that even the best secret-keepers in the country can’t always prevent info from leaking. Is it better for intelligence agencies to hoard software vulnerabilities for use against others, or to report those vulnerabilities so they can be fixed? I delve into this topic in detail, exploring the pros and cons. What if you could do one simple thing to protect your computer from most critical software bugs? It’s not only simple, it’s free and available to all users of modern Windows and Mac computers – and yet most people never use it! And as a bonus, I answer several of your questions from the mailbag about sharing WiFi passwords, choosing a cloud storage provider, protecting your kids while surfing the web, and things to consider when picking out a new computer! For Further Insight: https://www.eff.org/deeplinks/2017/04/border-search-bill-would-rein-cbp https://support.microsoft.com/en-us/help/306525/how-to-configure-and-use-automatic-updates-in-windows https://www.schneier.com/blog/archives/2016/08/the_nsa_is_hoar.html

This week I talk with Chris Romeo on why humans are so horribly bad at picking good passwords and why this invariably makes you vulnerable to hacking. We discuss password managers and how to create the one and only password you should ever need. Along the way, we’ll explain things like two-factor authentication, how often you should be changing your passwords, and how to make sure your accounts can still be accessible if the worst happens. In the news this week, I’ll tell you about a nasty WiFi bug that affects just about every smartphone on the market and why you will be vulnerable on public hotspots until you download the fix. Popular password manager LastPass also fixed a serious flaw in their browser plugin, though in this case, you’re probably already protected by the auto-update feature in your browser. And finally, I’ll answer a listener’s question about defending against ransomware and whether having a firewall will help. Chris Romeo is CEO and co-founder of Security Journey. His passion is to bring security belt programs to all organizations, large and small. He was the Chief Security Advocate at Cisco Systems for five years, where he guided Cisco’s Security Advocates, empowering engineers to “build security in” to all products at Cisco. He led the creation of Cisco’s internal, end-to-end security belt program launched in 2012. Chris has twenty years of experience in security, holding positions across the gamut, including application security, penetration testing, and incident response. Chris holds the CISSP and CSSLP. For Further Insight: Website, www.securityjourney.com Follow on Twitter, @SecurityJourney Facebook, https://www.facebook.com/SecJourney/ Additional Resources: https://thehackernews.com/2017/04/broadcom-wifi-hack.html https://blog.lastpass.com/2017/03/security-update-for-the-lastpass-extension.html/

This week I discuss the stunning repeal of Internet privacy provisions with Ernesto Falcon from the Electronic Frontier Foundation. Congress narrowly passed a bill that would not only toss out the regulations that would have given consumers much-needed transparency and choice in how their web surfing data is collected and used, but also would effectively prevent any further regulations from being created. Mr Falcon explains how we got here, what this means for you (the consumer), and what we can do about it. One potential solution to this invasion of your privacy is using a Virtual Private Network (VPN) service. I discuss how VPN’s work and how you can find a service that works for you. VPN’s are not only good for hiding your web surfing from your nosey Internet Service Provider (ISP) and wireless carrier, they can also protect your data from snooping when you’re connected to public WiFi networks. Prior to joining EFF, Ernesto worked as a legislative staffer for two Members of Congress (2004-2010). He then became Vice President of Government Affairs at Public Knowledge where he advocated on behalf of consumers on copyright issues and broadband competition. During his tenure, Public Knowledge was successful in achieving one of the largest consumer victories in telecom policy by defeating AT&T’s merger with T-Mobile. The following year, PK and EFF scored a major victory for consumers by rallying the Internet community to defeat the Stop Online Piracy Act (SOPA). After eight years in Washington DC, he returned to his home state of California to go to law school at McGeorge School of Law in order to strengthen his digital rights advocacy. Now, as an attorney, he is excited to rejoin the fight for consumers and Internet freedom. For Further Insight: Website: https://eff.org/ Follow on Twitter: https://twitter.com/EFFFalcon FaceBook: https://www.facebook.com/eff/ Additional Resources: http://www.privacyabroad.com/ https://www.eff.org/deeplinks/2017/03/congress-sides-cable-and-telephone-industry https://thatoneprivacysite.net/vpn-section/

What are your rights at the border? It depends on your immigration status, and even US citizens will not enjoy their usual Constitutional rights in this situation. This is an important topic that should not be overlooked. I have a insightful and revealing discussion with Adam Schwartz from the Electronic Frontier Foundation about the recent escalation in US border searches of electronic devices. We’ll discuss what’s happening and how you can prepare for potential searches at the border, and why this is important for every citizen whether you plan to leave the country or not. Adam Schwartz is a Senior Staff Attorney at the Electronic Frontier Foundation. Adam works to ensure that new technologies expand instead of shrink our privacy, freedom of speech, and other civil liberties. Before joining EFF, Adam worked as a Senior Staff Attorney at the American Civil Liberties Union of Illinois. Adam graduated in 1995 from the Howard University School of Law. Also, in the news this week: 600M iCloud accounts are purported to have been hacked – are you at risk? And the Senate has taken the first step towards allowing your internet service and cell phone providers to once again do whatever they please with your web surfing and app usage data. I’ll tell you how much you need to worry about these and what you can do about them! For Further Insight: Website: https://eff.org/ Follow on Twitter: https://twitter.com/EFF Facebook: https://www.facebook.com/eff/ Additional Sources For You: https://www.eff.org/wp/digital-privacy-us-border-2017 https://medium.freecodecamp.com/ill-never-bring-my-phone-on-an-international-flight-again-neither-should-you-e9289cde0e5f https://act.eff.org/action/don-t-let-congress-undermine-our-online-privacy

