150 episodes

You’d go broke trying to build something dragon-proof to protect your computers and phones. This podcast gives you the tools and helps you grasp the dangers of an advanced technological world.

Firewalls Don't Stop Dragons Podcast Carey Parker

    • Technology
    • 5.0, 24 Ratings

You’d go broke trying to build something dragon-proof to protect your computers and phones. This podcast gives you the tools and helps you grasp the dangers of an advanced technological world.

    This is Why We Can’t Have Nice Things (part 1)

    This is Why We Can’t Have Nice Things (part 1)

    What good are privacy laws when we all know that intelligence agencies don't play by the rules? How can any company promise to keep our data safe when we know that agencies like the NSA and GCHQ are hoovering it all up? That's the essential argument behind the Max Shrems cases at the European Court of Justice. And the EU court agrees. In part 1 of my interview with EFF's Danny O'Brien, we'll talk about how we got here and how the parallel development of data mining and mass surveillance led us to these (successful) court challenges.







    Danny O'Brien has been an activist for online free speech and privacy for over 20 years. In his home country of the UK, he fought against repressive anti-encryption law, and helped found the Open Rights Group, Britain's own digital rights organization. He was EFF's activist from 2005 to 2007, its international outreach coordinator from 2007-2009, and international director from 2013-2019. He now supervises EFF's medium and long-term strategy, with an eye to maintaining the organization's global impact and reputation.







    Further Info:







    EU Court Again Rules That NSA Spying Makes U.S. Companies Inadequate for Privacy: https://www.eff.org/deeplinks/2020/07/eu-court-again-rules-nsa-spying-makes-us-companies-inadequate-privacyDonate to EFF: https://supporters.eff.org/donate/join-eff-today

    • 41 min
    The Pros & Cons of Antivirus Software

    The Pros & Cons of Antivirus Software

    When most people think of protecting their computers, they think of antivirus software. Viruses are a real problem, of course, but how well do antivirus (AV) apps protect you? And are there any downsides to using AV software? Turns out there are plenty - so many that the cons probably outweigh the pros for most people, on Apple Mac or on Windows PC. Don't believe me? Listen to this show and then decide.







    In other news: Google is finally bringing its Google One storage app to iOS, but don't use it; Netgear has declared that at least 45 of their highly vulnerably routers will never be fixed; and if you've purchased anything from Amazon, you have a public profile - and you should review what others can see about you.







    Further Info:







    Cryptomator: https://cryptomator.org/Sync.com secure cloud storageNetgear routers you should get rid of: https://www.tomsguide.com/news/netgear-routers-no-fixesMy "pros & cons of AV" article: https://firewallsdontstopdragons.com/the-pros-and-cons-of-anti-virus-software/

    • 42 min
    The Great Twitter Hack

    The Great Twitter Hack

    Last week, Twitter was massively hacked - apparently just to launch a Bitcoin scam (though that story is still developing). Famous people's accounts were taken over, including Joe Biden, Barack Obama, Bill Gates, Elon Musk and several popular brand name accounts. (President Trump's account was not taken over due to enhanced security measures.) But beyond the details of the hack, we need to look at the bigger picture and what this hack should be telling us about these totally unregulated social media giants with zero accountability. We'll dig into that in today's show.







    In other news: account credential dumps have significantly increased on the dark web, including over 140 million MGM Resort creds; Windows 10 suffers another maddening bug, but there's a workaround; Signal has stirred up a lot of controversy with a recent change; a massive wifi router study revealed widespread security problems; and I'll go over some of the cool new privacy features coming in iOS 14 and macOS Big Sur.







    Further Info:







    Windows 10 "No Internet Connection" workaround: https://lifehacker.com/how-to-fix-windows-10s-latest-no-internet-connection-bu-1844458254 Fraunhofer Institute router security report: https://github.com/fkie-cad/embedded-evaluation-corpus/blob/master/2020/FKIE-HRS-2020.md

    • 54 min
    Your Money or Your Data (part 2)

    Your Money or Your Data (part 2)

    In the second part of my interview with Renee Dudley from ProPublica, we delve into the cyber insurance and ransomware incident response industries, including how some of these companies are being less than forthcoming about their services. In fact, it appears that several "incident response" companies are simply paying the ransom and then charging companies a fee on top of that. We'll talk about how cyber insurance works and how to decide whether or not it's for you. And Renee will also give us some tips on choosing an incident response firm and what red flags to watch out for.







    Renee Dudley is a tech reporter at ProPublica. Before joining ProPublica in 2018, she was a member of the enterprise team at Reuters, where she reported extensively on issues with college-entrance exams. Before joining Reuters in 2015, she worked as a reporter in New York for Bloomberg News and in South Carolina for The (Charleston) Post and Courier and The (Hilton Head) Island Packet. At Bloomberg, she uncovered questionable accounting and unauthorized sales practices at Walmart Inc. In Charleston, her reporting led to the indictment and resignation of South Carolina’s most powerful politician. She received the Society of Professional Journalists’ Pulliam Award in 2010 for her work upholding First Amendment rights while reporting for The Island Packet.







