Impractical Privacy

Sudo
  • 0,0 (0)
  • ACTUALITÉS TECHNOLOGIQUES
  • CHAQUE SEMAINE

Tired of feeling like you’re being watched online? Welcome to Impractical Privacy – your weekly dose of truth about your digital life. Together we will cut through the tech jargon and deliver the real privacy news you need to know, from data breaches and surveillance trends to simple, actionable tactics you can use today to protect your information. Each week, we’ll explore cutting-edge privacy-preserving tools, share practical recommendations, and help you reclaim control of your data. It's not complicated, and it’s crucial. Subscribe to Impractical Privacy and start building a fortress around your digital self.

  1. Hello, Graphene

    -2 J

    Hello, Graphene

    We dismantle the mobile duopoly and uncover the third door: GrapheneOS. With Motorola’s historic partnership announced at MWC 2026, privacy-focused hardware is finally diversifying beyond the Pixel. From Sandboxed Google Play to the "AI Tax" on standard OSs, we explore why your phone shouldn’t be a data-gathering sensor and give you the blueprint for a fortress that survives forensic scrutiny. 📚 Chapters Intro – The Duopoly: Why iOS and Android are just walled gardens with different fences.Moto’s MWC Announcement: The 2027 roadmap, ThinkShield, and Memory Tagging (MTE).The "One is None" Rule: Diversifying hardware to ensure GrapheneOS survival.Security vs. Privacy Trap: Why LineageOS and /e/ OS fail the security test.The Forensic Fortress: Auto-Reboot, USB Port Scrambling, and BFU/AFU states.The AI Tax on Privacy: Resisting the pivot from phone companies to AI data harvesters.Outro & Call‑to‑Action: Wait for the rollout, support the resistance, and reclaim autonomy.🛠️ Resources & Tools GrapheneOS Foundation – The open-source hardening project.Motorola's MWC Updates – Upcoming Graphene-ready hardware (2027).Hardware Memory Tagging (MTE) – Chip-level exploit mitigation.Titan M2 Security Chip – Protection against brute-force attacks.🌐 Connect Website: https://impracticalprivacy.comPatreon: Support the show & get bonus episodes.X (Twitter): @The_IP_PodcastMastodon: mastodon.social/@ImpracticalPrivacy

    22 min
  2. The Permanent Leak

    4 MARS

    The Permanent Leak

    We peel back the glossy veneer of “biometric convenience” and expose why your face, thumb, and gait are the weakest links in today’s digital defenses. From centralized biometric honeypots to synthetic‑identity injection attacks, we lay out the hidden costs of handing over your biology and give you a practical playbook for reclaiming control. 📚 Chapters Intro – The Friction‑less Dream: Why “you are unique” is a marketing myth.The Permanent Breach: Immutable biometric templates = permanent keys.Synthetic Identities & the “Injection Attack”: Virtual‑camera deepfakes that fool banks.Function Creep & The Death of Anonymity: From palm scanners to gait analysis.The Ghost in the Machine: Behavioral biometrics as continuous authentication.Taking Back the Key: Hardware‑bound passkeys, audit permissions, opt‑outs.Global Resistance: How the EU AI Act, US state laws, UK ICO, Australia, Canada, etc., are pushing back.Outro & Call‑to‑Action: Support the show, spread the word, tease next episode (GrapheneOS & Motorola).🛠️ Resources & Tools Hardware Passkeys – YubiKeyBehavioral‑Authentication - Ping IdentityLegal References – Colorado Privacy Act (2026), EU AI Act (2026)🌐 Connect Website: https://impracticalprivacy.comPatreon: Support the show & get bonus episodes.X (Twitter): @The_IP_PodcastMastodon: mastodon.social/@ImpracticalPrivacy