WikiLeaks dumped almost 9000 pages of secret CIA documents on the web for all to see, detailing dozens of secret hacking tools and techniques. What does this all mean for you and me? In this week’s interview, I speak with Daniel Davis from the privacy-preserving web search engine company DuckDuckGo. We discuss how crafty marketing services are attempting to track everywhere you go on the web in an effort to show you highly targeted (and highly profitable) advertising. We explain how it all works and give you several tips on how you can protect your privacy. Daniel Davis is Community Manager at DuckDuckGo, the search engine that doesn't track you. Working with both contributing developers and end users, he's passionate about spreading the benefits of open source and online privacy. For Further Insight: Website: https://duckduckgo.com The company's blog: https://spreadprivacy.com Follow on Twitter: https://twitter.com/duckduckgo Connect on Linkedin: https://www.linkedin.com/company/duck-duck-go Send me your questions! I’ll answer them online at the end of each show. [email protected] TRANSCRIPT OF FULL INTERVIEW Carey: Hello, everybody. This is Carey Parker, and welcome to another edition of Firewalls Don't Stop Dragons. We've got a little bit of news to catch up on first, and then we will be having an excellent interview with Daniel Davis from DuckDuckGo. So I definitely think the big news this week is the massive dump of documents, secret documents from the CIA on WikiLeaks. What's been dubbed “The Vault Seven Dump” I guess, or Vault Seven Documents. Something like almost 9,000 pages of internal secret CIA documents that were released by WikiLeaks. There's a lot of really interesting aspects to this. So it's a great news topic for the weekend. Let's talk about this a little bit, and what we know, what we don't know, what's important, and frankly, what's not so important. So first of all, in case you haven't heard, WikiLeaks published a bunch of documents, what they actually is the first of many more to come of what appeared to be internal CIA documents detailing tools and techniques that they use to hack into people's devices. That would be smartphones, computers, home routers, even televisions, which we'll talk about here in a minute. So far, we believe this information is probably real. This information also kind of appears to be at least one to two years old, which has some silver lining benefits in that most of the stuff that's detailed there as far as we know is probably mostly fixed. Most of these kind of vulnerabilities and exploits, things we call Zero Day Vulnerabilities or Zero Day Exploits, get patched over time. Because these companies care about security, they learn about these bugs and they fix them. It's the bugs that allow hackers and groups like the CIA to get into our devices and make them do things they weren't supposed to do. Zero Day, by the way, is a term you'll hear a lot. The idea, the meaning of the term is that it's the first day of knowing about something that has been out there for certain amount of time. So the bad guys probably know about it, but it's the first time we know about it. So it's the Day Zero. So they're called Zero Day Exploits. What else do we know? Well, we really don't know who leaked it. I mean obviously WikiLeaks published it. We don't know who gave this information to WikiLeaks, so was it somebody working within the CIA who's doing a whistleblower kind of a thing? Or was it some foreign government that hacked into the CIA and decided it would be a good idea to embarrass the CIA by publishing this information. We really don't know. We also don't know why it was leaked, because we don't know who … We can't even really speculate as to why this might have been released. Those are very important questions to ask and understand at some point, but at this point, from what I've read, we don't know either. We also don't know who,

“Phishing” is one of the most common and most effective ways for the bad guys to get your passwords or credit card information. In this episode, I’ll be discussing this classic hacking tactic that has grown by leaps and bounds in just the last year – one report said phishing attacks grew over 250% in the first quarter of 2016 alone. Secretary of Homeland Security Jeh Johnson recently said that “the most devastating attacks by the most sophisticated attackers almost always begin with the simple act of spear-phishing.” Tune in to find out what phishing is all about and how best to protect yourself! In the news this week, we ask the question: Can drones steal your computer information by video taping the flashing light on your PC?? (Spoiler alert: Look up Betteridge's Law of Headlines.) Chris Romeo is CEO and co-founder of Security Journey. His passion is to bring security belt programs to all organizations, large and small. He was the Chief Security Advocate at Cisco Systems for five years, where he guided Cisco’s Security Advocates, empowering engineers to “build security in” to all products at Cisco. He led the creation of Cisco’s internal, end-to-end security belt program launched in 2012. Chris has twenty years of experience in security, holding positions across the gamut, including application security, penetration testing, and incident response. Chris holds the CISSP and CSSLP. For Further Insight: Website, www.securityjourney.com Follow on Twitter, @SecurityJourney Facebook, https://www.facebook.com/SecJourney/

The media was once again telling everyone to light their hair on fire over the latest web bug that threatens to expose all of our private information – a bug they called CloudBleed. In this show, I use this particular web vulnerability to discuss how the media so often gets the reporting on these things totally wrong. In today’s world, where every headline is dire and begs to be clicked on, the phrase “if it bleeds it leads” has never been more true. We’ll talk about just what CloudBleed is and why the chances of it affecting you are likely very small – despite what most of the articles would have you believe. Meet Carey Parker, he is a software engineer, cyber security expert and published author of the book, and now podcast Firewalls Don’t Stop Dragons, A Guide to Computer Security for non-techies. His primary goal is to help everyday non-technical people and small businesses understand how to be proactive in securing their computers and protecting their online privacy. For Further Insight: Glenn Greenwald, Why Privacy Matters, TED Talk NEW SHOW: FIREWALLS DON'T STOP DRAGONS