    Further Information:







    ProPublica on ransomware: https://www.propublica.org/article/the-extortion-economy-how-insurance-companies-are-fueling-a-rise-in-ransomware-attacksMike Gillespie to the rescue: https://www.propublica.org/article/the-ransomware-superhero-of-normal-illinoisID Ransomware: https://id-ransomware.malwarehunterteam.com/No More Ransom: https://www.nomoreransom.org/Bleeping Computer: https://www.bleepingcomputer.com/

    • 32 min
    Your Money or Your Data (part 1)

    Your Money or Your Data (part 1)

    Unless you've been living under a rock, you know that ransomware is one of the most common and most lucrative cybersecurity rackets today. But despite all the press, ransomware is massively under-reported because companies don't want bad press. And in most cases, unless it can be proven that data was actually stolen, companies are under no legal obligation to inform the data subjects (you) of these hacks. In part one of my interview with Renee Dudley from ProPublica, we'll discuss the current state of the ransomware problem and the emergence of cyber insurance and incident response companies to deal with the threat and recover from attacks. And we'll also see that not all players are above board about what they do.







    Renee Dudley is a tech reporter at ProPublica. Before joining ProPublica in 2018, she was a member of the enterprise team at Reuters, where she reported extensively on issues with college-entrance exams. Before joining Reuters in 2015, she worked as a reporter in New York for Bloomberg News and in South Carolina for The (Charleston) Post and Courier and The (Hilton Head) Island Packet. At Bloomberg, she uncovered questionable accounting and unauthorized sales practices at Walmart Inc. In Charleston, her reporting led to the indictment and resignation of South Carolina’s most powerful politician. She received the Society of Professional Journalists’ Pulliam Award in 2010 for her work upholding First Amendment rights while reporting for The Island Packet.







    Further Information:







    ProPublica on ransomware: https://www.propublica.org/article/the-extortion-economy-how-insurance-companies-are-fueling-a-rise-in-ransomware-attacksMike Gillespie to the rescue: https://www.propublica.org/article/the-ransomware-superhero-of-normal-illinoisID Ransomware: https://id-ransomware.malwarehunterteam.com/No More Ransom: https://www.nomoreransom.org/Bleeping Computer: https://www.bleepingcomputer.com/

    • 33 min
    TikTok Boom

    TikTok Boom

    TikTok is the hot new social media service (Snapchat and Instragram are so last year), particularly in Asian countries like India. But India just banned this and several other apps from China over privacy concerns - and I have a feeling they won't be the last. The TikTok app was just revealed to be copying the user's clipboard contents every few seconds for some completely unknown reason (and TikTok's explanation was lame). While it has supposedly "fixed" this, another researcher claims to have reverse engineered the TikTok app and found that it's pulling all sorts of other user data - enough to put Facebook and Google to shame. Short answer? Delete this app.







    And there's a ton of other news this week: Zoom changes course on end-to-end encryption for free users, with a couple catches; I have more info on the recent Netgear router vulnerability affecting dozens of their products; Adobe Flash will be erased from the Earth by year's end; Oracle's BlueKai data mining subsidiary left a ton of personal data exposed with no password; Sen. Sherrod Brown (D-Ohio) has a wonderful privacy proposal that will probably never pass Congress; new Mac malware uses a trick to get around Apple's app security; Microsoft shoves its new Edge browser down its users' virtual throats; and Comcast is the first ISP to qualify for Mozilla's Trusted Recursive Resolver program (DNS over HTTPS) and might switch out Cloudflare without asking you.







    Further Info:







    Netgear router fix info:https://bit.ly/netgear-fixhttps://bit.ly/netgear-passwords Humble Bundle - LAST CHANCE! https://www.humblebundle.com/books/protect-your-stuff-apress-books

    • 53 min

Customer Reviews

5.0 out of 5
24 Ratings

24 Ratings

Kodos For Prez ,

Very helpful advice for increasing your cybersecurity and protecting your privacy

I discovered this podcast online a few months ago. Thanks to Carey Parker's advice on how to improve cybersecurity and protect user privacy, I have added a VPN service, I use a password manager, and I am using an encrypted email service. I'm steadily extracting myself from Google's prying eyes, as I have been using DuckDuckGo for 6 months or so. I've also ditched Chrome for Firefox with Carey's recommended add-ons (Privacy Badger, HTTPS Everywhere, U-block Origin, DuckDuckGo Privacy Essentials, and Decentraleyes). I also ditched Comcast's router and bought my own. Next on the list is backing everything up with an online backup service. There's lots to be done, but Carey helps you along the way with simple advice that non-techies can understand and apply. His book Firewalls Don't Stop Dragons is another valuable resource to use in combination with this podcast. Thanks for helping us all, Carey! I feel like I'm well on the path to improved cybersecurity and privacy.

Saph2016 ,

Good Info

Very grateful for the advice, enjoy the interviews, keep up the great work!

Firewalls and Dragons ,

Great Podcast

Well done Carey Parker! I am far from tech savvy, but I love this podcast. Each episode is well formatted with current news on security and privacy issues, great interviews and usefull tips for safe internet roaming. Keep up the good work Carey.

Top Podcasts In Technology

Listeners Also Subscribed To