    24 min
  3. The Convenience Tax

    25 FÉVR.

    The Convenience Tax

    In this episode, Sudo dives into the hidden costs of reclaiming your digital sovereignty: the "Convenience Tax". He explores how a "coding error" at PayPal exposed the sensitive "Big Four" data of business users, providing a perfect starter kit for identity theft through SIM swapping and account takeovers. The episode balances the technical fortress of GrapheneOS and self-hosting against the real-world friction of app crashes, banking blocks, and the literal "physical tax" of carrying hardware keys. Sudo offers a tactical guide to fighting "privacy burnout" by reframing tech hurdles as intentional security wins and managing your home lab without bankrupting your family's happiness. Chapters The PayPal "Oopsie": Sudo breaks down how an internal exposure of Names, Addresses, SSNs, and DOBs creates a "permanent tax" on your identity that cannot be simply reset like a credit card.The Account Takeover Workflow: A step-by-step look at how scammers use leaked data to trick cell providers, perform SIM swaps, and bypass "Forgot Password" security.Impractical Mitigation: Why a credit freeze is a "fire suppression system" rather than just a smoke detector, and the necessity of pivoting to hardware keys like YubiKeys to stop SMS-based recovery attacks.Living in the Fortress: A raw look at daily-driving a Pixel with GrapheneOS, navigating the friction of Sandboxed Google Play, and the "Banking Wall" that can leave you stranded at the checkout counter.The Physical Tax: Examining the "Sovereignty Surcharge" of carrying physical tokens, offline maps, and the extra bulk of a privacy-focused everyday carry.The Sunk Cost of Self-Hosting: The reality of being your own 2:00 AM SysAdmin for tools like Immich or Nextcloud, and the "Family Tax" paid when a Pi-hole update brings down the household internet.Fighting the Burnout: Strategies to stay sane, including reframing broken sites as "diagnostic reports" and setting professional "maintenance windows" for your home lab to protect family time.Celebrate the Victories: A reminder to notice the targeted ads that don't appear and the data breaches that don't affect you because of the aliases and layers you've put in place.Resources GrapheneOSHardware Keys: YubiKey & Google TitanSelf-Hosted Tools: Immich, Nextcloud, and Pi-hole.Connect Website: impracticalprivacy.comPatreon: SupportTheShowX (Twitter): @The_IP_PodcastMastodon: mastodon.social/@ImpracticalPrivacyStay safe, stay private... even when it's a pain.

    21 min
  4. The Dark Side of Public Wi‑F

    18 FÉVR.

    The Dark Side of Public Wi‑F

    In this episode, Sudo pulls back the curtain on the "wolf in sheep’s clothing" that is public Wi‑Fi. He explains how "Evil Twin" hotspots and Man-in-the-Middle attacks allow hackers and the surveillance state to siphon personal data, from bank logins to fitness tracker syncs. The episode covers real-world horror stories from hotels to airports and provides a tactical #WiFiWarrior playbook for securing your digital life using VPNs, HTTPS-Only mode, and encrypted DNS. Chapters The Alure: Sudo describes the "siren song" of free Wi‑Fi and how it acts as a digital candy store where your most intimate data is the productAnatomy of a Rogue Hotspot: A tactical look at "Evil Twins," Wi-Fi Pineapples, and captive-portal hijacks used to harvest credentials before you even send a tweetMan-in-the-Middle (MITM) Explained: Breaking down the primary tools used to strip privacy, including packet sniffing, SSL stripping, and DNS spoofingReal-World Horror Stories: A look at the "receipts" of Wi‑Fi attacks, including the Pineapple Hotel Hack (2019), library ransomware (2022), and airport loyalty program scams (2023)Spotting & Disarming: Practical steps to perform a "health check" on your connection by identifying MAC addresses, verifying certificate chains, and using the HTTPS Everywhere testHardening Your Playbook: The #WiFiWarrior guide to security: using trusted VPNs (WireGuard/OpenVPN), enabling HTTPS-Only mode, turning off auto-connect, and utilizing personal hotspotsThe Aftermath: Steps to take if you’ve already used a sketchy network, such as revoking active sessions, changing passwords, and monitoring credit reportsStay Sane: A reminder that privacy is a journey, not a destination, and it is not worth sacrificing your mental health for OpSec perfectionOutro & Challenge: The #WiFiWarrior challenge: pick one public hotspot, enable a VPN, verify the connection with howsmyssl.com, and share your resultsResources Wi‑Fi PineappleHow’s My SSL?HTTPS-Only ModeDNS-over-HTTPS (Cloudflare)Free Credit MonitoringConnect with Us Website: impracticalprivacy.comPatreon: SupportTheShowX (Twitter): @The_IP_PodcastMastodon: mastodon.social/@ImpracticalPrivacyStay skeptical. Stay safe. Keep those packets private.

    16 min
  5. Password Panic

    11 FÉVR.

    Password Panic

    In this episode Sudo demystifies the hidden world of password hashing, salts, and why the “strong‑password” rules of the past are now laughably weak. We walk through historic data‑breaches, show how modern attackers crack unsalted or fast‑hash databases, and hand out a practical playbook for building truly resilient credentials—including dice‑ware passphrases, password‑manager habits, and layered 2FA. Chapters Password Panic: Sudo sets the stage, explaining why passwords matter to everyone and why reusing them is a digital land‑mine.What’s a Hash?: He breaks down cryptographic hashes—deterministic, one‑way functions—and illustrates the concept with a shredded‑paper analogy.Enter Salt: the secret seasoning: Salts are introduced as per‑user random strings that thwart dictionary and rainbow‑table attacks, turning each hash into a unique puzzle.Real‑life leaks: A rapid tour of notable breaches (LinkedIn 2012, Adobe 2013, Ashley Madison 2015, MySpace 2016, GitHub 2021) highlights the impact of weak hashes, missing salts, and fast algorithms.Password requirements: Practical advice: use unique, long passphrases, store them in a reputable password manager, and avoid password reuse at all costs.Two‑Factor Authentication: Talks the hierarchy of 2FA methods—from vulnerable SMS/voice OTPs to authenticator apps, push approvals, and hardware security keys.What If I Get Stuck?: Outlines recovery strategies: keep recovery codes, maintain backup hardware keys, and have fallback 2FA methods ready for emergencies.Account Activity: Learn how to audit login histories across major services (Google, Apple, Microsoft, Facebook/Instagram) and respond to suspicious sessions.Outro: Challenge to upgrade one high‑value account with a fresh dice‑ware passphrase, a password manager entry, and a solid second factor—then check activity logs for stray intruders.Resources: LinkedIn LeakAdobe LeakAshley Madison LeakGuide to Password ManagersWhy Salts MatterConnect with Us: Website: impracticalprivacy.comPatreon: SupportTheShowYouTube: @ImpracticalPrivacyX (Twitter): @The_IP_PodcastMastodon: mastodon.social/@ImpracticalPrivacyStay skeptical. Stay safe. Be Impractical.

    26 min
  6. Hijacked Homework

    4 FÉVR.

    Hijacked Homework

    In “Hijacked Homework,” we peel back the curtain on the hidden data‑mines lurking in today’s classroom tech—from free‑tier badge apps to AI‑powered tutor bots—showing how every click, screenshot and smart‑board swipe can be turned into a surveillance snack. Sudo walks you through the legal maze (FERPA, COPPA, GDPR) and hands you a toolbox of low‑cost, high‑impact counter‑measures so parents can keep their kids’ learning private and their grades… well, actually just the grades. Chapters: Intro and The WhatsApp Suit: Discusses the “gold‑star” badge trap that turns a harmless math app into a data‑harvesting machine. Along with an update on WhatsApp.Class is in Session: Dissects ClassDojo’s free tier, revealing the staggering amount of student metadata it hoards indefinitely.LMS: Explains how Learning Management Systems act as massive data lakes, aggregating everything from names to social‑security numbers.ISPs: Shows how school‑wide internet contracts turn every click into a granular traffic log, turning ordinary Wi‑Fi into a surveillance ledger.Tutor Apps: Highlights the privacy trade‑offs in popular tutoring platforms like Khan Academy, especially after the rollout of Khanmigo.Legally Speaking: Walks through the patchwork of student‑privacy laws—FERPA, COPPA, GDPR, and their global cousins—clarifying what protection actually exists.The Impractical Parent: Offers a pragmatic checklist (burner devices, VPNs, paper opt‑outs, data‑deletion requests, contract advocacy) to reclaim classroom privacy.Weekly Recap and Outro: Summarizes the five surveillance layers and reminds listeners that each has a lever they can pull. Resources: ClassDojo Privacy PolicyKhan Academy Privacy PolicyKhan Academy’s Responsible AI frameworkNEA Article on Student and Educator Data PrivacyStudent Data Privacy & Digital Learning – ERIC journal articleWho Represents You?Connect with Us: Website: impracticalprivacy.comPatreon: SupportTheShowYouTube: @ImpracticalPrivacyX (Twitter): @The_IP_PodcastMastodon: mastodon.social/@ImpracticalPrivacyNewsletter: SubscribeStay skeptical. Stay safe. Be Impractical.

    24 min
  7. The HIPAA Myth

    28 JANV.

    The HIPAA Myth

    In 'The HIPAA Myth', we bust the illusion that HIPAA shields your health data, exposing how Treatment, Payment, and Operations (TPO) let pharmacies, data aggregators, and telehealth apps silently sell your prescription details to ad networks. We then arm listeners with low‑tech counter‑measures—cash‑only meds, burner devices, and paper‑only consent—to keep the surveillance state from turning your medical history into a marketable commodity. Chapters: Intro and The HIPAA Lie: Why most folks think HIPAA = “your doctor can’t tell anyone anything,” and why that belief is a comforting myth.The Aggregators: How a handful of data‑hungry companies turn anonymous prescription fills into pinpoint‑accurate targeting tools.Telehealth and Check-in Trap: From BetterHelp’s FTC showdown to hidden Meta Pixels in therapy apps—why “online care” can feel more like a reality‑TV set.The Convergence: How boss‑ware, car‑trackers, discount‑card histories, and medical data fuse into a single risk model that insurers love.Legal Landscape: A rapid tour of HIPAA’s U.S. cousins (HITECH, GLBA, FTC Act) and the global heavyweights (GDPR, PIPEDA, APRA, LGPD, etc.).The Impractical Patient: Low‑tech, high‑impact tactics: cash‑only prescriptions, burner phones for telehealth, paper‑only consent forms, DIY labs.Outro. Your Body, Your Data: A reminder to stay skeptical, use the tools you’ve learned, and keep the conversation alive, because the best defense against this all is knowing how to use the resources available.Resources: BetterHelp's FTC ResponseFTC Order on BetterHelpWalk-In-LabPrivacy.comConsumer Reports-GoodRXConnect with Us: Website: impracticalprivacy.comPatreon: SupportTheShowYouTube: @ImpracticalPrivacyX (Twitter): @The_IP_PodcastMastodon: mastodon.social/@ImpracticalPrivacyNewsletter: SubscribeStay skeptical. Stay safe. Be Impractical.

    22 min
  8. The Tattleware Trap

    21 JANV.

    The Tattleware Trap

    We discuss the boss‑ware ecosystem that turns every keystroke, mouse‑wiggle, and sigh into data points for a corporate “panopticon.” After the deep‑dive, we arm you with a handful of low‑tech, high‑impact counter‑measures so you can keep the Green Dot from turning your life into a reality‑TV show. Chapters: The Green Dot: The status light on Teams/Slack becomes a constant source of anxiety, turning a simple “available” icon into a monitor that forces workers to fake activity just to stay “green.”The Anatomy of the Trap: Bossware installs a corporate root certificate that performs HTTPS inspection, letting IT decrypt, read, and log every supposedly “secure” transaction.The Visual Panopticon: Screenshot‑taking tools combined with OCR scan every pixel on your screen, turning images of personal PDFs or private chats into searchable text that HR can summon with a single keyword.The Pre-Crime Algorithm: Sentiment‑analysis AI watches your tone, response speed, and word choice, assigning a “flight‑risk” score that can trigger disciplinary action before you even think about quitting.The Hardware Traitors: Advanced bossware can silently fire up your webcam or microphone on demand, and even track eye movements to log distraction events.The BYOD Nightmare: Bringing a personal phone to work often means installing an MDM profile.The Convergence: All the disparate data streams, boss‑ware, smart‑home devices, car telematics, health trackers merge into a single, 24‑hour feed that paints a complete portrait of you.Countermeasures: Practical, low‑tech defenses: strict air‑gapping, guest‑network isolation, analog mouse‑jiggers, webcam/mic blockers.The Philosophy of Good Enough: Over‑surveillance creates the Hawthorne effect, stifling creativity; the remedy is to accept “good enough” privacy habits that protect the soul without demanding perfection.Outro: Wrap up with a reminder to stay skeptical, use the tools you’ve learned, and keep the conversation alive, because the best defense against the surveillance state is an informed, resilient community.Resources: EFF – Bossware reportGuest Wi‑Fi tutorialWired ArticleProton BlogConnect with Us: Website: impracticalprivacy.comPatreon: SupportYouTube: @ImpracticalPrivacyX (Twitter): @The_IP_PodcastMastodon: mastodon.social/@ImpracticalPrivacyNewsletter: SubscribeStay Impractical. Stay safe.

    22 min
Tout afficher (17)

À propos

Tired of feeling like you’re being watched online? Welcome to Impractical Privacy – your weekly dose of truth about your digital life. Together we will cut through the tech jargon and deliver the real privacy news you need to know, from data breaches and surveillance trends to simple, actionable tactics you can use today to protect your information. Each week, we’ll explore cutting-edge privacy-preserving tools, share practical recommendations, and help you reclaim control of your data. It's not complicated, and it’s crucial. Subscribe to Impractical Privacy and start building a fortress around your digital self.

Informations

  • Création
    Sudo
  • Années d’activité
    2025 - 2026
  • Épisodes
    17
  • Classification
    Tous publics
  • Copyright
    © Sudo BurnToast
  • Site web de l’émission
    Impractical Privacy